Lucene search
K

20 matches found

CVE
CVE
added yesterday7 views

CVE-2026-15641

Technical details (affected products, components, versions, root cause, or exploit info) are not publicly available in the provided documents. Monitor for updates from vendors and CVE feeds.

7.1CVSS6.1AI score
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/07 2:18 a.m.15 views

SUSE CVE-2026-43119

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: annotate data-races around hdev-reqstatus hcicmdsyncsk sets hdev-reqstatus under hdev-reqlock: hdev-reqstatus = HCIREQPEND; However, several other functions read or write hdev-reqstatus without holding any loc...

5.8CVSS5.9AI score0.00114EPSS
Exploits0References12
EUVD
EUVD
added 2026/05/06 12:30 p.m.11 views

EUVD-2026-27647

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: annotate data-races around hdev-reqstatus hcicmdsyncsk sets hdev-reqstatus under hdev-reqlock: hdev-reqstatus = HCIREQPEND; However, several other functions read or write hdev-reqstatus without holding any loc...

5.9AI score0.00114EPSS
Exploits0References5
NVD
NVD
added 2026/05/06 10:16 a.m.33 views

CVE-2026-43119

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: annotate data-races around hdev-reqstatus hcicmdsyncsk sets hdev-reqstatus under hdev-reqlock: hdev-reqstatus = HCIREQPEND; However, several other functions read or write hdev-reqstatus without holding any loc...

5.5CVSS0.00114EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/06 7:40 a.m.6 views

CVE-2026-43119

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: annotate data-races around hdev-reqstatus hcicmdsyncsk sets hdev-reqstatus under hdev-reqlock: hdev-reqstatus = HCIREQPEND; However, several other functions read or write hdev-reqstatus without holding any loc...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/05/06 7:40 a.m.2 views

CVE-2026-43119 Bluetooth: hci_sync: annotate data-races around hdev->req_status

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: annotate data-races around hdev-reqstatus hcicmdsyncsk sets hdev-reqstatus under hdev-reqlock: hdev-reqstatus = HCIREQPEND; However, several other functions read or write hdev-reqstatus without holding any loc...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.13 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from concurrent access to the hdev-reqstatus field without using the READONCE/WRITEONCE annotation,...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.18 views

PT-2026-37429

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A data race exists in the Bluetooth component involving the hdev-req status variable. While hci cmd sync sk modifies this variable under the hdev-req lock, other functions—including hci...

5.5CVSS5.9AI score0.00114EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/03/16 12:47 a.m.4 views

SUSE CVE-2010-4326

Multiple buffer overflows in gwwww1.dll in GroupWise Internet Agent GWIA in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via variables in a VCALENDAR message, as demonstrated by a long 1 REQUEST-STATUS, 2 TZNAME, 3 COMMENT, or 4 RRULE variable in this message...

10CVSS6.4AI score0.10245EPSS
Exploits0References4
NVD
NVD
added 2026/01/17 3:16 a.m.18 views

CVE-2025-14450

The Wallet System for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'changewalletfundrequeststatuscallback' function in all versions up to, and including, 2.7.2. This makes it possible for authenticated attackers, with...

6.5CVSS0.00214EPSS
Exploits0References4
NVD
NVD
added 2025/05/01 3:15 p.m.18 views

CVE-2022-49765

In the Linux kernel, the following vulnerability has been resolved: net/9p: use a dedicated spinlock for transfd Shamelessly copying the explanation from Tetsuo Handa's suggested patch1 slightly reworded: syzbot is reporting inconsistent lock state in p9reqput2, for p9tagremove from p9reqput from...

5.5CVSS0.00124EPSS
Exploits0References3
OSV
OSV
added 2025/05/01 2:9 p.m.12 views

CVE-2022-49765 net/9p: use a dedicated spinlock for trans_fd

In the Linux kernel, the following vulnerability has been resolved: net/9p: use a dedicated spinlock for transfd Shamelessly copying the explanation from Tetsuo Handa's suggested patch1 slightly reworded: syzbot is reporting inconsistent lock state in p9reqput2, for p9tagremove from p9reqput from...

5.5CVSS5AI score0.00124EPSS
Exploits0References6
Code423n4
Code423n4
added 2022/03/30 12:0 a.m.13 views

Borrower funds can get stuck

Lines of code Vulnerability details Impact If request status is expired then full borrower collateral amount will get stuck as withdrawableCollateral will always be 0 even though borrower has repaid 90% of the amount Proof of Concept 1. User A deposit collateral against his request using...

7AI score
Exploits0
Veracode
Veracode
added 2020/04/10 12:28 a.m.34 views

CRLF Injection

Xterm is vulnerable to CRLF Injection. A flaw was found in the xterm handling of Device Control Request Status String DECRQSS escape sequences. An attacker could create a malicious text file or log entry, if unfiltered that could run arbitrary commands if read by a victim inside an xterm window...

9.3CVSS3AI score0.04974EPSS
Exploits0References32Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/03/17 12:0 a.m.14 views

Fedora 20 : ReviewBoard-1.7.22-2.fc20 (2014-3446)

New upstream security release 1.7.22 - http://www.reviewboard.org/docs/releasenotes/reviewboa rd/1.7.22/ - Security Fixes : - An XSS vulnerability was found in the Search field's auto-complete. - New Features : - Added support for anonymous access to public Local Sites. - Added support for...

5.5AI score
Exploits0References2
OpenVAS
OpenVAS
added 2011/08/09 12:0 a.m.24 views

CentOS Update for xterm-215-5.el5 CESA-2009:0018 centos5 i386

Check for the Version of xterm-215-5.el5 OpenVAS Vulnerability Test CentOS Update for xterm-215-5.el5 CESA-2009:0018 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

9.3CVSS7.4AI score0.04974EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2009/01/16 12:0 a.m.57 views

Fedora 9 : xterm-238-1.fc9 (2009-0059)

This update fixes the following security issue: CRLF injection vulnerability in xterm allows user-assisted attackers to execute arbitrary commands via LF aka \n characters surrounding a command name within a Device Control Request Status String DECRQSS escape sequence in a text file, a related...

9.3CVSS5.5AI score0.04974EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2009/01/07 12:0 a.m.55 views

Fedora Core 9 FEDORA-2009-0059 (xterm)

The remote host is missing an update to xterm announced via advisory FEDORA-2009-0059. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

9.3CVSS7.6AI score0.04974EPSS
Exploits0References2
Prion
Prion
added 2009/01/02 6:11 p.m.24 views

Crlf injection

CRLF injection vulnerability in xterm allows user-assisted attackers to execute arbitrary commands via LF aka \n characters surrounding a command name within a Device Control Request Status String DECRQSS escape sequence in a text file, a related issue to CVE-2003-0063 and CVE-2003-0071...

9.3CVSS7.9AI score0.04974EPSS
Exploits0References28
Cvelist
Cvelist
added 2009/01/02 12:0 a.m.37 views

CVE-2008-2383

CRLF injection vulnerability in xterm allows user-assisted attackers to execute arbitrary commands via LF aka \n characters surrounding a command name within a Device Control Request Status String DECRQSS escape sequence in a text file, a related issue to CVE-2003-0063 and CVE-2003-0071...

8.3AI score0.04974EPSS
Exploits0References28
Rows per page
Query Builder