Lucene search
K

1716 matches found

Fedora
Fedora
added 5 days ago8 views

[SECURITY] Fedora 44 Update: openssh-10.2p1-12.fc44

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

6.5CVSS6AI score0.00367EPSS
Exploits2
OSV
OSV
added 2026/06/30 11:29 a.m.2 views

OPENSUSE-SU-2026:21179-1 Security update for lrzip

This update for lrzip fixes the following issues: Changes in lrzip: - Update to version 0.660: Do not clean up thread structures in decompression failure conditions, fixing a use-after-free in lzmadecompressbuf and a NULL pointer dereference in ucompthread on corrupt/malicious archives...

7.8CVSS5.8AI score0.00243EPSS
Exploits3References6
CNVD
CNVD
added 2026/06/27 12:0 a.m.4 views

OpenBSD Resource Management Vulnerability (CNVD-2026-26371)

OpenBSD is a Unix-like operating system that focuses on security and code quality. There is a resource management vulnerability in OpenBSD. This vulnerability stems from the use of the syssem.get function in sys/kern/sysvsem.c, where a memory error occurs due to a context switch after tsleep. An...

7.8CVSS6AI score0.00116EPSS
Exploits0
NVD
NVD
added 2026/06/25 1:16 a.m.7 views

CVE-2026-57589

sys/kern/sysvsem.c in OpenBSD through 7.9 has a use-after-free allowing local privilege escalation to root. This is a context switch use-after-free after tsleep in syssemget...

7.8CVSS0.00116EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/25 12:33 a.m.4 views

CVE-2026-57589

sys/kern/sysvsem.c in OpenBSD through 7.9 has a use-after-free allowing local privilege escalation to root. This is a context switch use-after-free after tsleep in syssemget...

7.4CVSS5.8AI score0.00116EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 12:33 a.m.5 views

EUVD-2026-39156

sys/kern/sysvsem.c in OpenBSD through 7.9 has a use-after-free allowing local privilege escalation to root. This is a context switch use-after-free after tsleep in syssemget...

7.4CVSS5.8AI score0.00116EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/25 12:33 a.m.37 views

CVE-2026-57589

sys/kern/sysvsem.c in OpenBSD through 7.9 has a use-after-free allowing local privilege escalation to root. This is a context switch use-after-free after tsleep in syssemget...

7.4CVSS0.00116EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 12:33 a.m.50 views

CVE-2026-57589

The CVE-2026-57589 entry concerns OpenBSD (through 7.9) with a use-after-free in sys/kern/sysv_sem.c that enables a local privilege escalation to root . The root cause is a context switch use-after-free after tsleep in sys_semget(). This applies to the OpenBSD kernel code path handling System V s...

7.8CVSS5.8AI score0.00116EPSS
Exploits0References2Affected Software1
Packet Storm
Packet Storm
added 2026/06/22 12:0 a.m.53 views

📄 OpenBSD mpls_do_error Stack Disclosure

OpenBSD suffers from an mplsdoerror remote kernel stack disclosure vulnerability via an MPLS label stack. ------------------------------------------------------------------------ OpenBSD mplsdoerror: Remote Kernel Stack Disclosure via MPLS Label Stack Over-read...

6.9CVSS5.9AI score0.00423EPSS
Exploits2
NVD
NVD
added 2026/06/18 8:16 p.m.20 views

CVE-2026-56099

OpenBSD before commit 6a23123 2026-06-18 contains an out-of-bounds read vulnerability in the mplsdoerror function within sys/netmpls/mplsinput.c that allows remote attackers to disclose kernel stack memory by sending crafted MPLS frames with 16 labels and no Bottom-of-Stack bit set...

6.9CVSS0.00423EPSS
Exploits2References5
EUVD
EUVD
added 2026/06/18 7:29 p.m.15 views

EUVD-2026-37938

OpenBSD before commit 6a23123 2026-06-18 contains an out-of-bounds read vulnerability in the mplsdoerror function within sys/netmpls/mplsinput.c that allows remote attackers to disclose kernel stack memory by sending crafted MPLS frames with 16 labels and no Bottom-of-Stack bit set...

6.9CVSS5.3AI score0.00423EPSS
Exploits2References3
ATTACKERKB
ATTACKERKB
added 2026/06/18 7:29 p.m.7 views

CVE-2026-56099

OpenBSD before commit 6a23123 2026-06-18 contains an out-of-bounds read vulnerability in the mplsdoerror function within sys/netmpls/mplsinput.c that allows remote attackers to disclose kernel stack memory by sending crafted MPLS frames with 16 labels and no Bottom-of-Stack bit set...

6.9CVSS5.3AI score0.00423EPSS
Exploits2References4
Cvelist
Cvelist
added 2026/06/18 7:29 p.m.23 views

CVE-2026-56099 OpenBSD mpls_do_error Kernel Stack Memory Disclosure via MPLS Input

OpenBSD before commit 6a23123 2026-06-18 contains an out-of-bounds read vulnerability in the mplsdoerror function within sys/netmpls/mplsinput.c that allows remote attackers to disclose kernel stack memory by sending crafted MPLS frames with 16 labels and no Bottom-of-Stack bit set...

6.9CVSS0.00423EPSS
Exploits2References3
CVE
CVE
added 2026/06/18 7:29 p.m.28 views

CVE-2026-56099

OpenBSD before commit 6a23123 (2026-06-18) contains an out-of-bounds read in sys/netmpls/mpls_input.c:mpls_do_error, allowing remote disclosure of kernel stack memory by crafting MPLS frames with 16 labels and no Bottom-of-Stack bit. Affected component is the MPLS input handling path; root cause ...

6.9CVSS5.3AI score0.00423EPSS
Exploits2References5Affected Software1
EUVD
EUVD
added 2026/06/17 6:35 p.m.12 views

EUVD-2026-37521

sppppapinput in sys/net/ifspppsubr.c in OpenBSD before 076e2b1 allows authentication bypass via certain zero values for lengths...

5.8CVSS5.3AI score0.00211EPSS
Exploits1References5
NVD
NVD
added 2026/06/17 1:20 p.m.9 views

CVE-2026-55706

sppppapinput in sys/net/ifspppsubr.c in OpenBSD before 076e2b1 allows authentication bypass via certain zero values for lengths...

8.3CVSS0.00211EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/06/17 12:53 a.m.33 views

CVE-2026-55706

sppppapinput in sys/net/ifspppsubr.c in OpenBSD before 076e2b1 allows authentication bypass via certain zero values for lengths...

5.8CVSS0.00211EPSS
Exploits1References3
CVE
CVE
added 2026/06/17 12:53 a.m.34 views

CVE-2026-55706

CVE-2026-55706 affects the OpenBSD kernel component sppp_pap_input in sys/net/if_spppsubr.c, where authentication can be bypassed if certain lengths are zero. Affected versions are OpenBSD before the commit 076e2b1. The root cause is input length values being set to zero, enabling bypass of authe...

8.3CVSS5.3AI score0.00211EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.21 views

PT-2026-50221

Name of the Vulnerable Software and Affected Versions OpenBSD versions prior to 076e2b1 Description The sppp pap input function in sys/net/if spppsubr.c allows authentication bypass when certain zero values are used for lengths. Real-world offensive activities targeting this issue have been...

5.8CVSS5.3AI score0.00211EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.23 views

PT-2026-50785

Name of the Vulnerable Software and Affected Versions OpenBSD versions prior to commit 6a23123 Description An out-of-bounds read exists in the mpls do error function within sys/netmpls/mpls input.c. Remote attackers can disclose kernel stack memory by sending crafted MPLS frames containing 16...

6.9CVSS5.8AI score0.00423EPSS
Exploits2References23
Rows per page
Query Builder