Lucene search
K

6078 matches found

Debian CVE
Debian CVE
added 2026/06/25 8:38 a.m.3 views

CVE-2026-53134

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftfib: fix stale stack leak via the OIFNAME register For NFTFIBRESULTOIFNAME the destination register is declared with len = IFNAMSIZ four 32-bit registers, but on the lookup-fail, RTNLOCAL and oif-mismatch paths...

5.5CVSS5.7AI score0.00176EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.8 views

PT-2026-52313

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netfilter module where the nft exthdr init function passes a user-controlled priv-len variable to nft parse register store, which marks a specific number of bytes ...

5.5CVSS6AI score0.00128EPSS
Exploits0References16
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.7 views

PT-2026-52305

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the register shm helper function. The function allocates shared memory shm before calling iov iter npages. If iov iter npages returns 0, the function incorrectly...

6.8CVSS6AI score0.00127EPSS
Exploits0References12
EUVD
EUVD
added 2026/06/24 6:32 p.m.5 views

EUVD-2026-38900

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix NULL deref in mapkptrmatchtype for scalar regs Commit ab6c637ad027 "bpf: Fix a bpfkptrxchg issue with local kptr" refactored mapkptrmatchtype to branch on btfiskernel before checking basetype. A scalar register stored in...

5.7AI score0.00168EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/24 6:32 p.m.5 views

EUVD-2026-38999

Missing Authentication for Critical Function CWE-306 in the RegisterView apps/accounts/views.py, exposed at POST /api/auth/register/, in MailerUp 1.0.1 allows a remote, unauthenticated attacker to self-register a working account on instances where registration is intended to be restricted, becaus...

8.8CVSS6AI score0.00406EPSS
Exploits0References3
NVD
NVD
added 2026/06/24 5:17 p.m.11 views

CVE-2026-53092

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix linked reg delta tracking when srcreg == dstreg Consider the case of rX += rX where srcreg and dstreg are pointers to the same bpfregstate in adjustregminmaxvals. The latter first modifies the dstreg in-place, and later ...

7.8CVSS0.00125EPSS
Exploits0References6
NVD
NVD
added 2026/06/24 5:17 p.m.7 views

CVE-2026-53078

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix same-register dst/src OOB read and pointer leak in sockops When a BPF sockops program accesses ctx fields with dstreg == srcreg, the SOCKOPSGETSK and SOCKOPSGETFIELD macros fail to zero the destination register in the...

7.8CVSS0.00112EPSS
Exploits0References2
NVD
NVD
added 2026/06/24 5:17 p.m.5 views

CVE-2026-53045

In the Linux kernel, the following vulnerability has been resolved: memory: tegra124-emc: Fix dllchange check The code checking whether the specified memory timing enables DLL in the EMRS register was reversed. DLL is enabled if bit A0 is low. Fix the check...

9.8CVSS0.00521EPSS
Exploits0References8
NVD
NVD
added 2026/06/24 5:16 p.m.6 views

CVE-2026-13164

Missing Authentication for Critical Function CWE-306 in the RegisterView apps/accounts/views.py, exposed at POST /api/auth/register/, in MailerUp 1.0.1 allows a remote, unauthenticated attacker to self-register a working account on instances where registration is intended to be restricted, becaus...

8.8CVSS0.00406EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 4:30 p.m.32 views

CVE-2026-53092 bpf: Fix linked reg delta tracking when src_reg == dst_reg

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix linked reg delta tracking when srcreg == dstreg Consider the case of rX += rX where srcreg and dstreg are pointers to the same bpfregstate in adjustregminmaxvals. The latter first modifies the dstreg in-place, and later ...

7.8CVSS0.00125EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 4:30 p.m.4 views

EUVD-2026-38960

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix linked reg delta tracking when srcreg == dstreg Consider the case of rX += rX where srcreg and dstreg are pointers to the same bpfregstate in adjustregminmaxvals. The latter first modifies the dstreg in-place, and later ...

5.5AI score0.00125EPSS
Exploits0References3
CVE
CVE
added 2026/06/24 4:30 p.m.16 views

CVE-2026-53092

CVE-2026-53092 affects the Linux kernel’s BPF subsystem . The root cause is in register delta tracking when the same source and destination registers are used (e.g., rX += rX). In adjust_reg_min_max_vals(), the code mutates the destination in-place, and later, when evaluating the source register,...

7.8CVSS5.5AI score0.00125EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/24 4:30 p.m.4 views

EUVD-2026-38946

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix same-register dst/src OOB read and pointer leak in sockops When a BPF sockops program accesses ctx fields with dstreg == srcreg, the SOCKOPSGETSK and SOCKOPSGETFIELD macros fail to zero the destination register in the...

5.7AI score0.00112EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 4:30 p.m.26 views

CVE-2026-53078 bpf: Fix same-register dst/src OOB read and pointer leak in sock_ops

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix same-register dst/src OOB read and pointer leak in sockops When a BPF sockops program accesses ctx fields with dstreg == srcreg, the SOCKOPSGETSK and SOCKOPSGETFIELD macros fail to zero the destination register in the...

7.8CVSS0.00112EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 4:30 p.m.6 views

EUVD-2026-38941

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcildisc: Clear HCIUARTPROTOINIT on error When hciregisterdev fails in hciuartregisterdev HCIUARTPROTOINIT is not cleared before calling hu-proto-closehu and setting hu-hdev to NULL. This means incoming UART data will...

5.8AI score0.00172EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/24 4:30 p.m.4 views

EUVD-2026-38933

In the Linux kernel, the following vulnerability has been resolved: ASoC: sti: use managed regmapfield allocations The regmapfield objects allocated at player init are never freed and may leak resources if the driver is removed. Switch to devmregmapfieldalloc to automatically limit the lifetime o...

5.7AI score0.00172EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/24 4:29 p.m.5 views

EUVD-2026-38919

In the Linux kernel, the following vulnerability has been resolved: PCI: tegra194: Fix CBB timeout caused by DBI access before core power-on When PERST is deasserted twice assert - deassert - assert - deassert, a CBB Control Backbone timeout occurs at DBI register offset 0x8bc PCIEMISCCONTROL1OFF...

5.7AI score0.00175EPSS
Exploits0References4
CVE
CVE
added 2026/06/24 4:29 p.m.7 views

CVE-2026-53045

CVE-2026-53045 concerns the Linux kernel memory subsystem, specifically the tegra124-emc component. The issue is that the check to determine whether DLL (Delay-Locked Loop) is enabled in the EMRS register was reversed: DLL is actually enabled when bit A0 is low. A fix to the check was applied in ...

9.8CVSS5.8AI score0.00521EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/24 4:29 p.m.3 views

EUVD-2026-38913

In the Linux kernel, the following vulnerability has been resolved: memory: tegra124-emc: Fix dllchange check The code checking whether the specified memory timing enables DLL in the EMRS register was reversed. DLL is enabled if bit A0 is low. Fix the check...

5.8AI score0.00521EPSS
Exploits0References8
NVD
NVD
added 2026/06/24 4:16 p.m.10 views

CVE-2026-49269

Apple M1 GPUs retain register file data between compute shader dispatches from different processes. A sandboxed Metal attacker app can run a GPU reader shader that reads stale register values left by a separate sandboxed victim app. In the proof of concept, GPUVictim.app generates a fresh random...

8.6CVSS0.00303EPSS
Exploits0References1
Rows per page
Query Builder