Lucene search
K

548 matches found

OSV
OSV
added 2026/06/25 9:16 a.m.5 views

UBUNTU-CVE-2026-53239

In the Linux kernel, the following vulnerability has been resolved: xfrm: policy: fix use-after-free on inexact bin in xfrmpolicybyselctx Fix the race by pruning the bin while still holding xfrmpolicylock, before dropping it. Use xfrmpolicyinexactprunebin directly since the lock is already held...

7.8CVSS5.7AI score0.00135EPSS
Exploits0References11
EUVD
EUVD
added 2026/06/25 8:39 a.m.11 views

EUVD-2026-39191

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix use-after-free on firstskb in inputprocesspayload inputprocesspayload stores firstskb into xtfs-ranewskb under droplock when starting partial reassembly, then unlocks and breaks out of the processing loop. The...

5.8AI score0.00418EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53197

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix ABBA deadlock in iptfsdestroystate iptfsdestroystate calls hrtimercancel while holding a spinlock that the timer callback also acquires, leading to an ABBA deadlock on SMP systems. For the output timer iptfstimer...

5.7AI score0.00097EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/06/25 8:38 a.m.29 views

CVE-2026-53158 misc: fastrpc: Fix NULL pointer dereference in rpmsg callback

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix NULL pointer dereference in rpmsg callback A NULL pointer dereference was observed on Hawi at boot when the DSP sends a glink message before fastrpcrpmsgprobe has completed initialization: Unable to handle kern...

0.00176EPSS
Exploits0References8
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: blk-iocost: Use spinlockirqsave in adjustinuseandcalccost. The adjustinuseandcalccost function uses spinlockirq, and IRQ will be enabled when unlocking. A DEADLOCK may occur if other locks are held and IRQs are disabled before...

5.9AI score0.00187EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: SELinux: The use of both GFPKERNEL and GFPATOMIC in convertcontext was enabled. The following warning was triggered in a hardware environment: SELinux: Converting 162 SID table entries... BUG: The sleeping function was called...

6AI score0.00168EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: Use spinlock to avoid hangs. 14696.634553 Task: cat State: D Stack: 0 PID:1613738 PPID:1613735 Flags:0x00000004 14696.638285 Call Trace: 14696.639038 14696.640032 schedule+0x302/0x930 14696.640969 schedule+0x58/0xd0...

5.5CVSS6AI score0.00245EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: RISCV: Fixed a race condition when vmap stack overflow occurs. Currently, when detecting vmap stack overflow, RISCV first switches to the so-called shadow stack, and then uses this shadow stack to call getoverflowstack, in order ...

7CVSS6.4AI score0.00191EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In the isotprcv function, there is a potential issue where race conditions may occur during CAN frame reception. When receiving a CAN frame, the current code logic does not take into account processes that are not actually runnin...

4.7CVSS5.9AI score0.00199EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rustbinder: The spinlock call in rustshrinkfreepage has been removed. When porting Rust Binder to version 6.18, I overlooked including the commit fb56fdf8b9a2 “mm/listlru: split the lock to per-cgroup scope” in the consideration...

5.5CVSS5.4AI score0.00102EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: dma-buf/sw-sync: Do not enable IRQ from syncprintobj. Since the commit a6aa8fca4d79 “dma-buf/sw-sync: Reduce irqsave/irqrestore from known context” was made, it accidentally replaced spinunlockirqrestore with spinunlockirq for bo...

5.5CVSS6.1AI score0.00187EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: Use raw spinlock for cgrlock The smpcallfunction always runs its callback in a hard IRQ context, even when running under PREEMPTRT, where spinlocks may be in a sleeping state. Therefore, we need to use a raw...

5.5CVSS5.8AI score0.00232EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: scsi: ufs: core: mcq: Fix for the deadlock issue caused by &hwq-cqlock When the ufscdhandler function is executed, the CQ event interrupt may enter a waiting state for the same lock. This can occur in ufscdhandlemcqcqevents an...

5.8AI score0.0015EPSS
Exploits0References1
OSV
OSV
added 2026/06/08 5:16 p.m.5 views

UBUNTU-CVE-2026-46298

In the Linux kernel, the following vulnerability has been resolved: pseries/papr-hvpipe: Fix race with interrupt handler While executing -ioctl handler or -release handler, if an interrupt fires on the same cpu, then we can enter into a deadlock. This patch fixes both these handlers to take...

5.3AI score0.00145EPSS
Exploits0References5
CVE
CVE
added 2026/06/08 3:46 p.m.29 views

CVE-2026-46298

CVE-2026-46298 : In the Linux kernel, a race during ioctl or release handling on pseries/papr-hvpipe could deadlock if an interrupt fires on the same CPU. The fix makes the affected lock usage use spin_lock_irqsave/restore to prevent the deadlock. The issue is resolved by the patch in the cited s...

5.5AI score0.00145EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.17 views

PT-2026-47370

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.12-1.1 Description A race condition exists in the pseries/papr-hvpipe component. A deadlock can occur if an interrupt fires on the same CPU whi...

9.1CVSS5.4AI score0.00457EPSS
Exploits1References61
RedhatCVE
RedhatCVE
added 2026/06/05 7:41 p.m.9 views

CVE-2025-58707

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Axiomthemes Spin allows PHP Local File Inclusion. This issue affects Spin: from n/a through 1.8...

8.1CVSS5.5AI score0.00337EPSS
Exploits0References1
NVD
NVD
added 2026/06/02 2:16 p.m.15 views

CVE-2025-58707

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Axiomthemes Spin allows PHP Local File Inclusion. This issue affects Spin: from n/a through 1.8...

8.1CVSS0.00337EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/02 1:48 p.m.12 views

EUVD-2025-210039

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Axiomthemes Spin allows PHP Local File Inclusion. This issue affects Spin: from n/a through 1.8...

8.1CVSS5.8AI score0.00337EPSS
Exploits0References1
CVE
CVE
added 2026/06/02 1:48 p.m.18 views

CVE-2025-58707

The CVE-2025-58707 issue is a Local File Inclusion vulnerability in the WordPress Spin theme (Spin) versions up to 1.8. It arises from improper handling of filenames for include/require statements in a PHP program, enabling PHP LFI. Affected product: Axiomthemes Spin (WordPress Spin theme

8.1CVSS5.8AI score0.00337EPSS
Exploits0References1
Rows per page
Query Builder