Lucene search
K

4330 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

A denial-of-service issue was detected, possibly due to a recursive locking scenario, which led to a deadlock in the tableclear function in drivers/md/dm-ioctl.c within the Linux Kernel Device Mapper-Multipathing sub-component...

4.4CVSS6.6AI score0.00223EPSS
Exploits0References2
CVE
CVE
added 2026/06/18 1:47 p.m.21 views

CVE-2026-42489

CVE-2026-42489 / 42490 (Xen) : The Xen domctl mechanism used to create/manage guests relies on a system-wide lock whose acquisition lacks fairness. In environments using XSM/Flask, some operations may acquire this lock before permission checks, creating a potential abuse window. Documents do not ...

5.3CVSS5.2AI score0.00078EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/17 1:24 p.m.5 views

kernel: netfilter: ctnetlink: ensure safe access to master conntrack

A flaw was found in the netfilter: ctnetlink component of the Linux kernel. This vulnerability occurs due to insufficient locking when accessing the master conntrack object, allowing it to become invalid while still being referenced. A local attacker could potentially exploit this race condition,...

7.8CVSS5.3AI score0.00096EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/17 12:5 p.m.10 views

kernel: netfilter: ctnetlink: ensure safe access to master conntrack

A flaw was found in the netfilter: ctnetlink component of the Linux kernel. This vulnerability occurs due to insufficient locking when accessing the master conntrack object, allowing it to become invalid while still being referenced. A local attacker could potentially exploit this race condition,...

7.8CVSS5.4AI score0.00096EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/17 9:22 a.m.8 views

kernel: netfilter: ctnetlink: ensure safe access to master conntrack

A flaw was found in the netfilter: ctnetlink component of the Linux kernel. This vulnerability occurs due to insufficient locking when accessing the master conntrack object, allowing it to become invalid while still being referenced. A local attacker could potentially exploit this race condition,...

7.8CVSS5.3AI score0.00096EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/17 6:53 a.m.6 views

kernel: netfilter: ctnetlink: ensure safe access to master conntrack

A flaw was found in the netfilter: ctnetlink component of the Linux kernel. This vulnerability occurs due to insufficient locking when accessing the master conntrack object, allowing it to become invalid while still being referenced. A local attacker could potentially exploit this race condition,...

7.8CVSS5.3AI score0.00096EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/17 1:20 a.m.5 views

kernel: netfilter: ctnetlink: ensure safe access to master conntrack

A flaw was found in the netfilter: ctnetlink component of the Linux kernel. This vulnerability occurs due to insufficient locking when accessing the master conntrack object, allowing it to become invalid while still being referenced. A local attacker could potentially exploit this race condition,...

7.8CVSS5.3AI score0.00096EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/15 10:14 p.m.4 views

Security Bulletin: MongoDB Enterprised Advanced affected by: Improper Locking, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CVE-2026-22735, CVE-2026-22737)

Summary There are vulnerabilities in spring-web-6.2.15.jar, spring-webmvc-6.2.15.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2026-22735, CVE-2026-22737. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2026-22735 DESCRIPTION: Spring MVC and WebFlux...

5.9CVSS5.1AI score0.00385EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/15 10:14 p.m.5 views

Security Bulletin: MongoDB Enterprised Advanced affected by: Improper Locking (CVE-2026-22735)

Summary There are vulnerabilities in spring-web-6.2.15.jar, spring-webmvc-6.2.15.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2026-22735. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2026-22735 DESCRIPTION: Spring MVC and WebFlux applications are...

2.6CVSS4.9AI score0.00112EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/06/12 7:16 a.m.15 views

CVE-2026-9269

The Secure Copy Content Protection and Content Locking WordPress plugin before 5.1.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...

3.5CVSS0.00145EPSS
Exploits0References1
CVE
CVE
added 2026/06/12 6:0 a.m.66 views

CVE-2026-9269

The CVE pertains to the WordPress plugin “Secure Copy Content Protection and Content Locking” prior to version 5.1.5, which fails to sanitize and escape certain settings. This enables Stored XSS for high-privilege users (e.g., admin), even when unfiltered_html is disallowed (such as in multisite ...

3.5CVSS5.2AI score0.00145EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/12 6:0 a.m.30 views

CVE-2026-9269 Secure Copy Content Protection and Content Locking < 5.1.5 - Admin+ Stored XSS via ays_sccp_sub_icon_image Parameter

The Secure Copy Content Protection and Content Locking WordPress plugin before 5.1.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...

0.00145EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/11 11:39 a.m.6 views

kernel: netfilter: ctnetlink: ensure safe access to master conntrack

A flaw was found in the netfilter: ctnetlink component of the Linux kernel. This vulnerability occurs due to insufficient locking when accessing the master conntrack object, allowing it to become invalid while still being referenced. A local attacker could potentially exploit this race condition,...

7.8CVSS5.4AI score0.00096EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2026/06/11 2:6 a.m.61 views

Exploit for Improper Authentication in Pocketbase

CVE-2026-44166 — PocketBase OAuth2 Account Pre-Hijacking Self...

7.6CVSS5.4AI score0.00247EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/06/09 4:51 p.m.8 views

CVE-2026-46327

A flaw was found in the Linux kernel's device mapper dm component. The dmblkreportzones function performs a check for the device's suspended state without proper locking. This allows the device to enter a suspended state immediately after the check, leading to an inconsistent state. This...

7.8CVSS5.4AI score0.0012EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/06/09 2:20 a.m.7 views

SUSE CVE-2026-46311

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: fix access to stale wptr mapping Use drmexec to take both locks i.e vm root bo and wptrobj bo to access the mapping data properly. This fixes the security issue of unmap the wptrobj while a queue creation is in...

7CVSS5.4AI score0.00112EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of the dmblkreportzones function to test the suspended state of devices without holding a...

7.8CVSS5.3AI score0.0012EPSS
Exploits0References1
NVD
NVD
added 2026/06/08 5:16 p.m.16 views

CVE-2026-46311

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: fix access to stale wptr mapping Use drmexec to take both locks i.e vm root bo and wptrobj bo to access the mapping data properly. This fixes the security issue of unmap the wptrobj while a queue creation is in...

7.8CVSS0.00112EPSS
Exploits0References2
NVD
NVD
added 2026/06/08 5:16 p.m.12 views

CVE-2026-46304

In the Linux kernel, the following vulnerability has been resolved: nvmet: avoid recursive nvmet-wq flush in nvmetctrlfree nvmettcpreleasequeuework runs on nvmet-wq and can drop the final controller reference through nvmetcqput. If that triggers nvmetctrlfree, the teardown path flushes...

7.5CVSS0.00389EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/08 3:50 p.m.10 views

EUVD-2026-35121

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: fix access to stale wptr mapping Use drmexec to take both locks i.e vm root bo and wptrobj bo to access the mapping data properly. This fixes the security issue of unmap the wptrobj while a queue creation is in...

5.4AI score0.00112EPSS
Exploits0References2
Rows per page
Query Builder