Lucene search
K

5314 matches found

CVE
CVE
added 2026/06/25 6:13 p.m.18 views

CVE-2026-56788

RTKLIB 2.4.3 is affected by an out-of-bounds read in getcodepri when processing unrecognized RINEX observation codes. Crafted RINEX files with unknown observation types trigger negative indexing into the codepris table, causing reliable crashes and potential memory disclosure of adjacent global d...

7.1CVSS5.9AI score0.00119EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/25 6:13 p.m.5 views

CVE-2026-56788

RTKLIB through 2.4.3 contains an out-of-bounds read vulnerability in getcodepri function when processing unrecognized RINEX observation codes, allowing attackers to trigger denial of service. Crafted RINEX files with unknown observation types cause negative array indexing into the codepris table,...

7.1CVSS5.9AI score0.00119EPSS
Exploits1
Cvelist
Cvelist
added 2026/06/25 6:11 p.m.22 views

CVE-2026-56786 RTKLIB 2.4.3 - Out-of-bounds Write in decode_type1033 via Crafted RTCM3 Message

RTKLIB through 2.4.3 contains an out-of-bounds write vulnerability in decodetype1033 function that fails to clamp length counters to destination buffer size, allowing up to 191-byte overflow into fixed 64-byte descriptor fields. An attacker controlling an NTRIP or serial RTCM3 correction stream c...

9.8CVSS0.00422EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/06/25 6:11 p.m.6 views

CVE-2026-56786

RTKLIB through 2.4.3 contains an out-of-bounds write vulnerability in decodetype1033 function that fails to clamp length counters to destination buffer size, allowing up to 191-byte overflow into fixed 64-byte descriptor fields. An attacker controlling an NTRIP or serial RTCM3 correction stream c...

9.8CVSS6.7AI score0.00422EPSS
Exploits1References3
OSV
OSV
added 2026/06/25 9:16 a.m.6 views

UBUNTU-CVE-2026-53163

In the Linux kernel, the following vulnerability has been resolved: locking/rtmutex: Skip removewaiter when waiter is not enqueued syzbot triggered the following splat in removewaiter via FUTEXCMPREQUEUEPI: KASAN: null-ptr-deref in range 0x0000000000000a88-0x0000000000000a8f...

6.8CVSS5.7AI score0.00128EPSS
Exploits0References6
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53166

In the Linux kernel, the following vulnerability has been resolved: futex/requeue: Prevent NULL pointer dereference in removewaiter on self-deadlock When FUTEXCMPREQUEUEPI requeues a non-top waiter that already owns the target PI futex, taskblocksonrtmutex returns -EDEADLK before setting...

6.8CVSS5.7AI score0.00126EPSS
Exploits0References6
CVE
CVE
added 2026/06/25 8:39 a.m.13 views

CVE-2026-53259

CVE-2026-53259 (Linux kernel) fixes a race in IPv6 anycast address management. The root cause was a window where inserting an aca into the global inet6_acaddr_lst[] and its hash could be separated from the teardown path (RTNL), causing the ac_addr to be freed while still linked, i.e., a slab-use-...

7.8CVSS5.7AI score0.00123EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/06/25 8:39 a.m.14 views

CVE-2026-53231

CVE-2026-53231 (Linux kernel) : The issue affects the PHY subsystem where PHY-driven SFP cages are not supported with the genphy code. Investigations show that sfp_bus_add_upstream() for genphy can deadlock because PHY probing runs under RTNL for genphy while non-genphy drivers do not. The root c...

5.5CVSS5.8AI score0.00087EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/25 8:38 a.m.77 views

CVE-2026-53166

The CVE-2026-53166 issue concerns the Linux kernel futex (Fast Userspace Mutex) requeue path, where a non-top waiter that already owns a PI futex could trigger a NULL pointer dereference in remove_waiter() during self-deadlock, causing a kernel crash/DoS. Public sources describe the vulnerability...

5.8AI score0.00126EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/25 8:38 a.m.30 views

CVE-2026-53163 locking/rtmutex: Skip remove_waiter() when waiter is not enqueued

In the Linux kernel, the following vulnerability has been resolved: locking/rtmutex: Skip removewaiter when waiter is not enqueued syzbot triggered the following splat in removewaiter via FUTEXCMPREQUEUEPI: KASAN: null-ptr-deref in range 0x0000000000000a88-0x0000000000000a8f...

0.00128EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:38 a.m.2 views

CVE-2026-53163

In the Linux kernel, the following vulnerability has been resolved: locking/rtmutex: Skip removewaiter when waiter is not enqueued syzbot triggered the following splat in removewaiter via FUTEXCMPREQUEUEPI: KASAN: null-ptr-deref in range 0x0000000000000a88-0x0000000000000a8f...

5.7AI score0.00128EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2026/06/25 6:0 a.m.3 views

RLSA-2026:27812 Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: selinux: fix overlayfs mmap and mprotect access checks CVE-2026-46054 For more details about the security issues, including the...

7CVSS5.9AI score0.00118EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.10 views

PT-2026-52549

Name of the Vulnerable Software and Affected Versions RTKLIB versions prior to 2.4.4 Description An out-of-bounds write occurs in the decode type1033 function because length counters are not clamped to the destination buffer size. This allows an overflow of up to 191 bytes into fixed 64-byte...

9.8CVSS6.5AI score0.00422EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.8 views

PT-2026-52551

Name of the Vulnerable Software and Affected Versions RTKLIB versions prior to 2.4.4 Description An out-of-bounds read occurs in the getcodepri function when processing unrecognized RINEX observation codes. This happens when crafted RINEX files containing unknown observation types cause negative...

7.1CVSS5.7AI score0.00119EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.10 views

PT-2026-52326

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the network PHY subsystem where the system attempts to set up PHY-driven SFP cages when using genphy. Because genphy does not support PHY-driver SFP cages, calling the...

6.7CVSS5.9AI score0.00087EPSS
Exploits0References10
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: smc91x: fixed a broken irq-context in PREEMPTRT When smc91x.c is built with PREEMPTRT, the following error occurs in FVPRevC: 13.055000 smc91x LNRO0003:00 eth0: link up, 10Mbps, half-duplex, lpa 0x0000 13.062137 BUG: The workqueu...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in gst-plugins-good1.0

GStreamer rtpqdm2depay: Heap-based Buffer Overflow and Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability, but the attack vectors...

8.8CVSS7.4AI score0.00828EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: schedext: A potential deadlock has been fixed in deferredirqworkfn. For PREEMPTRT=y kernels, deferredirqworkfn is executed in the per-cpu irqwork/ task context, and not in disable-irq. If the rq returned by containerof is the...

5.5CVSS5.9AI score0.00092EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Chromium

The use of after-free in WebRTC in Google Chrome before version 147.0.7727.55 allowed a remote attacker to execute arbitrary code within a sandbox through a crafted HTML page. Chromium security severity: High...

8.8CVSS8AI score0.0048EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.16 views

Astra Linux – Vulnerability in Chromium

A stack buffer overflow in WebRTC in Google Chrome prior to version 146.0.7680.153 allowed a remote attacker to potentially exploit stack corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS6.1AI score0.00301EPSS
Exploits0References3
Rows per page
Query Builder