Lucene search
K

2452 matches found

Cvelist
Cvelist
added 2026/06/25 8:38 a.m.27 views

CVE-2026-53183 mptcp: allow subflow rcv wnd to shrink

In the Linux kernel, the following vulnerability has been resolved: mptcp: allow subflow rcv wnd to shrink In MPTCP connection, the window field in the TCP header refers to the MPTCP-level rcvnxt and it's right edge should not move backward. Such constraint is enforced at DSS option generation...

7.5CVSS0.00506EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/25 8:38 a.m.4 views

EUVD-2026-39274

In the Linux kernel, the following vulnerability has been resolved: mptcp: allow subflow rcv wnd to shrink In MPTCP connection, the window field in the TCP header refers to the MPTCP-level rcvnxt and it's right edge should not move backward. Such constraint is enforced at DSS option generation...

5.7AI score0.00506EPSS
Exploits0References6
CVE
CVE
added 2026/06/25 8:38 a.m.20 views

CVE-2026-53183

CVE-2026-53183 affects the Linux kernel MPTCP implementation. The issue allows the TCP subflow receive window to shrink independently of the netns, which can inflate the MPTCP receive window and cause incoming data to exceed the receiver’s rcvbuf, potentially leading to DoS or a system becoming u...

7.5CVSS5.7AI score0.00506EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.8 views

PT-2026-52311

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the mvpp2 driver where the XDP path initializes every xdp buff with PAGE SIZE as the frame size, regardless of whether the buffer is from a short or long BM pool...

9.8CVSS6.2AI score0.00546EPSS
Exploits0References16
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.8 views

PT-2026-52310

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the mvpp2 network driver where the RX error path returns the current descriptor buffer to the hardware Buffer Manager BM pool. This action is only valid while the driv...

9.8CVSS6.1AI score0.00546EPSS
Exploits0References16
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.7 views

PT-2026-52298

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the accel/ivpu component where firmware-supplied data size is cast to a signed integer before being processed by the min t function. When large unsigned values greater...

7.8CVSS6.1AI score0.00153EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-53006

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv6: fix possible UAF in icmpv6rcv Caching saddr and daddr before pskbpull is problematic since skb-head can change. Remove these temporary variables: - We onl...

9.8CVSS5.6AI score0.00377EPSS
Exploits0References3
NVD
NVD
added 2026/06/24 9:16 p.m.8 views

CVE-2026-52811

Gogs is an open source self-hosted Git service. Prior to 0.14.3, Repository.UploadRepoFiles checks for symlinks only on the leaf of the upload target osx.IsSymlinktargetPath. The siblings UpdateRepoFile, DeleteRepoFile, and GetDiffPreview use hasSymlinkInPath, which lstats every component —...

9CVSS0.00474EPSS
Exploits0References4
NVD
NVD
added 2026/06/24 9:16 p.m.7 views

CVE-2026-52810

Gogs is an open source self-hosted Git service. Prior to 0.14.3, Git smart HTTP authorizes POST …/git-receive-pack using the client-supplied service query string so ?service=git-upload-pack is evaluated as read access while routing still runs git receive-pack, allowing push where only read should...

7.1CVSS0.00427EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/24 8:30 p.m.19 views

CVE-2026-52810 Gogs: Write to readonly repositories using receive-pack + service=git-upload-pack confusion

Gogs is an open source self-hosted Git service. Prior to 0.14.3, Git smart HTTP authorizes POST …/git-receive-pack using the client-supplied service query string so ?service=git-upload-pack is evaluated as read access while routing still runs git receive-pack, allowing push where only read should...

7.1CVSS0.00427EPSS
Exploits0References4
CVE
CVE
added 2026/06/24 8:30 p.m.9 views

CVE-2026-52810

CVE-2026-52810 affects Gogs (Git self-hosted) where the authorization policy is derived from the client-supplied service parameter (e.g., service=git-upload-pack) instead of the actual RPC path. Consequently, requests to the write endpoint /repo.git/git-receive-pack can be treated as read, while ...

7.1CVSS5.9AI score0.00427EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/24 8:30 p.m.6 views

CVE-2026-52810

Gogs is an open source self-hosted Git service. Prior to 0.14.3, Git smart HTTP authorizes POST …/git-receive-pack using the client-supplied service query string so ?service=git-upload-pack is evaluated as read access while routing still runs git receive-pack, allowing push where only read should...

7.1CVSS5.9AI score0.00427EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/06/24 6:32 p.m.5 views

EUVD-2026-38842

In the Linux kernel, the following vulnerability has been resolved: net: tls: fix strparser anchor skb leak on offload RX setup failure When tlssetdeviceoffloadrx fails at tlsdevadd, the error path calls tlsswfreeresourcesrx to clean up the SW context that was initialized by tlssetswoffload. This...

5.8AI score0.00506EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/24 6:32 p.m.4 views

EUVD-2026-38813

In the Linux kernel, the following vulnerability has been resolved: Revert "wireguard: device: enable threaded NAPI" This reverts commit 933466fc50a8e4eb167acbd0d8ec96a078462e9c which is commit db9ae3b6b43c79b1ba87eea849fd65efa05b4b2e upstream. We have had three independent production user report...

5.8AI score0.00307EPSS
Exploits0References2
NVD
NVD
added 2026/06/24 5:17 p.m.13 views

CVE-2026-53006

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible UAF in icmpv6rcv Caching saddr and daddr before pskbpull is problematic since skb-head can change. Remove these temporary variables: - We only access &ipv6hdrskb-saddr and &ipv6hdrskb-daddr when netdbgratelimit...

9.8CVSS0.00377EPSS
Exploits0References11
EUVD
EUVD
added 2026/06/24 4:30 p.m.8 views

EUVD-2026-38950

In the Linux kernel, the following vulnerability has been resolved: net: hamradio: 6pack: fix uninit-value in sixpackreceivebuf sixpackreceivebuf does not properly skip bytes with TTY error flags. The while loop iterates through the flags buffer but never advances the data pointer cp, and passes...

6AI score0.00164EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/24 4:30 p.m.6 views

EUVD-2026-38941

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcildisc: Clear HCIUARTPROTOINIT on error When hciregisterdev fails in hciuartregisterdev HCIUARTPROTOINIT is not cleared before calling hu-proto-closehu and setting hu-hdev to NULL. This means incoming UART data will...

5.8AI score0.00172EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/24 4:29 p.m.27 views

CVE-2026-53006 ipv6: fix possible UAF in icmpv6_rcv()

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible UAF in icmpv6rcv Caching saddr and daddr before pskbpull is problematic since skb-head can change. Remove these temporary variables: - We only access &ipv6hdrskb-saddr and &ipv6hdrskb-daddr when netdbgratelimit...

9.8CVSS0.00377EPSS
Exploits0References8
CVE
CVE
added 2026/06/24 4:29 p.m.14 views

CVE-2026-53006

The CVE-2026-53006 entry concerns a Use-After-Free in the Linux kernel IPv6 path (icmpv6_rcv) caused by caching IPv6 saddr/daddr before pskb_pull(), since skb->head can change. The fix removes temporary variables and ensures access to &ipv6_hdr(skb)->saddr and &ipv6_hdr(skb)->daddr only ...

9.8CVSS5.7AI score0.00377EPSS
Exploits0References11
CVE
CVE
added 2026/06/24 4:29 p.m.18 views

CVE-2026-52989

CVE-2026-52989 affects the Linux kernel nvmet-tcp component. The root cause is that nvmet_tcp_build_pdu_iovec() detects out-of-bounds PDU length/offset but does not propagate the error to callers; it returns void and triggers nvmet_tcp_fatal_error(cmd->queue) without alerting the caller, leavi...

9.8CVSS5.7AI score0.00342EPSS
Exploits0References9
Rows per page
Query Builder