Lucene search
K

24000 matches found

Debian CVE
Debian CVE
added 2026/05/06 11:28 a.m.13 views

CVE-2026-43254

In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - fix packet extraction from stream When processing TCP stream data in ovpntcprecv, we receive large cloned skbs from strprcv that may contain multiple coalesced packets. The current implementation has two bugs: 1. Head...

7.5CVSS5.8AI score0.00451EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/06 11:28 a.m.31 views

CVE-2026-43217 media: iris: gen2: Add sanity check for session stop

In the Linux kernel, the following vulnerability has been resolved: media: iris: gen2: Add sanity check for session stop In iriskillsession, inst-state is set to IRISINSTERROR and sessionclose is executed, which will kfreeinsthfigen2-packet. If stopstreaming is called afterward, it will cause a...

0.00126EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/06 9:57 a.m.10 views

CVE-2026-43070

A flaw was found in the Linux kernel's BPF Berkeley Packet Filter verifier. The verifier fails to correctly reset a register's ID after a BPFEND byte swap operation. This oversight can lead to the verifier incorrectly propagating learned memory bounds to other registers, creating false confidence...

7.8CVSS5.8AI score0.00118EPSS
Exploits0References4
CVE
CVE
added 2026/05/06 7:40 a.m.28 views

CVE-2026-43113

In the Linux kernel, CVE-2026-43113 affects the wl1251 Wi‑Fi driver. The function wl1251_tx_packet_cb() uses the firmware completion ID (a raw u8) to index a fixed 16-entry wl->tx_frames[] array without validating that the ID fits. The callback can dereference out-of-range IDs. The fix rejects...

8.8CVSS5.8AI score0.00247EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2026/05/06 7:40 a.m.5 views

CVE-2026-43113

In the Linux kernel, the following vulnerability has been resolved: wifi: wl1251: validate packet IDs before indexing txframes wl1251txpacketcb uses the firmware completion ID directly to index the fixed 16-entry wl-txframes array. The ID is a raw u8 from the completion block, and the callback do...

8.8CVSS5.7AI score0.00247EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/06 7:40 a.m.4 views

CVE-2026-43080

In the Linux kernel, the following vulnerability has been resolved: l2tp: Drop large packets with UDP encap syzbot reported a WARN on my patch series 1. The actual issue is an overflow of 16-bit UDP length field, and it exists in the upstream code. My series added a debug WARN with an overflow...

5.8AI score0.00122EPSS
Exploits0References6Affected Software1
SUSE CVE
SUSE CVE
added 2026/05/06 1:42 a.m.9 views

SUSE CVE-2026-31779

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix potential out-of-bounds read in iwlmvmndmatchinfohandler The memcpy function assumes the dynamic array notif-matches is at least as large as the number of bytes to copy. Otherwise, results-matches may...

8.1CVSS5.8AI score0.00271EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/06 1:41 a.m.11 views

SUSE CVE-2026-43009

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix incorrect pruning due to atomic fetch precision tracking When backtrackinsn encounters a BPFSTX instruction with BPFATOMIC and BPFFETCH, the src register or r0 for BPFCMPXCHG also acts as a destination, thus receiving th...

5.5CVSS5.7AI score0.00134EPSS
Exploits0References22
SUSE CVE
SUSE CVE
added 2026/05/06 1:41 a.m.7 views

SUSE CVE-2026-43030

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix regsafe for pointers to packet In case rold-reg-range == BEYONDPKTEND && rcur-reg-range == N regsafe may return true which may lead to current state with valid packet range not being explored. Fix the bug...

5.5CVSS5.7AI score0.00129EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.13 views

PT-2026-37557

In the Linux kernel, the following vulnerability has been resolved: media: iris: gen2: Add sanity check for session stop In iris kill session, inst-state is set to IRIS INST ERROR and session close is executed, which will kfreeinst hfi gen2-packet. If stop streaming is called afterward, it will...

5.8AI score0.00126EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.8 views

RHEL 8 : corosync (RHSA-2026:14216)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:14216 advisory. The corosync packages provide the Corosync Cluster Engine and C APIs for Red Hat Enterprise Linux cluster software. Security Fixes: corosyn...

8.2CVSS5.9AI score0.00994EPSS
Exploits2References7
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.9 views

PT-2026-37594

In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - fix packet extraction from stream When processing TCP stream data in ovpn tcp recv, we receive large cloned skbs from strp rcv that may contain multiple coalesced packets. The current implementation has two bugs: 1...

5.7AI score0.00451EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.13 views

PT-2026-38280

Name of the Vulnerable Software and Affected Versions Netty versions 4.2.0.Final through 4.2.12.Final Description Netty's epoll transport fails to detect and close TCP connections that receive a RST after being half-closed. This occurs when a connection has ALLOW HALF CLOSURE enabled or is in a...

7.5CVSS5.9AI score0.00408EPSS
Exploits0References318
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.9 views

AlmaLinux 8 : corosync (ALSA-2026:13657)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:13657 advisory. corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet CVE-2026-35091 corosync: Corosync: Denial of Service via integer...

8.2CVSS5.9AI score0.00994EPSS
Exploits2References4
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.15 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from issues with header offset overflow and protocol header misalignment during the extraction of data...

7.5CVSS5.9AI score0.00451EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.10 views

PT-2026-37526

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A heap buffer overflow exists in the ioam6 fill trace data function. The function relies on the nodelen field from incoming packets to determine the amount of data to write for each node...

9.8CVSS6AI score0.00642EPSS
Exploits0References19
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.10 views

RHEL 8 : corosync (RHSA-2026:14214)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:14214 advisory. The corosync packages provide the Corosync Cluster Engine and C APIs for Red Hat Enterprise Linux cluster software. Security Fixes: corosyn...

8.2CVSS5.9AI score0.00994EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-43070

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf: Reset register ID for BPFEND value tracking When a register undergoes a BPFEND byte swa...

7.8CVSS6.4AI score0.00118EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/05 9:14 p.m.36 views

Hysteria: A specially constructed quic package can crash the server OOM when the sniff is enabled

Summary A specially constructed quic package can crash the server OOM when the sniff is enabled. Details When the server has sniff enabled, a valid connection can request the server to forward UDP traffic and construct a huge crypto length. The server will allocate memory according to this length...

5.8AI score
Exploits0References2Affected Software1
NVD
NVD
added 2026/05/05 4:16 p.m.8 views

CVE-2026-43070

In the Linux kernel, the following vulnerability has been resolved: bpf: Reset register ID for BPFEND value tracking When a register undergoes a BPFEND byte swap operation, its scalar value is mutated in-place. If this register previously shared a scalar ID with another register e.g., after an r1...

7.8CVSS0.00118EPSS
Exploits0References3
Rows per page
Query Builder