Lucene search
K

12709 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/24 2:30 p.m.2 views

CVE-2026-31539

In the Linux kernel, the following vulnerability has been resolved: smb: smbdirect: introduce smbdirectsocket.recvio.credits.available The logic off managing recv credits by counting posted recvio and granted credits is racy. That's because the peer might already consumed a credit, but between...

5.4AI score0.00426EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2026/04/24 2:30 p.m.5 views

CVE-2026-31539

In the Linux kernel, the following vulnerability has been resolved: smb: smbdirect: introduce smbdirectsocket.recvio.credits.available The logic off managing recv credits by counting posted recvio and granted credits is racy. That's because the peer might already consumed a credit, but between...

7.5CVSS5.3AI score0.00426EPSS
Exploits0
CVE
CVE
added 2026/04/24 2:30 p.m.16 views

CVE-2026-31537

In the Linux kernel SMB server, CVE-2026-31537 arises from improper handling of smbdirect_socket.send_io.bcredits, which can corrupt the stream of reassembled data transfer messages when triggering an immediate (empty) send. The fix introduces a single batch credit per connection; code obtaining ...

5.5CVSS5.5AI score0.00121EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/04/24 2:30 p.m.6 views

CVE-2026-31537

In the Linux kernel, the following vulnerability has been resolved: smb: server: make use of smbdirectsocket.sendio.bcredits It turns out that our code will corrupt the stream of reassabled data transfer messages when we trigger an immendiate empty send. In order to fix this we'll have a single...

5.5CVSS5.4AI score0.00121EPSS
Exploits0
EUVD
EUVD
added 2026/04/24 2:30 p.m.4 views

EUVD-2026-25428

In the Linux kernel, the following vulnerability has been resolved: smb: client: make use of smbdirectsocket.recvio.credits.available The logic off managing recv credits by counting posted recvio and granted credits is racy. That's because the peer might already consumed a credit, but between...

5.4AI score0.00088EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/24 2:30 p.m.4 views

CVE-2026-31535

In the Linux kernel, the following vulnerability has been resolved: smb: client: make use of smbdirectsocket.recvio.credits.available The logic off managing recv credits by counting posted recvio and granted credits is racy. That's because the peer might already consumed a credit, but between...

5.4AI score0.00088EPSS
Exploits0References4Affected Software1
SUSE CVE
SUSE CVE
added 2026/04/24 1:29 a.m.7 views

SUSE CVE-2026-31532

In the Linux kernel, the following vulnerability has been resolved: can: raw: fix ro-uniq use-after-free in rawrcv rawrelease unregisters raw CAN receive filters via canrxunregister, but receiver deletion is deferred with callrcu. This leaves a window where rawrcv may still be running in an RCU...

6.4CVSS5.7AI score0.00124EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/04/24 12:0 a.m.35 views

CVE-2026-42095

bookserver in KDE Arianna before 26.04.1 allows attackers to read files over a socket connection by guessing a URL...

4CVSS0.00161EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/24 12:0 a.m.3 views

CVE-2026-42095

bookserver in KDE Arianna before 26.04.1 allows attackers to read files over a socket connection by guessing a URL...

4CVSS5.2AI score0.00161EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2026/04/24 12:0 a.m.80 views

📄 LuaJIT 2.1.1774638290 FFI Remote Code Execution / Lua Injection

This script is a LuaJIT exploitation tool that attempts to abuse the LuaJIT FFI Foreign Function Interface to execute system commands or arbitrary shellcode on a remote Lua runtime exposed over a TCP socket. It connects to a target service, injects Lua code dynamically, and leverages unsafe FFI...

6.3AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.8 views

PT-2026-34894

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the x86 platform UV component where deconfigured sockets are mapped to SOCK EMPTY 0xffff. This mapping leads to a system panic during the allocation of UV hub info...

7.8CVSS5.8AI score0.00378EPSS
Exploits0References118
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.12 views

PT-2026-34968

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the USB gadget Phonet function where a USB host can cause an overflow of the skb shared info-frags array. This occurs when the host sends an unbounded sequence of...

9.8CVSS5.3AI score0.00525EPSS
Exploits0References398
CNNVD
CNNVD
added 2026/04/24 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a failure in DMA mapping in the altera-tse driver, resulting in the skb objects not being release...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.7 views

PT-2026-34981

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the NFC LLCP component. In the functions nfc llcp recv hdlc and nfc llcp recv disc, when the socket state is LLCP CLOSED, the code calls release sock and...

8.8CVSS5.6AI score0.00224EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/04/24 12:0 a.m.5 views

CVE-2026-42095

bookserver in KDE Arianna before 26.04.1 allows attackers to read files over a socket connection by guessing a URL...

4CVSS5.2AI score0.00161EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/24 12:0 a.m.11 views

Arianna 访问控制错误漏洞

Arianna is an open-source e-book reading tool developed by KDE’s GitHub mirror. Versions of Arianna prior to 26.04.1 contained a access control error vulnerability. This vulnerability stemmed from the bookserver’s ability to allow attackers to read files by guessing the socket connection to the U...

4CVSS5.8AI score0.00161EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.13 views

PT-2026-34879

Name of the Vulnerable Software and Affected Versions bookserver in KDE Arianna versions prior to 26.04.1 Description An issue in bookserver allows attackers to read files over a socket connection by guessing a URL. Recommendations Update to version 26.04.1...

4CVSS5.2AI score0.00161EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/04/24 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-31542

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86/platform/uv: Handle deconfigured sockets When a socket is deconfigured, it's mapped to SOCKEMPTY 0xffff. This causes a panic while allocating UV hub info...

5.5CVSS6.2AI score0.00122EPSS
Exploits0References3
CVE
CVE
added 2026/04/24 12:0 a.m.14 views

CVE-2026-42095

CVE-2026-42095 affects bookserver in KDE Arianna up to version 26.04.0 (pre-26.04.1). Affected component allows an attacker with local access to read arbitrary files by guessing a URL over a socket connection, as described in the vulnerability description. Root cause: insufficient access control ...

4CVSS5.2AI score0.00161EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.6 views

PT-2026-35012

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the NFC PN533 component where the pn532 receive buf function may fail to allocate a fresh receive buffer before consuming bytes. If the alloc skb function fails, the...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References20
Rows per page
Query Builder