Lucene search
K

301 matches found

Snyk
Snyk
added 2026/04/23 12:0 a.m.13 views

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack due to insecure handling of Process ID PID files. When an application uses the ApplicationPidFileWriter, it writes its PID to a predictable file system path. A local attacker with write access to the PID file's directory...

6.7CVSS5.4AI score0.00112EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/22 7:55 p.m.5 views

CVE-2026-31511

A flaw was found in the Bluetooth Management MGMT component of the Linux kernel. An issue with how memory is managed during certain operations can lead to a 'dangling pointer' vulnerability. This means that the system might attempt to access memory that has already been released, potentially...

7.8CVSS5.3AI score0.00129EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/22 5:17 p.m.7 views

CVE-2026-31439

A flaw was found in the Linux kernel's Xilinx DMA Direct Memory Access engine. The xdma driver's regmap initialization incorrectly handled errors, specifically when the devmregmapinitmmio function returned an error pointer instead of a null value. This improper error handling could potentially le...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/22 10:29 a.m.5 views

CVE-2026-31432

A flaw was found in the ksmbd component of the Linux kernel. This vulnerability allows an attacker to cause the system to write data beyond its intended memory boundaries when processing specific network requests. Specifically, when a complex request combines data reading with security informatio...

8.8CVSS6AI score0.00507EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/13 5:26 p.m.4 views

CVE-2026-31417

A flaw was found in the Linux kernel's X.25 network protocol implementation net/x25. An attacker could potentially trigger an integer overflow in the x25sock.fraglen variable when accumulating packets. This oversight, combined with the fraglen not being properly reset, may lead to system...

7.5CVSS5.8AI score0.00389EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/04/08 12:16 p.m.6 views

kernel: Linux kernel:A use-after-free in bridge multicast in br_multicast_port_ctx_init

A flaw was found in the Linux kernel's bridge multicast functionality. A local user could trigger a use-after-free vulnerability, a type of memory corruption, by improperly configuring network bridge router ports. This issue arises because the system fails to correctly remove ports from its...

7.8CVSS5.9AI score0.00248EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/04/07 11:32 p.m.3 views

CVE-2026-33815

A flaw was found in github.com/jackc/pgx. This memory-safety vulnerability could potentially lead to unexpected behavior or system instability. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria...

9.8CVSS5.8AI score0.00605EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/03 12:0 a.m.11 views

Cisco IOS Software IKEv2 DoS (cisco-sa-asa-ftd-ios-dos-kPEpQGGK)

According to its self-reported version, Cisco IOS Software is affected by a vulnerability. - A vulnerability in the Internet Key Exchange version 2 IKEv2 feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service DoS...

8.6CVSS6AI score0.00354EPSS
Exploits0References5
NVD
NVD
added 2026/03/30 3:16 p.m.4 views

CVE-2026-5165

A flaw was found in virtio-win, specifically within the VirtIO Block BLK device. When the device undergoes a reset, it fails to properly manage memory, resulting in a use-after-free vulnerability. This issue could allow a local attacker to corrupt system memory, potentially leading to system...

7.8CVSS0.00109EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/30 3:2 p.m.3 views

CVE-2026-5165

A flaw was found in virtio-win, specifically within the VirtIO Block BLK device. When the device undergoes a reset, it fails to properly manage memory, resulting in a use-after-free vulnerability. This issue could allow a local attacker to corrupt system memory, potentially leading to system...

6.7CVSS5.8AI score0.00109EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/30 12:0 a.m.7 views

PT-2026-29036

Name of the Vulnerable Software and Affected Versions virtio-win affected versions not specified Description A memory management issue exists in the VirtIO Block BLK device within virtio-win. A reset of the device does not properly handle memory, leading to a use-after-free condition. This could...

7.8CVSS5.9AI score0.00109EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/03/25 6:57 p.m.4 views

CVE-2026-23363

A flaw was found in the Linux kernel's mt76 wireless driver, specifically within the mt7925 component. This vulnerability arises from a failure to properly check the frame length before accessing management fields in the mt7925macwritetxwi80211 function. An attacker could potentially exploit this...

5.5CVSS5.8AI score0.00125EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/25 5:59 p.m.5 views

CVE-2026-23294

A flaw was found in the Linux kernel. A race condition in the devmap component, specifically within the xdpdevbulkqueue bq on PREEMPTRT kernels, allows multiple preemptible tasks on the same CPU to concurrently access the bq. This can lead to a use-after-free vulnerability, potentially resulting ...

5.8AI score0.0009EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/25 4:48 p.m.3 views

CVE-2026-23360

A flaw was found in the Linux kernel's Non-Volatile Memory Express NVMe subsystem. When an NVMe controller is reset, a previously allocated administration queue may not be properly released before a new one is created. This can lead to the old queue becoming orphaned, potentially causing resource...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/25 3:11 p.m.6 views

CVE-2026-23358

A flaw was found in the Linux kernel's drm/amdgpu driver. During slot reset error handling, the system could attempt to access an uninitialized list due to an uninitialized pointer. This could lead to system instability or a denial of service...

5.7AI score0.00121EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/25 1:48 p.m.5 views

CVE-2026-23373

A flaw was found in the Linux kernel's wifi: rsi module. The rsimac80211config function's failure to default to a zero value can trigger a WARNON in the ieee80211hwconfinit function. This unexpected driver behavior may lead to system instability or other unforeseen operational issues...

5.7AI score0.00114EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/25 1:39 p.m.3 views

CVE-2026-23355

A flaw was found in the Linux kernel's libata subsystem. This vulnerability occurs due to improper handling of deferred work. When ap-deferredqc is cleared, the associated queued work is not canceled, leading to the work being executed at an inappropriate time. This can result in a WARNON...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/25 12:20 p.m.4 views

CVE-2026-23376

A flaw was found in the Linux kernel's nvmet-fcloop component. This vulnerability occurs due to incorrect handling of resource freeing when the remote port state is not online. Specifically, the fcloopt2hxmtlsrsp routine fails to check the remoteport-portstate before calling a done callback, whic...

3.3CVSS5.8AI score0.00117EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/20 12:28 p.m.4 views

CVE-2026-23278

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nftables component. This vulnerability occurs during transaction processing when the system incorrectly handles multiple pending catchall elements, particularly when the associated map is being removed. This can...

5.5CVSS5.7AI score0.00165EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/03/11 12:49 a.m.2 views

kernel: Linux kernel: Use-after-free vulnerability in page_pool_recycle_in_ring can lead to arbitrary code execution

A flaw was found in the Linux kernel. This vulnerability, known as a use-after-free UAF, occurs in the pagepoolrecycleinring function. A local attacker could exploit this by manipulating the system's memory management, causing a freed memory region to be improperly accessed. This can lead to syst...

7.8CVSS5.8AI score0.00161EPSS
Exploits0References5
Rows per page
Query Builder