Lucene search
K

217 matches found

OSV
OSV
added 2026/06/26 9:1 p.m.6 views

GHSA-V2JF-442R-6MJH nebula-mesh: Signed-poll nonce LRU is in-memory and bounded; replay survives restart + eviction

internal/api/pop/nonce.go:25,40,86 + internal/api/server.go:38 — the signed-poll nonce cache is an in-process LRU sized at 65,536 entries. internal/api/updates.go:31 sets pollClockSkew = 5 time.Minute as the replay window. Affected All released versions through v0.3.0 that have shipped the ADR 00...

6.9CVSS5.8AI score
Exploits0References2
EUVD
EUVD
added 2026/06/24 6:32 p.m.6 views

EUVD-2026-38894

In the Linux kernel, the following vulnerability has been resolved: NFSD: fix nfs4file access extra count in nfsd4addrdaccesstowrdeleg In nfsd4addrdaccesstowrdeleg, if fp-fifdsORDONLY is already set by another thread, nfs4filegetaccess should not be called to increment the nfs4file access count...

5.7AI score0.00432EPSS
Exploits0References4
CVE
CVE
added 2026/06/24 4:29 p.m.11 views

CVE-2026-53026

This CVE concerns Linux kernel NFSD: in nfsd4_add_rdaccess_to_wrdeleg, an extra nfs4_file access count may be incremented by multiple threads, preventing the corresponding nfsd_file from being freed and triggering a BUG during kmem_cache_destroy() when stopping the nfs-server. Descriptions across...

7.5CVSS5.7AI score0.00432EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/24 4:29 p.m.25 views

CVE-2026-53026 NFSD: fix nfs4_file access extra count in nfsd4_add_rdaccess_to_wrdeleg

In the Linux kernel, the following vulnerability has been resolved: NFSD: fix nfs4file access extra count in nfsd4addrdaccesstowrdeleg In nfsd4addrdaccesstowrdeleg, if fp-fifdsORDONLY is already set by another thread, nfs4filegetaccess should not be called to increment the nfs4file access count...

7.5CVSS0.00432EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 12:5 p.m.4 views

RLSA-2026:27842 Important: memcached security update

memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load. Security Fixes: memcached: memcached: Username enumeration via timing side channel CVE-2026-47783 For more detai...

8.1CVSS5.8AI score0.01312EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-51920

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the nfsd4 add rdaccess to wrdeleg function where the nfs4 file get access function may be incorrectly called to increment the nfs4 file access count if fp-fi fdsO RDON...

7.5CVSS5.7AI score0.00432EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/05/31 1:32 a.m.29 views

SUSE CVE-2026-46242

In the Linux kernel, the following vulnerability has been resolved: eventpoll: fix epremove struct eventpoll / struct file UAF epremove via epremovefile cleared file-fep under file-flock but then kept using @file inside the critical section isfileepoll, hlistdelrcu through the head, spinunlock. A...

7.8CVSS5.8AI score0.00124EPSS
Exploits1References4
EUVD
EUVD
added 2026/05/26 4:58 p.m.13 views

EUVD-2026-31904

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module modmemcache...

7.5CVSS5.8AI score0.00359EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/04/30 10:20 a.m.87 views

Exploit for CVE-2026-31431

CVE-2026-31431 Copy Fail Exploit A Linux kernel page cache co...

7.8CVSS7.4AI score0.96267EPSS
Exploits228
NVD
NVD
added 2026/02/18 4:22 p.m.10 views

CVE-2025-71232

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Free sp in error path to fix system crash System crash seen during load/unload test in a loop, 61110.449331 qla2xxx 0000:27:00.0-0042:0: Disabled MSI-X. 61110.467494...

5.5CVSS0.00118EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/02/13 1:30 a.m.7 views

CVE-2026-25999

Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to 2.10.2, there is an improper access control vulnerability that allows unauthorized users to trigger a reset or deletion of metadata for any tenant. By sending a crafted request to the /resetMemoryCache endpoint,...

7.1CVSS5.6AI score0.00265EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/11 9:0 p.m.6 views

CVE-2026-25999

Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to 2.10.2, there is an improper access control vulnerability that allows unauthorized users to trigger a reset or deletion of metadata for any tenant. By sending a crafted request to the /resetMemoryCache endpoint,...

7.1CVSS5.6AI score0.00265EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/02/11 9:0 p.m.30 views

CVE-2026-25999 Klaw has an improper authorisation check on /resetMemoryCache

Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to 2.10.2, there is an improper access control vulnerability that allows unauthorized users to trigger a reset or deletion of metadata for any tenant. By sending a crafted request to the /resetMemoryCache endpoint,...

7.1CVSS0.00265EPSS
Exploits0References3
OSV
OSV
added 2026/02/11 9:0 p.m.6 views

CVE-2026-25999 Klaw has an improper authorisation check on /resetMemoryCache

Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to 2.10.2, there is an improper access control vulnerability that allows unauthorized users to trigger a reset or deletion of metadata for any tenant. By sending a crafted request to the /resetMemoryCache endpoint,...

7.1CVSS5.6AI score0.00265EPSS
Exploits0References5
CVE
CVE
added 2026/02/11 9:0 p.m.17 views

CVE-2026-25999

Klaw (self-service Apache Kafka Topic Management/Governance tool) contains an improper access control vulnerability prior to v2.10.2 that allows an unauthorized user to trigger a reset or deletion of metadata for any tenant by calling the /resetMemoryCache endpoint. The CVE notes the impact as hi...

7.1CVSS5.6AI score0.00265EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.9 views

PT-2026-7718

Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to 2.10.2, there is an improper access control vulnerability that allows unauthorized users to trigger a reset or deletion of metadata for any tenant. By sending a crafted request to the /resetMemoryCache endpoint,...

7.1CVSS5.6AI score0.00265EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/01/16 12:26 a.m.8 views

SUSE CVE-2025-71105

In the Linux kernel, the following vulnerability has been resolved: f2fs: use global inlinexattrslab instead of per-sb slab cache As Hong Yun reported in mailing list: loop7: detected capacity change from 0 to 131072 ------------ cut here ------------ kmemcache of name 'f2fsxattrentry-7:7' alread...

5.5CVSS6.4AI score0.00123EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/01/14 3:5 p.m.3 views

CVE-2025-71105

In the Linux kernel, the following vulnerability has been resolved: f2fs: use global inlinexattrslab instead of per-sb slab cache As Hong Yun reported in mailing list: loop7: detected capacity change from 0 to 131072 ------------ cut here ------------ kmemcache of name 'f2fsxattrentry-7:7' alread...

5.3AI score0.00123EPSS
Exploits0References8Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 12:27 p.m.8 views

CVE-2018-12438

The Elliptic Curve Cryptography library aka sunec or libsunec allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the...

4.9CVSS6.5AI score0.00464EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:27 p.m.11 views

CVE-2018-12434

LibreSSL before 2.6.5 and 2.7.x before 2.7.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attacker needs access to either the local machine or a different virtual machine on the same physical ho...

4.7CVSS6.3AI score0.00321EPSS
Exploits0References1
Rows per page
Query Builder