Lucene search
+L

408984 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-53166

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - futex/requeue: Prevent NULL pointer dereference in removewaiter on self-deadlock When FUTEXCMPREQUEUEPI requeues a non-top waiter that already owns the target P...

6AI score0.00126EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/06/26 11:18 p.m.30 views

pnpm: Manifest identity spoof satisfies allowBuilds and runs attacker lifecycle

Summary Keep build approval for opaque dependency sources byte-exact for GHSA-5wx6-mg75-v57r / CAND-PNPM-123. Merged upstream commit bf1b731ee6 fixed the original name-only approval bypass by making build policy consume the resolved dependency identity. One collision remained: the generic...

8.8CVSS5.8AI score0.00118EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2026/06/26 8:17 p.m.3 views

DEBIAN-CVE-2026-53307

In the Linux kernel, the following vulnerability has been resolved: pinctrl: pinconf-generic: Fully validate 'pinmux' property The pinconfgenericparsedtpinmux assumes that the 'pinmux' property is not empty when present. This might be not true. With that, the allocator will give a special value i...

5.5CVSS5.7AI score0.00112EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 8:17 p.m.10 views

CVE-2026-53295

In the Linux kernel, the following vulnerability has been resolved: mailbox: add sanity check for channel array Fail gracefully if there is no channel array attached to the mailbox controller. Otherwise the later dereference will cause an OOPS which might not be seen because mailbox controllers...

5.5CVSS0.00123EPSS
Exploits0References8
OSV
OSV
added 2026/06/26 8:17 p.m.2 views

DEBIAN-CVE-2026-53296

In the Linux kernel, the following vulnerability has been resolved: mailbox: mailbox-test: free channels on probe error On probe error, free the previously obtained channels. This not only prevents a leak, but also UAF scenarios because the client structure will be removed nonetheless because it...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 7:41 p.m.32 views

CVE-2026-53322 vfio/pci: Clean up DMABUFs before disabling function

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Clean up DMABUFs before disabling function On device shutdown, make vfiopcicoreclosedevice call vfiopcidmabufcleanup before the function is disabled via vfiopcicoredisable. This ensures that all access via DMABUFs is...

8.8CVSS0.00182EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/26 7:41 p.m.14 views

EUVD-2026-39858

In the Linux kernel, the following vulnerability has been resolved: net: dsa: remove redundant netdevlockops from conduit ethtool ops DSA replaces the conduit master device's ethtoolops with its own wrappers that aggregate stats from both the conduit and DSA switch ports. Taking the lock again...

5.8AI score0.0009EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/26 7:41 p.m.6 views

CVE-2026-53307

In the Linux kernel, the following vulnerability has been resolved: pinctrl: pinconf-generic: Fully validate 'pinmux' property The pinconfgenericparsedtpinmux assumes that the 'pinmux' property is not empty when present. This might be not true. With that, the allocator will give a special value i...

5.5CVSS5.7AI score0.00112EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/26 7:40 p.m.7 views

CVE-2026-53295

In the Linux kernel, the following vulnerability has been resolved: mailbox: add sanity check for channel array Fail gracefully if there is no channel array attached to the mailbox controller. Otherwise the later dereference will cause an OOPS which might not be seen because mailbox controllers...

5.5CVSS5.7AI score0.00123EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/26 7:40 p.m.9 views

CVE-2026-53293

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix AMDGPUINFOREADMMRREG There were multiple issues in that code. First of all the order between the reset semaphore and the mmlock was wrong e.g. copytouser was called while holding the lock. Then we allocated memory...

5.5CVSS5.7AI score0.00095EPSS
Exploits0
OSV
OSV
added 2026/06/26 7:40 p.m.2 views

CVE-2026-53279 drm/gma500/oaktrail_lvds: fix hang on init failure

In the Linux kernel, the following vulnerability has been resolved: drm/gma500/oaktraillvds: fix hang on init failure The LVDS init code looks up an I2C adapter using i2cgetadapter and tries to read the EDID before falling back to allocating and registering its own adapter. The error handling doe...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2026/06/26 2:14 a.m.8 views

SUSE CVE-2026-52972

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Cap AEAD AD length to 0x80000000 In order to prevent arithmetic overflows when checking the TX buffer size, cap the associated data length to 0x80000000...

7.8CVSS5.8AI score0.00144EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.16 views

PT-2026-52934

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the mailbox component where the system fails to perform a sanity check for the channel array. If no channel array is attached to the mailbox controller, a subsequent...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References21
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.19 views

PT-2026-52946

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the pinconf generic parse dt pinmux function where it assumes the pinmux property is not empty when present. If the pinmux property is empty, the allocator returns a...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References16
EUVD
EUVD
added 2026/06/25 8:38 a.m.10 views

EUVD-2026-39267

In the Linux kernel, the following vulnerability has been resolved: IB/isert: Reject login PDUs shorter than ISERHEADERSLEN In drivers/infiniband/ulp/isert/ibisert.c, isertloginrecvdone computes the login request payload length as wc-bytelen minus ISERHEADERSLEN with no lower bound, and loginreql...

6AI score0.00742EPSS
Exploits0References8
CVE
CVE
added 2026/06/25 8:38 a.m.14 views

CVE-2026-53171

The CVE affects the Linux kernel’s accel/ethosu driver. The dma_length() function can under- or overflow while deriving DMA region usage, causing region_size[] to be under-reported and potentially bypassing bounds checks in ethosu_job.c. The issue arises from arithmetic in len calculations, signe...

8.8CVSS6AI score0.00137EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.5 views

PT-2026-52279

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Multipath TCP MPTCP implementation where the window field in the TCP header refers to the MPTCP-level rcv nxt. Because the TCP stack independently prevents the...

8.7CVSS6AI score0.00506EPSS
Exploits0References20
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.13 views

PT-2026-52604

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An issue exists in the EVP DigestVerifyFinal function where a zero-length tag could be accepted as valid during HMAC Hash-based Message Authentication Code...

7.5CVSS5.7AI score0.00147EPSS
Exploits0References9
EUVD
EUVD
added 2026/06/24 6:32 p.m.8 views

EUVD-2026-38871

In the Linux kernel, the following vulnerability has been resolved: pppoe: drop PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the current PPPoE driver assumes an...

5.7AI score0.00508EPSS
Exploits0References9
EUVD
EUVD
added 2026/06/24 6:32 p.m.8 views

EUVD-2026-38849

In the Linux kernel, the following vulnerability has been resolved: neigh: let neighxmit take skb ownership neighxmit always releases the skb, except when no neighbour table is found. But even the first added user of neighxmit mpls relied on neighxmit to release the skb or queue it for tx. sashik...

5.8AI score0.00539EPSS
Exploits0References7
Rows per page
Query Builder