Lucene search
K

2088 matches found

cvelist
cvelist
added 2026/05/01 2:14 p.m.31 views

CVE-2026-31765 drm/amdgpu: Change AMDGPU_VA_RESERVED_TRAP_SIZE to 64KB

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Change AMDGPUVARESERVEDTRAPSIZE to 64KB Currently, AMDGPUVARESERVEDTRAPSIZE is hardcoded to 8KB, while KFDCWSRTBATMASIZE is defined as 2 PAGESIZE. On systems with 4K pages, both values match 8KB, so allocation and...

0.00122EPSS
Exploits0References4
debiancve
debiancve
added 2026/05/01 2:14 p.m.4 views

CVE-2026-31765

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Change AMDGPUVARESERVEDTRAPSIZE to 64KB Currently, AMDGPUVARESERVEDTRAPSIZE is hardcoded to 8KB, while KFDCWSRTBATMASIZE is defined as 2 PAGESIZE. On systems with 4K pages, both values match 8KB, so allocation and...

5.5CVSS5.7AI score0.00122EPSS
Exploits0
ptsecurity
ptsecurity
added 2026/05/01 12:0 a.m.7 views

PT-2026-36400

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Change AMDGPU VA RESERVED TRAP SIZE to 64KB Currently, AMDGPU VA RESERVED TRAP SIZE is hardcoded to 8KB, while KFD CWSR TBA TMA SIZE is defined as 2 PAGE SIZE. On systems with 4K pages, both values match 8KB, so...

5.8AI score0.00122EPSS
Exploits0References5
attackerkb
attackerkb
added 2026/04/30 4:30 p.m.5 views

CVE-2025-13890

REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2025-12494. Reason: This candidate is a reservation duplicate of CVE-2025-12494. Notes: All CVE users should reference CVE-2025-12494 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

4.3CVSS5.3AI score0.00215EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/04/24 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an error in the hash calculation of the fault mutex lock in the mmuserfaultfd mechanism. This err...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/04/21 1:22 a.m.7 views

CVE-2026-29642

A local attacker who can execute privileged CSR operations or can induce firmware to do so performs carefully crafted reads/writes to menvcfg e.g., csrrs in M-mode. On affected XiangShan versions commit aecf601e803bfd2371667a3fb60bfcd83c333027, 2024-11-19, these menvcfg accesses can unexpectedly...

7.8CVSS5.8AI score0.00112EPSS
Exploits0References1
nessus
nessus
added 2026/04/21 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013360)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013360 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/mm/identmap: Use gbpages only where full GB page should be mapped. When identpudinit uses onl...

5.5CVSS6.7AI score0.0022EPSS
Exploits0References3
snyk
snyk
added 2026/04/17 10:20 p.m.4 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass via the service invocation access control process. An attacker can bypass access control policies and invoke unauthorized methods by submitting specially crafted method paths containing encoded path traversal...

8.6CVSS5.8AI score0.00325EPSS
Exploits0References3
snyk
snyk
added 2026/04/17 10:20 p.m.3 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass via the service invocation access control process. An attacker can bypass access control policies and invoke unauthorized methods by submitting specially crafted method paths containing encoded path traversal...

8.6CVSS5.8AI score0.00325EPSS
Exploits0References3
snyk
snyk
added 2026/04/17 10:20 p.m.4 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass via the service invocation access control process. An attacker can bypass access control policies and invoke unauthorized methods by submitting specially crafted method paths containing encoded path traversal...

8.6CVSS5.8AI score0.00325EPSS
Exploits0References3
snyk
snyk
added 2026/04/17 10:20 p.m.2 views

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass via the service invocation access control process. An attacker can bypass access control policies and invoke unauthorized methods by submitting specially crafted method paths containing encoded path traversal...

8.6CVSS5.8AI score0.00325EPSS
Exploits0References3
cvelist
cvelist
added 2026/04/07 10:11 p.m.21 views

CVE-2026-39936 Stored XSS in Score due to usage of non-reserved data attributes

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in The Wikimedia Foundation Mediawiki - Score Extension allows Cross-Site Scripting XSS. The issue has been remediated on the master branch, and in the release branches for MediaWiki versions 1.43,...

6.9CVSS0.00268EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/03/26 3:17 p.m.5 views

CVE-2026-32019

OpenClaw versions prior to 2026.2.22 contain incomplete IPv4 special-use range validation in the isPrivateIpv4 function, allowing requests to RFC-reserved ranges to bypass SSRF policy checks. Attackers with network reachability to special-use IPv4 ranges can exploit webfetch functionality to acce...

7.4CVSS5.8AI score0.00206EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/03/25 11:26 p.m.5 views

CVE-2026-23335

A flaw was found in the Linux kernel's RDMA/irdma component. This vulnerability, located in the irdmacreateuserah function, is caused by uninitialized reserved memory. An attacker could potentially exploit this to leak 4 bytes of sensitive stack memory, leading to information disclosure...

3.3CVSS5.7AI score0.00123EPSS
Exploits0References4
susecve
susecve
added 2026/03/25 4:56 p.m.8 views

SUSE CVE-2026-23335

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix kernel stack leak in irdmacreateuserah struct irdmacreateahresp // 8 bytes, no padding u32 ahid; // offset 0 - SET uresp.ahid = ah-scah.ahinfo.ahidx u8 rsvd4; // offset 4 - NEVER SET - LEAK ; rsvd4: 4 bytes of sta...

3.3CVSS5.7AI score0.00123EPSS
Exploits0References15
nvd
nvd
added 2026/03/25 11:16 a.m.6 views

CVE-2026-23352

In the Linux kernel, the following vulnerability has been resolved: x86/efi: defer freeing of boot services memory efifreebootservices frees memory occupied by EFIBOOTSERVICESCODE and EFIBOOTSERVICESDATA using memblockfreelate. There are two issue with that: memblockfreelate should be used for...

5.5CVSS0.00125EPSS
Exploits0References9
attackerkb
attackerkb
added 2026/03/25 10:27 a.m.5 views

CVE-2026-23352

In the Linux kernel, the following vulnerability has been resolved: x86/efi: defer freeing of boot services memory efifreebootservices frees memory occupied by EFIBOOTSERVICESCODE and EFIBOOTSERVICESDATA using memblockfreelate. There are two issue with that: memblockfreelate should be used for...

5.5AI score0.00125EPSS
Exploits0References10Affected Software1
cve
cve
added 2026/03/25 10:27 a.m.18 views

CVE-2026-23335

CVE-2026-23335: Linux kernel RDMA/irdma create_user_ah() leak resolved. Root cause: the irdma_create_ah_resp struct contained 4 bytes (rsvd) that were never zeroed, leaking stack memory prior to ib_respond_udata(). Affected code paths thus exposed uninitialized stack content (4 bytes) in the resp...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References7Affected Software1
osv
osv
added 2026/03/23 6:14 p.m.5 views

GO-2026-4746 Mattermost fails to canonicalize IPv4-mapped IPv6 addresses before reserved IP validation in github.com/mattermost/mattermost-server

Mattermost fails to canonicalize IPv4-mapped IPv6 addresses before reserved IP validation in github.com/mattermost/mattermost-server. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing...

4.3CVSS5.8AI score0.00165EPSS
Exploits0References4
nvd
nvd
added 2026/03/19 10:16 p.m.5 views

CVE-2026-32019

OpenClaw versions prior to 2026.2.22 contain incomplete IPv4 special-use range validation in the isPrivateIpv4 function, allowing requests to RFC-reserved ranges to bypass SSRF policy checks. Attackers with network reachability to special-use IPv4 ranges can exploit webfetch functionality to acce...

7.4CVSS0.00206EPSS
Exploits0References6
Rows per page
Query Builder