Lucene search
K

2894 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.10, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: fs/proc: dotaskstat: The sig-statslock lock is used to gather statistics about threads/children. The locktasksighand function can cause a hard lockup. If NRCPUS threads call dotaskstat at the same time, and the process has...

5.5CVSS5.9AI score0.00213EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Net: Bridge – Use DEVSTATSINC The syzbot/KCSAN reported a data race in the brhandleframefinish function 1. This function can be executed on multiple CPUs without mutual exclusion. It is recommended to use the SMP-safe DEVSTATSINC...

7CVSS5.6AI score0.0019EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: hinic: Avoid kernel hangs in hinicgetstats64 When using the hinic device as a bonding slave device and reading statistics from the master bonding device, the kernel may hang. The kernel panic call trace is as follows: Kernel...

5.5CVSS5.8AI score0.0015EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: workqueue: fixed a data race with the pwq-stats increment KCSAN has identified a data race in kernel/workqueue.c:2598: 1863.554079 ================================================================== 1863.554118 BUG: KCSAN: data-ra...

4.7CVSS5.8AI score0.00086EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Added an increment to the count field in struct tripstats, which represents the number of times the zone’s temperature exceeded the trip point. This increment must be performed in thermaldebugtztripup, for two...

5.5CVSS5.9AI score0.00227EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: spi: Fix for statistics allocation. The controller per-cpu statistics is not allocated until after the controller has been registered with the driver core. This creates a window during which accessing the sysfs attributes may lea...

5.5CVSS4.6AI score0.00123EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: The issue related to GPF in bitmapgetstats has been fixed. The commit message for commit 6ec1f0239485 “md/md-bitmap: fix stats collection for external bitmaps” states: “Remove the external bitmap check, as statistic...

5.5CVSS5.9AI score0.00147EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ipv6/sit: Use DEVSTATSINC to avoid data races. syzbot/KCSAN reported that multiple CPUs are updating dev-stats.txerror concurrently. This occurs because sit tunnels use NETIFFLLTX, which means their ndostartxmit function is not...

5.6AI score0.00209EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: BUG: NULL pointer dereference in the kernel, address: 0000000000000038 RIP efxnicupdatestats Abridged calltrace: efxef10updatestatspf, efxnetstats, devgetstats, devseqprintfstats The issue occurs when trying to retrieve the lates...

5.3AI score0.00215EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: Broadcom – bcm4908enet: Updates TX statistics after actual transmission. Queuing packets does not guarantee their transmission. Updates TX statistics after the hardware confirms that it is consuming the submitted data. This...

5.2AI score0.00166EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mlxsw: Thermal: Fix out-of-bounds memory accesses Currently, mlxsw allows cooling states to be set above the maximum cooling state supported by the driver: bash cat /sys/class/thermal/thermalzone2/cdev0/type mlxswfan cat...

7.3CVSS6.1AI score0.00236EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netsched: Prevent the creation of classes with TCHROOT. The function qdisctreereducebacklog uses TCHROOT as a termination condition when traversing the qdisc tree to update parent backlogs. However, if a class is created with...

5.5CVSS6.2AI score0.00187EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: - tcp: tcpmakesynack can now be called from process context. - tcprtxsynack can now be called in process context, as explained in 0a375c822497 "tcp: tcprtxsynack can be called from process context". - tcprtxsynack may call...

5.5CVSS6.3AI score0.00155EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: In the dmstats function, check for and propagate the allocpercpu failure. Check the return value of allocprecpu, and return an error from dmstatsinit if it fails. Update allocdev to fail if dmstatsinit does so. Otherwise, a NULL...

5.5CVSS5.6AI score0.00168EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.10, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: mwifiex: The chanstats array is initialized to zero. The adapter-chanstats array is initialized in mwifiexinitchannelscangap using vmalloc, which does not zero out the memory. The array is filled in during...

7.1CVSS5.7AI score0.00152EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/18 11:37 p.m.36 views

CVE-2026-12044 pgAdmin 4: SQL injection in COMMENT ON ... IS '<description>' rendering across dialog templates

SQL injection in pgAdmin 4 across every dialog template that renders COMMENT ON ... IS '' for a user-supplied description field. The Jinja templates for Domains and their constraints, Foreign Tables, Languages, and Event Triggers, plus the Views OID-lookup query, interpolated the description...

8.8CVSS0.00489EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/17 7:13 p.m.10 views

EUVD-2026-37786

Tinyproxy through 1.11.3, fixed in commit 09312a1, fails to properly validate the Host header during stathost detection, allowing unauthenticated attackers to access the stats page by injecting a matching Host header or bypass detection via port manipulation. Remote attackers can trigger...

8.8CVSS5.3AI score0.00335EPSS
Exploits0References3
CVE
CVE
added 2026/06/17 7:13 p.m.15 views

CVE-2026-55202

Tinyproxy (up to version 1.11.3) contains a vulnerability in stathost detection where the Host header is not properly validated. This allows unauthenticated attackers to access the stats page by injecting a matching Host header or bypass detection via port manipulation, potentially misrouting req...

8.8CVSS5.4AI score0.00335EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/17 7:13 p.m.8 views

CVE-2026-55202

Tinyproxy through 1.11.3, fixed in commit 09312a1, fails to properly validate the Host header during stathost detection, allowing unauthenticated attackers to access the stats page by injecting a matching Host header or bypass detection via port manipulation. Remote attackers can trigger...

8.8CVSS5.4AI score0.00335EPSS
Exploits0
NVD
NVD
added 2026/06/16 3:16 p.m.10 views

CVE-2026-10639

In Zephyr's native IPv4 stack, icmpv4handleechorequest in subsys/net/ip/icmpv4.c builds an echo-reply packet reply, hands it to nettrysenddata, and then, on success, calls netstatsupdateicmpsentnetpktifacereply. nettrysenddata transfers ownership of reply to the TX path netiftryqueuetx - netiftx ...

4.8CVSS0.00232EPSS
Exploits1References2
Rows per page
Query Builder