12709 matches found
CVE-2026-31539
In the Linux kernel, the following vulnerability has been resolved: smb: smbdirect: introduce smbdirectsocket.recvio.credits.available The logic off managing recv credits by counting posted recvio and granted credits is racy. That's because the peer might already consumed a credit, but between...
CVE-2026-31539
In the Linux kernel, the following vulnerability has been resolved: smb: smbdirect: introduce smbdirectsocket.recvio.credits.available The logic off managing recv credits by counting posted recvio and granted credits is racy. That's because the peer might already consumed a credit, but between...
CVE-2026-31537
In the Linux kernel SMB server, CVE-2026-31537 arises from improper handling of smbdirect_socket.send_io.bcredits, which can corrupt the stream of reassembled data transfer messages when triggering an immediate (empty) send. The fix introduces a single batch credit per connection; code obtaining ...
CVE-2026-31537
In the Linux kernel, the following vulnerability has been resolved: smb: server: make use of smbdirectsocket.sendio.bcredits It turns out that our code will corrupt the stream of reassabled data transfer messages when we trigger an immendiate empty send. In order to fix this we'll have a single...
EUVD-2026-25428
In the Linux kernel, the following vulnerability has been resolved: smb: client: make use of smbdirectsocket.recvio.credits.available The logic off managing recv credits by counting posted recvio and granted credits is racy. That's because the peer might already consumed a credit, but between...
CVE-2026-31535
In the Linux kernel, the following vulnerability has been resolved: smb: client: make use of smbdirectsocket.recvio.credits.available The logic off managing recv credits by counting posted recvio and granted credits is racy. That's because the peer might already consumed a credit, but between...
SUSE CVE-2026-31532
In the Linux kernel, the following vulnerability has been resolved: can: raw: fix ro-uniq use-after-free in rawrcv rawrelease unregisters raw CAN receive filters via canrxunregister, but receiver deletion is deferred with callrcu. This leaves a window where rawrcv may still be running in an RCU...
CVE-2026-42095
bookserver in KDE Arianna before 26.04.1 allows attackers to read files over a socket connection by guessing a URL...
CVE-2026-42095
bookserver in KDE Arianna before 26.04.1 allows attackers to read files over a socket connection by guessing a URL...
📄 LuaJIT 2.1.1774638290 FFI Remote Code Execution / Lua Injection
This script is a LuaJIT exploitation tool that attempts to abuse the LuaJIT FFI Foreign Function Interface to execute system commands or arbitrary shellcode on a remote Lua runtime exposed over a TCP socket. It connects to a target service, injects Lua code dynamically, and leverages unsafe FFI...
PT-2026-34894
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the x86 platform UV component where deconfigured sockets are mapped to SOCK EMPTY 0xffff. This mapping leads to a system panic during the allocation of UV hub info...
PT-2026-34968
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the USB gadget Phonet function where a USB host can cause an overflow of the skb shared info-frags array. This occurs when the host sends an unbounded sequence of...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a failure in DMA mapping in the altera-tse driver, resulting in the skb objects not being release...
PT-2026-34981
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the NFC LLCP component. In the functions nfc llcp recv hdlc and nfc llcp recv disc, when the socket state is LLCP CLOSED, the code calls release sock and...
CVE-2026-42095
bookserver in KDE Arianna before 26.04.1 allows attackers to read files over a socket connection by guessing a URL...
Arianna 访问控制错误漏洞
Arianna is an open-source e-book reading tool developed by KDE’s GitHub mirror. Versions of Arianna prior to 26.04.1 contained a access control error vulnerability. This vulnerability stemmed from the bookserver’s ability to allow attackers to read files by guessing the socket connection to the U...
PT-2026-34879
Name of the Vulnerable Software and Affected Versions bookserver in KDE Arianna versions prior to 26.04.1 Description An issue in bookserver allows attackers to read files over a socket connection by guessing a URL. Recommendations Update to version 26.04.1...
Linux Distros Unpatched Vulnerability : CVE-2026-31542
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86/platform/uv: Handle deconfigured sockets When a socket is deconfigured, it's mapped to SOCKEMPTY 0xffff. This causes a panic while allocating UV hub info...
CVE-2026-42095
CVE-2026-42095 affects bookserver in KDE Arianna up to version 26.04.0 (pre-26.04.1). Affected component allows an attacker with local access to read arbitrary files by guessing a URL over a socket connection, as described in the vulnerability description. Root cause: insufficient access control ...
PT-2026-35012
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the NFC PN533 component where the pn532 receive buf function may fail to allocate a fresh receive buffer before consuming bytes. If the alloc skb function fails, the...