Lucene search
K

2886 matches found

FreeBSD
FreeBSD
added 2026/06/09 12:0 a.m.6 views

FreeBSD -- Missing permission check in thr_kill2(2)

Problem Description: When used to deliver a signal to a specific thread, thrkill22 called pcansignal to determine whether the operation was permitted but did not check the result before delivering the signal. The signal was sent even when the permission check failed. The system call returned the...

5.5CVSS5.6AI score0.00092EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/08 6:34 p.m.10 views

CVE-2026-46307

A flaw was found in the Linux kernel's ath5k Wi-Fi driver. This vulnerability allows for an array-index-out-of-bounds write in the ath5ktasklettx function. An attacker could potentially trigger this by manipulating specific index values, leading to a minor data corruption. The immediate impact of...

8.3CVSS5.5AI score0.0022EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:41 p.m.11 views

CVE-2025-47407

Memory corruption while creating a process on the digital signal processor due to allocation failure at the kernel level...

7.8CVSS5.5AI score0.00054EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.9 views

CVE-2026-21997

Vulnerability in the Oracle Life Sciences Empirica Signal product of Oracle Life Science Applications component: Common Core. Supported versions that are affected are 9.2.1-9.2.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Lif...

8.5CVSS7.4AI score0.00202EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.9 views

CVE-2026-6272

A client holding only a read JWT scope can still register itself as a signal provider through the production kuksa.val.v2 OpenProviderStream API by sending ProvideSignalRequest. 1. Obtain any valid token with only read scope. 2. Connect to the normal production gRPC API kuksa.val.v2. 3. Open...

8.5CVSS5.5AI score0.00269EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:12 p.m.11 views

CVE-2026-39959

Tmds.DBus provides .NET libraries for working with D-Bus from .NET. Tmds.DBus and Tmds.DBus.Protocol are vulnerable to malicious D-Bus peers. A peer on the same bus can spoof signals by impersonating the owner of a well-known name, exhaust system resources or cause file descriptor spillover by...

7.1CVSS5.5AI score0.00124EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/03 7:37 p.m.7 views

kernel: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit

In the Linux kernel, the following vulnerability has been resolved: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit The following setup can trigger a WARNING in htbactivate due to the condition: !cl-leaf.q-q.qlen tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb...

7.8CVSS6.6AI score0.00168EPSS
Exploits0References5
OSV
OSV
added 2026/06/03 1:16 a.m.7 views

UBUNTU-CVE-2026-9516

Cpanel::JSON::XS versions before 4.41 for Perl allow denial of service via UTF-8 BOM prefixed input when a decode filter callback throws. To skip a leading 3-byte UTF-8 BOM, decodejson advances the input scalar's string pointer past the mark with SvPVset and restores it only on the normal return...

7.5CVSS5.4AI score0.00375EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/03 12:15 a.m.8 views

CVE-2026-9516

Cpanel::JSON::XS versions before 4.41 for Perl allow denial of service via UTF-8 BOM prefixed input when a decode filter callback throws. To skip a leading 3-byte UTF-8 BOM, decodejson advances the input scalar's string pointer past the mark with SvPVset and restores it only on the normal return...

7.5CVSS5.9AI score0.00375EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-46073

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hwmon: powerz Fix missing usbkillurb on signal interrupt waitforcompletioninterruptibletimeout returns -ERESTARTSYS when interrupted. This needs to abort the UR...

5.5CVSS6.2AI score0.00122EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/02 10:0 a.m.11 views

Malicious code in bt-signal-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d56152c37c3a078b771d2578dd86495783b51b886c96aa7ebb66a7ec36d72a24 During import, package exfiltrates environment variables and cloud tokens to a hardcoded location. --- Category: MALICIOUS - The campaign has clearly malicious...

5.8AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/01 10:35 p.m.14 views

kernel: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit

In the Linux kernel, the following vulnerability has been resolved: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit The following setup can trigger a WARNING in htbactivate due to the condition: !cl-leaf.q-q.qlen tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb...

7.8CVSS6.6AI score0.00168EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/01 10:5 p.m.28 views

CVE-2026-25260 Time-of-check Time-of-use (TOCTOU) Race Condition in DSP Service

Memory Corruption when accessing shared buffers without validation of concurrent user-mode input modifications...

7.8CVSS0.00052EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/01 10:5 p.m.31 views

CVE-2026-25259 Out-of-bounds Write in DSP Service

Memory corruption while processing multiple IOCTL command for escape operations...

7.8CVSS0.0007EPSS
Exploits0References1
NVD
NVD
added 2026/06/01 5:16 p.m.12 views

CVE-2026-37222

FlexRIC v2.0.0 uses hardcoded assertions to validate Information Element IE counts in decoded E2AP messages. A remote unauthenticated attacker can send a valid E2AP PDU containing an unexpected number of IEs e.g., an E2setupRequest with extra optional fields to crash the near-RT RIC port 36421 or...

7.5CVSS0.00428EPSS
Exploits0References2
NVD
NVD
added 2026/06/01 5:16 p.m.13 views

CVE-2026-37223

FlexRIC v2.0.0 contains a reachable assertion in the iApp message dispatcher. The dispatcher validates incoming E2AP messages against a 9-entry whitelist using assert. A remote unauthenticated attacker can send any decodable E2AP PDU with a message type not in the whitelist to crash the iApp...

7.5CVSS0.00437EPSS
Exploits0References2
NVD
NVD
added 2026/06/01 5:16 p.m.12 views

CVE-2026-37227

FlexRIC v2.0.0 contains reachable assert0 calls in stub message handlers for whitelisted but unimplemented E2AP message types in the near-RT RIC. A remote unauthenticated attacker can send a decodable E2AP PDU of such a type e.g., E2nodeConfigurationUpdate to crash the near-RT RIC process port...

7.5CVSS0.00415EPSS
Exploits0References2
OSV
OSV
added 2026/06/01 1:1 p.m.3 views

SUSE-SU-2026:21946-1 Security update for libsoup

This update for libsoup fixes the following issue - CVE-2026-4271: use-after-free in the HTTP/2 server when user signal handlers disconnect connections during callback execution bsc1259767...

7.5CVSS5.9AI score0.00829EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/06/01 12:0 a.m.28 views

CVE-2026-37223

FlexRIC v2.0.0 contains a reachable assertion in the iApp message dispatcher. The dispatcher validates incoming E2AP messages against a 9-entry whitelist using assert. A remote unauthenticated attacker can send any decodable E2AP PDU with a message type not in the whitelist to crash the iApp...

0.00437EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/01 12:0 a.m.31 views

CVE-2026-37227

FlexRIC v2.0.0 contains reachable assert0 calls in stub message handlers for whitelisted but unimplemented E2AP message types in the near-RT RIC. A remote unauthenticated attacker can send a decodable E2AP PDU of such a type e.g., E2nodeConfigurationUpdate to crash the near-RT RIC process port...

0.00415EPSS
Exploits0References2
Rows per page
Query Builder