Lucene search
K

22097 matches found

CVE
CVE
added 2026/06/25 8:39 a.m.8 views

CVE-2026-53187

The CVE-2026-53187 issue affects the Linux kernel RDMA/core: the cpu_id supplied via UVERBS_ATTR_ALLOC_DMAH_CPU_ID is passed to cpumask_test_cpu() without validating it against nr_cpu_ids, leading to an out-of-bounds read of the cpumask bitmap. On kernels built with CONFIG_DEBUG_PER_CPU_MAPS this...

7.1CVSS5.7AI score0.00129EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 8:39 a.m.3 views

EUVD-2026-39278

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate cpuid against nrcpuids in DMAH alloc The cpuid attribute supplied by user space through UVERBSATTRALLOCDMAHCPUID is passed directly to cpumasktestcpu without first verifying that the value is within the valid...

5.7AI score0.00129EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.25 views

CVE-2026-53187 RDMA/core: Validate cpu_id against nr_cpu_ids in DMAH alloc

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate cpuid against nrcpuids in DMAH alloc The cpuid attribute supplied by user space through UVERBSATTRALLOCDMAHCPUID is passed directly to cpumasktestcpu without first verifying that the value is within the valid...

7.1CVSS0.00129EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 8:39 a.m.4 views

EUVD-2026-39279

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate the passed in fops for ibgetucaps Sashiko pointed out it is not safe to rely only on the devt because char/block alias so if the user finds a block device with the same devt it can masquerade as a ucap cdev fd...

5.8AI score0.00136EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.4 views

CVE-2026-53187

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate cpuid against nrcpuids in DMAH alloc The cpuid attribute supplied by user space through UVERBSATTRALLOCDMAHCPUID is passed directly to cpumasktestcpu without first verifying that the value is within the valid...

7.1CVSS5.6AI score0.00129EPSS
Exploits0
Circl
Circl
added 2026/06/25 5:45 a.m.7 views

CVE-2026-0934

creationtimestamp| type| source ---|---|--- 2026-06-25 05:45:05+00:00| seen| https://www.hkcert.org/security-bulletin/gitlab-multiple-vulnerabilities20260625 2026-06-25 06:35:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mp3stwxgka2z 2026-06-25 12:00:27+00:00| seen|...

3.8CVSS5.8AI score0.00201EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.11 views

PT-2026-52553

Name of the Vulnerable Software and Affected Versions CANBoat versions prior to 6.23 Description An off-by-one global buffer overflow exists in the searchForPgn function within the analyzer/pgn.c file. A remote attacker can trigger an out-of-bounds array access and cause a denial of service,...

7.3CVSS6.1AI score0.00215EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-52969

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: Reject wrapped offset in kvmresetdirtygfn kvmresetdirtygfn guards the gfn range with if !memslot || offset + flsmask = memslot-npages return; but offset is...

7CVSS5.8AI score0.00147EPSS
Exploits0References3
Circl
Circl
added 2026/06/24 7:0 p.m.6 views

CVE-2026-53123

creationtimestamp| type| source ---|---|--- 2026-06-24 19:00:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mp2lzehjqo2f...

5.8AI score0.00171EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 6:32 p.m.4 views

EUVD-2026-38837

In the Linux kernel, the following vulnerability has been resolved: KVM: Reject wrapped offset in kvmresetdirtygfn kvmresetdirtygfn guards the gfn range with if !memslot || offset + flsmask = memslot-npages return; but offset is u64 and the addition is unchecked. The check can be silently bypasse...

5.7AI score0.00147EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/24 6:32 p.m.7 views

EUVD-2026-38807

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input in the Number Card component...

4.6CVSS5.8AI score0.00256EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 6:32 p.m.5 views

EUVD-2026-38806

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to unsafe evaluation of user-controlled data in the Number Card component...

4.6CVSS5.9AI score0.00256EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 4:29 p.m.4 views

EUVD-2026-38911

In the Linux kernel, the following vulnerability has been resolved: ocfs2/dlm: validate qrnumregions in dlmmatchregions Patch series "ocfs2/dlm: fix two bugs in dlmmatchregions". In dlmmatchregions, the qrnumregions field from a DLMQUERYREGION network message is used to drive loops over the...

5.9AI score0.00521EPSS
Exploits0References8
CVE
CVE
added 2026/06/24 4:28 p.m.7 views

CVE-2026-52969

CVE-2026-52969 affects the Linux kernel KVM component. The vulnerability stems from an unchecked u64 addition in kvm_reset_dirty_gfn(), where the guard if (!memslot || (offset + __fls(mask)) >= memslot->npages) can be bypassed due to offset being 64‑bit. This can allow an out-of-bounds load...

7CVSS5.7AI score0.00147EPSS
Exploits0References10
NVD
NVD
added 2026/06/24 4:16 p.m.8 views

CVE-2026-50711

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input in the Number Card component...

4.6CVSS0.00256EPSS
Exploits0References2
NVD
NVD
added 2026/06/24 4:16 p.m.8 views

CVE-2026-50710

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to unsafe evaluation of user-controlled data in the Number Card component...

4.6CVSS0.00256EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 3:18 p.m.11 views

CVE-2026-50711

CVE-2026-50711 affects Frappe Framework (17.0.0-dev). A Stored XSS exists in the Number Card component due to improper neutralization of user-controlled input. The connected documents confirm the vulnerability but do not specify exploit details, affected versions beyond 17.0.0-dev, or remediation...

4.6CVSS5.8AI score0.00256EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.11 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Limit numsyncs to prevent oversized allocations. The OA open parameters did not validate numsyncs, allowing userspace to pass arbitrarily large values, potentially leading to excessive allocations. A check was added to...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: preventing dereferencing of ZEROSIZEPTR when numifs is zero The driver allocates arrays for ports, FDBs, and filter blocks using kcalloc, with ethsw-swattr.numifs as the element count. When the device reports zero...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 3:8 p.m.8 views

CVE-2026-50710

CVE-2026-50710 affects Frappe Framework 17.0.0-dev with a Stored XSS in the Number Card filters_config due to unsafe evaluation of user-controlled data. The root cause is evaluating user-provided data in the Number Card component, enabling script injection. Public references are to Fluid Attacks ...

4.6CVSS5.9AI score0.00256EPSS
Exploits0References2
Rows per page
Query Builder