Lucene search
K

148 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux

A issue was discovered in the Linux kernel through version 5.11.x. The kernel/bpf/verifier.c file contains unwanted out-of-bounds speculation during pointer arithmetic operations, which allows for side-channel attacks that circumvent Spectre mitigations and extract sensitive information from kern...

5.5CVSS6.4AI score0.01071EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/09 6:45 p.m.18 views

CVE-2026-34971 Wasmtime miscompiled guest heap access enables sandbox escape on aarch64 Cranelift

Wasmtime is a runtime for WebAssembly. From 32.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Cranelift compilation backend contains a bug on aarch64 when performing a certain shape of heap accesses which means that the wrong address is accessed. When combined with explicit bounds checks a...

9CVSS0.00319EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001549)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001549 advisory. An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out- of-bounds speculation on pointer arithmetic, leading to...

4.7CVSS6.9AI score0.00565EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004786)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004786 advisory. The Linux kernel allows userspace processes to enable mitigations by calling prctl with PRSETSPECULATIONCTRL which disables the speculation feature as well as by usi...

5.6CVSS6.7AI score0.01377EPSS
Exploits3References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2020-19694

Malware in sbrugna...

4.7CVSS7AI score0.00565EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414671)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414671 advisory. An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by-one error with a resultant integer underflow affecting out-of-bounds...

6CVSS6.9AI score0.00577EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-9793

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A mechanism was discovered that removes some bounds checking for string, array, or typed array accesses if Spectre mitigations have been disabled. This...

5.9CVSS7.5AI score0.0163EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2024/06/27 1:47 p.m.1096 views

Exploit for Out-of-bounds Write in Mozilla Firefox

CVE-2024-29943 A Pwn2Own SpiderMonkey JIT Bug: From Integer R...

9.8CVSS9.4AI score0.22935EPSS
Exploits2
OSV
OSV
added 2024/04/19 1:23 p.m.6 views

USN-6739-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities

It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service system crash. CVE-2022-20422 Wei Chen discovered that a race condition existed in the TIPC protocol implementation in...

7.8CVSS6.8AI score0.01377EPSS
Exploits4References18
Tenable Nessus
Tenable Nessus
added 2024/03/21 12:0 a.m.30 views

EulerOS Virtualization 2.9.1 : mozjs60 (EulerOS-SA-2024-1458)

According to the versions of the mozjs60 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an...

9.3CVSS8.5AI score0.37951EPSS
Exploits8References6
OpenVAS
OpenVAS
added 2024/03/21 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for mozjs60 (EulerOS-SA-2024-1473)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS8.3AI score0.37951EPSS
Exploits8References4
Tenable Nessus
Tenable Nessus
added 2024/03/21 12:0 a.m.29 views

EulerOS Virtualization 2.9.0 : mozjs60 (EulerOS-SA-2024-1473)

According to the versions of the mozjs60 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an...

9.3CVSS8.5AI score0.37951EPSS
Exploits8References6
OSV
OSV
added 2024/03/20 10:11 p.m.5 views

USN-6701-2 linux-gcp, linux-gcp-4.15 vulnerabilities

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 It was discovered that the NVIDIA Tegra...

7.8CVSS6.9AI score0.28058EPSS
Exploits18References13
OSV
OSV
added 2024/03/18 11:43 p.m.8 views

USN-6701-1 linux, linux-aws, linux-hwe, linux-kvm, linux-oracle vulnerabilities

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service bluetooth communication. CVE-2023-2002 It was discovered that the NVIDIA Tegra...

7.8CVSS6.9AI score0.28058EPSS
Exploits18References13
OpenVAS
OpenVAS
added 2024/02/09 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for mozjs60 (EulerOS-SA-2024-1201)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS8.3AI score0.37951EPSS
Exploits8References4
Tenable Nessus
Tenable Nessus
added 2024/02/08 12:0 a.m.30 views

EulerOS 2.0 SP9 : mozjs60 (EulerOS-SA-2024-1181)

According to the versions of the mozjs60 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable cras...

9.3CVSS8.5AI score0.37951EPSS
Exploits8References6
Tenable Nessus
Tenable Nessus
added 2024/02/08 12:0 a.m.28 views

EulerOS 2.0 SP9 : mozjs60 (EulerOS-SA-2024-1201)

According to the versions of the mozjs60 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable cras...

9.3CVSS8.5AI score0.37951EPSS
Exploits8References6
OSV
OSV
added 2024/01/09 6:41 p.m.12 views

USN-6548-4 linux-gkeop vulnerabilities

It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. CVE-2023-3006 It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors i...

8.8CVSS6.8AI score0.09141EPSS
Exploits4References11
OSV
OSV
added 2023/12/13 2:9 p.m.11 views

USN-6548-3 linux-oracle vulnerabilities

It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. CVE-2023-3006 It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors i...

8.8CVSS6.8AI score0.09141EPSS
Exploits4References11
OSV
OSV
added 2023/12/12 8:36 p.m.6 views

USN-6548-2 linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities

It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. CVE-2023-3006 It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors i...

8.8CVSS6.8AI score0.09141EPSS
Exploits4References11
Rows per page
Query Builder