CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2026/05/08 12:0 a.m.•4 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from deadlock issues during runtime in accel amdxdna, leading to pending tasks being stuck and...

5.5CVSS5.8AI score0.00014EPSS

SUSE CVE•added 2026/04/16 11:28 p.m.•1 views

SUSE CVE-2026-33212

Weblate is a web based localization tool. In versions prior to 5.17, the tasks API didn't verify user access for pending tasks. This could expose logs of in-progress operations to users who don't have access to given scope. The attacker needs to brute-force the random UUID of the task, so...

3.1CVSS5.7AI score0.00011EPSS

Exploits0References3

Github Security Blog•added 2026/04/16 8:41 p.m.•3 views

Weblate: Improper access control for pending tasks in API

Impact The API for tasks didn't verify user access for pending tasks. This could expose logs of in-progress operations to users who don't have access to given scope. Patches https://github.com/WeblateOrg/weblate/pull/18515 Workarounds The attacker needs to guess the random UUID of the task, so...

Exploits0References5Affected Software1

EUVD•added 2026/04/16 8:41 p.m.•1 views

EUVD-2026-22997

Weblate: Improper access control for pending tasks in API...

OSV•added 2026/04/16 8:41 p.m.•0 views

Exploits0References4

GHSA-VJ45-X3PJ-F4W4 Weblate: Improper access control for pending tasks in API

CVE•added 2026/04/15 5:48 p.m.•2 views

CVE-2026-33212

CVE-2026-33212 affects Weblate (web-based localization tool). The vulnerability lies in the tasks API where, in versions prior to 5.17, access control for pending tasks was not enforced, potentially exposing in-progress task logs to users without the proper scope. The attack requires brute-forcin...

Exploits0References2Affected Software1

Cvelist•added 2026/04/15 5:48 p.m.•14 views

CVE-2026-33212 Weblate: Improper access control for pending tasks in API

3.1CVSS0.00011EPSS

Vulnrichment•added 2026/04/15 5:48 p.m.•1 views

CVE-2026-33212 Weblate: Improper access control for pending tasks in API

Positive Technologies•added 2026/04/15 12:0 a.m.•3 views

PT-2026-33113

CNNVD•added 2026/03/25 12:0 a.m.•2 views

Exploits0References4

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to cancel pending tasks after clearing deferredqc, potentially leading to the triggering of...

5.5CVSS6AI score0.00017EPSS

Tenable Nessus•added 2026/01/22 12:0 a.m.•2 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-37994)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37994 advisory. - In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: displayport: Fix NULL...

5.5CVSS6.8AI score0.00119EPSS

CNNVD•added 2026/01/13 12:0 a.m.•2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from unsynchronized pending tasks in the device removal path, which could lead to reuse after release...

7.8CVSS6.4AI score0.00021EPSS

RedHat Linux•added 2025/11/11 9:13 a.m.•2 views

kernel: usb: typec: ucsi: displayport: Fix NULL pointer access

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: displayport: Fix NULL pointer access This patch ensures that the UCSI driver waits for all pending tasks in the ucsidisplayportwork workqueue to finish executing before proceeding with the partner removal...

5.5CVSS6.8AI score0.00119EPSS