Lucene search
K

675 matches found

Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.29 views

PT-2026-50870

Name of the Vulnerable Software and Affected Versions Cloudflare Quiche versions prior to 0.29.2 Description Two use-after-free issues exist in the connection ID iterator FFI Foreign Function Interface functions. The functions quiche connection id iter next and quiche conn retired scid next retur...

5.6CVSS5.8AI score0.0017EPSS
Exploits0References6
RubySec
RubySec
added 2026/06/19 12:0 a.m.7 views

Oj - Use-After-Free in Oj::Doc Iterators via Reentrant Close

Summary Oj::Doc iterators eachvalue, eachchild, eachleaf are vulnerable to a heap use-after-free. When a Ruby block yielded during iteration calls doc.close or d.close, the document's heap memory is freed while the C iterator is still running. When control returns from the block, the iterator rea...

2.1CVSS5.8AI score0.00117EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/15 8:36 a.m.15 views

CVE-2026-48096

A flaw was found in OpenFGA, an authorization/permission engine. When iterator caching is enabled, distinct authorization check requests can generate identical cache keys. This can cause OpenFGA to reuse an outdated or incorrect cached result for subsequent requests. Such a flaw may lead to...

5.3CVSS5.2AI score0.00101EPSS
Exploits0References5
OSV
OSV
added 2026/06/12 7:32 p.m.18 views

GHSA-36HH-V3QG-5JQ4 PyO3 has an Out-of-bounds Read in `nth` / `nth_back` for `PyList` and `PyTuple` iterators

PyO3 0.24.0 added optimized implementations of Iterator::nth and DoubleEndedIterator::nthback for the BoundListIterator and BoundTupleIterator types. These implementations computed the target index using unchecked usize addition index + n before bounds-checking against the sequence length, then...

8.7CVSS5.7AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/12 7:32 p.m.20 views

PyO3 has an Out-of-bounds Read in `nth` / `nth_back` for `PyList` and `PyTuple` iterators

PyO3 0.24.0 added optimized implementations of Iterator::nth and DoubleEndedIterator::nthback for the BoundListIterator and BoundTupleIterator types. These implementations computed the target index using unchecked usize addition index + n before bounds-checking against the sequence length, then...

5.6AI score
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/06/11 8:28 p.m.11 views

EUVD-2026-36061

OpenFGA has cache-key delimiter injection in shared-iterator and v2 iterator that caches enables intra-store authorization-decision poisoning...

5.3CVSS5.5AI score0.00101EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/11 8:28 p.m.12 views

OpenFGA has cache-key delimiter injection in shared-iterator and v2 iterator that caches enables intra-store authorization-decision poisoning

Description In OpenFGA, when iterator caching is enabled, two distinct check requests can produce the same cache key, leading to OpenFGA reusing an earlier cached result for a subsequent request. Preconditions This applies if the following preconditions are present: - FGA runs with...

5.3CVSS5.5AI score0.00101EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/06/11 8:28 p.m.7 views

GHSA-8396-JFFM-QX4W OpenFGA has cache-key delimiter injection in shared-iterator and v2 iterator that caches enables intra-store authorization-decision poisoning

Description In OpenFGA, when iterator caching is enabled, two distinct check requests can produce the same cache key, leading to OpenFGA reusing an earlier cached result for a subsequent request. Preconditions This applies if the following preconditions are present: - FGA runs with...

5CVSS5.5AI score0.00101EPSS
Exploits0References4
NVD
NVD
added 2026/06/10 4:17 p.m.10 views

CVE-2026-48096

OpenFGA is an authorization/permission engine built for developers. Prior to version 1.16.0, when iterator caching is enabled, two distinct check requests can produce the same cache key, leading to OpenFGA reusing an earlier cached result for a subsequent request. This issue has been patched in...

5.3CVSS0.00101EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/10 3:9 p.m.10 views

CVE-2026-48096 OpenFGA: Cache-key delimiter injection in openfga/openfga shared-iterator and v2 iterator caches enables intra-store authorization-decision poisoning

OpenFGA is an authorization/permission engine built for developers. Prior to version 1.16.0, when iterator caching is enabled, two distinct check requests can produce the same cache key, leading to OpenFGA reusing an earlier cached result for a subsequent request. This issue has been patched in...

5CVSS5.3AI score0.00101EPSS
Exploits0References2
CVE
CVE
added 2026/06/10 12:37 p.m.30 views

CVE-2026-49496

Ghidra

6.9CVSS5.5AI score0.00169EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.18 views

OpenFGA 数据伪造问题漏洞

OpenFGA is an open-source authorization/licensing engine built for developers, inspired by Google Zanzibar. Versions of OpenFGA prior to 1.16.0 had a data manipulation vulnerability. This vulnerability arises from the possibility that two different check requests may generate the same cache key...

5.3CVSS5.2AI score0.00101EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.15 views

PT-2026-48462

Name of the Vulnerable Software and Affected Versions OpenFGA versions prior to 1.16.0 Description When iterator caching is enabled, specifically with SharedIteratorCache and ListObjectsIteratorCache, two distinct check requests can produce the same cache key. This causes the system to reuse a...

5.3CVSS5.5AI score0.00101EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/04 3:55 p.m.47 views

kernel: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al

In the Linux kernel, the following vulnerability has been resolved: proc: use the same treatment to check proclseek as ones for procreaditer et.al Check pde-procops-proclseek directly may cause UAF in rmmod scenario. It's a gap in procregopen after commit 654b33ada4ab"proc: fix UAF in...

7.8CVSS5.8AI score0.00153EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.15 views

PT-2026-44350

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free or type confusion issue exists in the SCTP implementation of the Linux kernel. In the sctp sendmsg function, the SCTP SENDALL path iterates through associations using li...

7.8CVSS5.9AI score0.00104EPSS
Exploits0
CVE
CVE
added 2026/05/27 12:17 p.m.25 views

CVE-2026-45937

The CVE-2026-45937 entry concerns the Linux kernel crypto driver inside-secure/eip93. During driver detach, a programming error unregisters the same hash algorithm multiple times due to a faulty iterator, leading to a kernel panic. The vulnerability affects the kernel code path handling driver de...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References3Affected Software1
RedHat Linux
RedHat Linux
added 2026/05/27 5:41 a.m.20 views

kernel: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al

In the Linux kernel, the following vulnerability has been resolved: proc: use the same treatment to check proclseek as ones for procreaditer et.al Check pde-procops-proclseek directly may cause UAF in rmmod scenario. It's a gap in procregopen after commit 654b33ada4ab"proc: fix UAF in...

7.8CVSS5.8AI score0.00153EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an iterator error during driver separation in the crypto/inside-secure/eip93 module. This error...

5.8AI score0.00121EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.13 views

PT-2026-43804

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A kernel panic can occur during driver detach in the inside-secure/eip93 crypto component. This happens because a wrong iterator causes the same hash algorithm to be unregistered multipl...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References12
NVD
NVD
added 2026/05/21 12:16 p.m.18 views

CVE-2026-43494

In the Linux kernel, the following vulnerability has been resolved: net/rds: reset opnents when zerocopy page pin fails When iovitergetpages2 fails in rdsmessagezcopyfromuser, the pinned pages are released with putpage, and rm-data.opmmpznotifier is cleared. But we fail to properly clear...

7.8CVSS0.00269EPSS
Exploits3References13
Rows per page
Query Builder