Lucene search
K

18 matches found

NVD
NVD
added 3 days ago5 views

CVE-2026-59223

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, WEBFETCHFILTERLIST matching compared configured host entries against URL strings and non-label-boundary suffixes, allowing path-based blocklist bypasses such as !internal.example.com in a URL pa...

4.3CVSS0.00223EPSS
Exploits0References4
Debian CVE
Debian CVE
added 4 days ago4 views

CVE-2026-59879

Immutable.js provides many Persistent Immutable data structures. Prior to 4.3.9 and 5.1.8, Listset, ListsetSize, ListsetIn, ListupdateIn, and the functional set, setIn, and updateIn mishandle an index or size in the range 2 30 to 2 31 in setListBounds in src/List.js, causing an empty List to ente...

8.7CVSS6AI score0.0037EPSS
Exploits1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: kcm: fixed zero-frag skb in fraglist in case of partial sendmsg errors Syzkaller reported a warning in kcmwritemsgs when processing a message with a zero-fragment skb in the fraglist. When kcmsendmsg fills MAXSKBFRAGS fragments i...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/23 12:0 a.m.3 views

Siemens SIMATIC S7-1500 Missing Release of Memory after Effective Lifetime (CVE-2025-38124)

In the Linux kernel, the following vulnerability has been resolved: net: fix udp gso skbsegment after pull from fraglist Commit a1e40ac5b5e9 net: gso: fix udp gso fraglist segmentation after pull from fraglist detected invalid geometry in fraglist skbs and redirects them from skbsegmentlist to mo...

5.5CVSS6.1AI score0.00148EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.4 views

Siemens SIMATIC S7-1500 Use After Free (CVE-2024-53165)

In the Linux kernel, the following vulnerability has been resolved: sh: intc: Fix use-after-free bug in registerintccontroller In the error handling for this function, d is freed without ever removing it from intclist which would lead to a use after free. To fix this, let's only add it to the lis...

7.8CVSS6.4AI score0.00246EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-52991

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: fix NULL pointer in skbsegmentlist Commit 3a1296a38d0c net: Support GRO/GSO fraglist...

5.5CVSS6.2AI score0.00246EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-21919

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix potential memory corruption in childcfsrqonlist childcfsrqonlist attempts to...

7.8CVSS6.3AI score0.00198EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/07/30 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates in the net:dsa:mv88e6xxx module when checking for an empty list using listfirstentry, listfirstentryornull...

6.1CVSS6.7AI score0.00233EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2024/07/05 12:0 a.m.8 views

PT-2024-29211

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.43 Description The issue is related to the ksmbd component in the Linux kernel, where the may open function does not allow a directory to be opened with write access. However, some writing flags set by the...

5.5CVSS5.4AI score0.00288EPSS
Exploits0
OSV
OSV
added 2024/04/04 9:15 a.m.6 views

UBUNTU-CVE-2024-26786

In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix ioptaccesslistid overwrite bug Syzkaller reported the following WARNON: WARNING: CPU: 1 PID: 4738 at drivers/iommu/iommufd/iopagetable.c:1360 Call Trace: iommufdaccesschangeioas+0x2fe/0x4e0...

5.5CVSS6.6AI score0.00222EPSS
Exploits0References5
Amazon
Amazon
added 2023/12/04 12:0 a.m.2 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: llc: verify mac len before reading mac header CVE-2023-52843 In the Linux kernel, the following vulnerability has been resolved: hsr: Prevent use after free in prpcreatetaggedframe CVE-2023-52846 In the Linux...

7.8CVSS6.2AI score0.00319EPSS
Exploits0
OSV
OSV
added 2021/08/20 11:3 a.m.2 views

OESA-2021-1314 fetchmail security update

Fetchmail is a remote mail retrieval and forwarding utility intended for use over on-demand TCP/IP links, like SLIP or PPP connections. Fetchmail supports every remote-mail protocol currently in use on the Internet POP2, POP3, RPOP, APOP, KPOP, all IMAPs, ESMTP ETRN, IPv6, and IPSEC for retrieval...

7.5CVSS7.5AI score0.0256EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2021/06/23 7:0 a.m.6 views

curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The selected cipher set was stored in a single "static" variable in the library which has the surprising side-effect that if an application sets up multiple concurrent transfers the last one that sets the ciphers will accidentally control the set used by all transfers. In a worst-case scenario this weakens transport security significantly.

...

5.3CVSS5.5AI score0.02979EPSS
Exploits1
OSV
OSV
added 2021/06/12 11:2 a.m.4 views

OESA-2021-1216 curl security update

cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPTSSLCIPHERLIST when...

5.3CVSS8.5AI score0.04385EPSS
Exploits2References3
OSV
OSV
added 2020/06/11 3:15 p.m.3 views

CVE-2020-0191

In ih264dupdatedefaultindexlist of ih264ddpbmgr.c, there is a possible out of bounds read due to a logic error. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android...

6.5CVSS7AI score0.00768EPSS
Exploits0References1
OSV
OSV
added 2018/09/18 5:29 p.m.4 views

UBUNTU-CVE-2018-17175

In the marshmallow library before 2.15.1 and 3.x before 3.0.0b9 for Python, the schema "only" option treats an empty list as implying no "only" option, which allows a request that was intended to expose no fields to instead expose all fields if the schema is being filtered dynamically using the...

5.3CVSS5.8AI score0.01858EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2016/05/10 6:43 p.m.8 views

kernel: Mounting ext2 fs e2fsprogs/tests/f_orphan as ext4 crashes system

A flaw was found in the way the Linux kernel's ext4 file system driver handled non-journal file systems with an orphan list. An attacker with physical access to the system could use this flaw to crash the system or, although unlikely, escalate their privileges on the system...

4.9CVSS7.1AI score0.00405EPSS
Exploits0References4
OSV
OSV
added 2016/02/24 12:0 a.m.3 views

UBUNTU-CVE-2016-2545

The sndtimerinterrupt function in sound/core/timer.c in the Linux kernel before 4.4.1 does not properly maintain a certain linked list, which allows local users to cause a denial of service race condition and system crash via a crafted ioctl call...

5.1CVSS6.7AI score0.00347EPSS
Exploits0References13
Rows per page
Query Builder