Lucene search
K

23998 matches found

UbuntuCve
UbuntuCve
added 2026/05/08 12:0 a.m.18 views

CVE-2026-43284

In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSGSPLICEPAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFLSHAREDFRAG after skbsplicefromiter, so later paths that may modify packet data ca...

8.8CVSS6AI score0.93235EPSS
Exploits31References8
OSV
OSV
added 2026/05/08 12:0 a.m.9 views

ALSA-2026:A005 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: xfrm: esp: avoid in-place decrypt on shared skb frags CVE-2026-43284 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

8.8CVSS5.8AI score0.93235EPSS
Exploits31References3
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.11 views

PT-2026-38984

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the BPF subsystem where the check mem access function matches PTR TO BUF via base type, which strips PTR MAYBE NULL. This allows direct dereference of pointers without...

9.8CVSS5.8AI score0.00433EPSS
Exploits7References280
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.11 views

PT-2026-38972

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the BPF verifier where live registers for indirect jumps are not properly marked. Specifically, for a gotox rX instruction, the rX register is not marked as used withi...

7.8CVSS5.5AI score0.00121EPSS
Exploits0References17
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an issue with NCI packet parameter validation. This vulnerability may lead to communication failures...

8.3CVSS5.8AI score0.00269EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel. This vulnerability stems from the checkmemaccess function in the BPF module, which matches PTRTOBUF pointers using...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.14 views

PT-2026-39226

Name of the Vulnerable Software and Affected Versions PgBouncer versions prior to 1.25.2 Description An integer overflow in the network packet parsing code allows an unauthenticated remote attacker to bypass a boundary check. By sending a malformed SCRAM authentication packet, the attacker can...

7.8CVSS6AI score0.00698EPSS
Exploits1References17
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the improper clearing of the queue during the process of sending ring reset commands. This...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/07 2:17 a.m.10 views

SUSE CVE-2026-43217

In the Linux kernel, the following vulnerability has been resolved: media: iris: gen2: Add sanity check for session stop In iriskillsession, inst-state is set to IRISINSTERROR and sessionclose is executed, which will kfreeinsthfigen2-packet. If stopstreaming is called afterward, it will cause a...

5.8AI score0.00126EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/07 2:16 a.m.9 views

SUSE CVE-2026-43254

In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - fix packet extraction from stream When processing TCP stream data in ovpntcprecv, we receive large cloned skbs from strprcv that may contain multiple coalesced packets. The current implementation has two bugs: 1. Head...

7.5CVSS5.7AI score0.00451EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/07 12:0 a.m.5 views

RHEL 9 : corosync (RHSA-2026:14211)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:14211 advisory. The corosync packages provide the Corosync Cluster Engine and C APIs for Red Hat Enterprise Linux cluster software. Security Fixes: corosyn...

8.2CVSS6AI score0.00994EPSS
Exploits2References7
GitLab Advisory Database
GitLab Advisory Database
added 2026/05/07 12:0 a.m.8 views

container: pf Rule Injection via Domain Name Argument in `container system dns create --localhost` Command

The container system dns create --localhost command accepts a domainName argument and passes it unsanitized into the pf anchor file /etc/pf.anchors/com.apple.container as a comment in a rule line. A domain name containing a newline character breaks out of the comment context and injects an...

6AI score
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/07 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-43254

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ovpn: tcp - fix packet extraction from stream When processing TCP stream data in ovpntcprecv, we receive large cloned skbs from strprcv that may contain multipl...

7.5CVSS7.1AI score0.00451EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/06 11:24 p.m.10 views

CVE-2026-43254

A flaw was found in the Linux kernel's handling of OpenVPN ovpn TCP network traffic. This vulnerability occurs when the kernel processes multiple network packets that have been combined into a single stream. An attacker could exploit this by sending specially crafted TCP packets, leading to issue...

7.5CVSS5.8AI score0.00451EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/06 9:37 p.m.9 views

CVE-2026-43208

A flaw was found in the Linux kernel's networking component. An incorrect assumption about the size and immutability of the Receive Packet Steering RPS table could lead to an out-of-bounds memory access. This vulnerability, occurring during the computation of flowid in the setrpscpu function, cou...

9.8CVSS5.7AI score0.00481EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/05/06 4:30 p.m.7 views

corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet

A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity check by sending a specially crafted User Datagram Protocol UDP packet. This can lead to an out-of-bounds read, causing a denial of service...

8.2CVSS5.8AI score0.00867EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/05/06 4:30 p.m.12 views

Moderate: Red Hat Security Advisory: corosync security update

An update for corosync is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring...

8.2CVSS5.9AI score0.00994EPSS
Exploits2References3
RedHat Linux
RedHat Linux
added 2026/05/06 4:26 p.m.7 views

corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet

A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity check by sending a specially crafted User Datagram Protocol UDP packet. This can lead to an out-of-bounds read, causing a denial of service...

8.2CVSS5.8AI score0.00867EPSS
Exploits1References5
EUVD
EUVD
added 2026/05/06 12:30 p.m.25 views

EUVD-2026-27815

In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - fix packet extraction from stream When processing TCP stream data in ovpntcprecv, we receive large cloned skbs from strprcv that may contain multiple coalesced packets. The current implementation has two bugs: 1. Head...

5.7AI score0.00451EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/06 12:30 p.m.18 views

EUVD-2026-27635

In the Linux kernel, the following vulnerability has been resolved: wifi: wl1251: validate packet IDs before indexing txframes wl1251txpacketcb uses the firmware completion ID directly to index the fixed 16-entry wl-txframes array. The ID is a raw u8 from the completion block, and the callback do...

5.8AI score0.00247EPSS
Exploits0References6
Rows per page
Query Builder