Lucene search
K

822 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: crypto: safexcel – Added error handling for dmamapsg calls. The macro dmamapsg function may return 0 in case of an error. This patch enables checks in case of a macro failure and ensures that previously mapped buffers are unmappe...

5.5CVSS6.2AI score0.00232EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/via: Avoid potential array out-of-bound access in addsecretdacpath The sndhdagetconnections function may return a negative error code. This could lead to accessing the ‘conn’ array at a negative index. This issue was...

7.8CVSS6.3AI score0.00261EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: A problem with uninitialized size values was fixed in radeonvcecsparse. In the unlikely event that the command stream passed from user space via the ioctl call to radeonvcecsParse is maliciously crafted, and the first...

5.5CVSS6.2AI score0.00188EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed an integer overflow issue while processing the acdirmax mount option. The user-provided mount parameter acdirmax, of type u32, is intended to have an upper limit. However, before this limit is validated, the value is...

5.5CVSS6.3AI score0.00178EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: The risk of out-of-memory access has been prevented. The dvbdev device contains a static variable used to store dvb minors. Its behavior depends on whether CONFIGDVBDYNAMICMINORS is set or not. When it is not set,...

5.5CVSS6.2AI score0.00272EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.76 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mfd: ene-kb3930: Fixed a potential NULL pointer derefrence issue. The “offgpios” parameter could potentially be NULL. A missing check was added in the “kb3930probe” function. This is similar to the issue fixed in commit...

5.5CVSS6.2AI score0.00176EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Ring-buffer: Fixed the possibility of dereferencing an uninitialized pointer. There is a pointer called headpage in the function rbmetavalidateevents, which is not initialized at the beginning of the function. This pointer can be...

5.5CVSS5.7AI score0.00115EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/05/20 12:0 a.m.7 views

angr 9.2.216

angr is an open-source binary analysis platform for Python. It combines both static and dynamic symbolic "concolic" analysis, providing tools to solve a variety of tasks...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/20 12:0 a.m.10 views

FuzzingBrain V2: A Multi-Agent LLM System for Automated Vulnerability Discovery and Reproduction

Software vulnerabilities pose critical security threats, with nearly 50,000 CVEs reported in 2025. While Large Language Models LLMs show promise for automated vulnerability detection, three key challenges remain. First, LLM-generated vulnerability reports suffer from high false positive rates and...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/15 12:0 a.m.12 views

Compile-Time Security Analysis and Optimization of Sensitive String Producers

Content composition vulnerabilities remain among the most prevalent and persistent classes of security weakness in deployed software. Prior mitigations, including developer training, static analysis tools, and domain-specific template languages, each face diminishing returns; AI code generation...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/14 12:0 a.m.26 views

Veritas: A Semantically Grounded Agentic Framework for Memory Corruption Vulnerability Detection in Binaries

Detecting memory corruption vulnerabilities in stripped binaries requires recovering object semantics, interprocedural propagation, and feasible triggers from low-level, lossy representations. Recent LLM-based approaches improve code understanding, but reliable detection still requires grounding ...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/13 12:0 a.m.10 views

angr 9.2.215

angr is an open-source binary analysis platform for Python. It combines both static and dynamic symbolic "concolic" analysis, providing tools to solve a variety of tasks...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/13 12:0 a.m.14 views

Security Incentivization: An Empirical Study of How Micropayments Impact Code Security

Security often receives insufficient developer attention because it does not directly generate visible value, leading to underinvestment in practice. We evaluate a countermeasure by team-level incentives tied to measurable security improvements over time. Our semi-automated mechanism aggregates...

5.8AI score
Exploits0
GithubExploit
GithubExploit
added 2026/05/11 4:17 a.m.114 views

strix-advanced

⚡ Strix-Advanced AI-Powered Security Testing Platform An...

5.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/09 12:0 a.m.15 views

PT-2026-39402

Name of the Vulnerable Software and Affected Versions Yii Framework versions prior to 2.0.55 Description Internal variables in the View::renderPhpFile and ErrorHandler::renderFile functions are not isolated, which can lead to parameter collisions that allow the overriding of included file paths...

7.4CVSS5.8AI score0.00442EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/08 3:31 p.m.12 views

EUVD-2026-28738

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix memory leak in xhcidisableslot xhcialloccommand allocates a command structure and, when the second argument is true, also allocates a completion structure. Currently, the error handling path in xhcidisableslot only...

5.8AI score0.00123EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2026/05/08 2:22 p.m.5 views

CVE-2026-43432

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix memory leak in xhcidisableslot xhcialloccommand allocates a command structure and, when the second argument is true, also allocates a completion structure. Currently, the error handling path in xhcidisableslot only...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2026/05/08 2:22 p.m.24 views

CVE-2026-43432

CVE-2026-43432 relates to the Linux kernel USB xHCI driver. The error path in usb/xhci_disable_slot() previously freed only the command structure (via kfree), leaking the associated completion structure. The patch changes the code to call xhci_free_command() , which frees both the command structu...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References8Affected Software1
Packet Storm News
Packet Storm News
added 2026/05/08 12:0 a.m.12 views

On the Security of Research Artifacts

Research artifacts are widely shared to support reproducibility, and artifact evaluation AE has become common at many leading conferences. However, AE mainly checks whether artifacts work as claimed and can be reproduced. It largely overlooks potential security risks. Since these artifacts are...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/08 12:0 a.m.9 views

Longitudinal Analyses of SAST Tools: A CodeQL Case Study

Open-source software OSS pipelines rely on automated static analysis tools to prevent the introduction of vulnerabilities in code. However, there is limited understanding of the efficacy of these tools across the OSS ecosystem over time. In this paper, we introduce a novel method to evaluate stat...

5.9AI score
Exploits0
Rows per page
Query Builder