Lucene search
K

49 matches found

Cvelist
Cvelist
added yesterday19 views

CVE-2026-55873 SeaweedFS: Improper authorization in the S3Tables / Iceberg REST management API lets a low-privileged S3 user enumerate administrator-owned table buckets

SeaweedFS is a distributed storage system. In versions 4.08 through 4.33, requests signed with SigV4 service s3tables are routed to the S3Tables management API where authorization collapses account-less S3 identities into the shared admin account and fails open, allowing an authenticated...

4.3CVSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

A use-after-free vulnerability was discovered in the Linux kernel’s netfilter subsystem, specifically in the net/netfilter/nftablesapi.c file. Improper error handling related to NFTMSGNEWRULE allows a dangling pointer to be used within the same transaction, leading to a use-after-free...

7.8CVSS6.6AI score0.00864EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/04/01 12:0 a.m.1 views

The vulnerability in the net/netfilter/nf_tables_api.c module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability in the net/netfilter/nftablesapi.c module of the Linux operating system is related to insufficient input data validation. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS7AI score0.00165EPSS
Exploits0References8Affected Software3
Redos
Redos
added 2026/01/19 12:0 a.m.5 views

ROS-20260119-7396

A vulnerability in the nftablesapi.c component of the Linux operating system kernel is related to incorrect computation. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS7.8AI score0.00176EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001746)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001746 advisory. net/netfilter/nftablesapi.c in the Linux kernel through 5.18.1 allows a local user able to create user/net namespaces to escalate privileges to root because an...

7.8CVSS6.6AI score0.02881EPSS
Exploits6References3
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001703)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001703 advisory. An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nftseteleminit leading to a buffer overflow could be used by a local attacker to...

7.8CVSS6.9AI score0.05451EPSS
Exploits16References3
Tenable Nessus
Tenable Nessus
added 2025/11/14 12:0 a.m.7 views

Siemens SIMATIC and SCALANCE Devices Use After Free (CVE-2023-3390)

A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nftablesapi.c. Mishandled error handling with NFTMSGNEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local...

7.8CVSS6.6AI score0.00864EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414399)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414399 advisory. An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nftseteleminit leading to a buffer overflow could be used by a local attacker to...

7.8CVSS6.9AI score0.05451EPSS
Exploits16References3
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-1015

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux kernel in linux/net/netfilter/nftablesapi.c of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds...

6.6CVSS6.2AI score0.01467EPSS
Exploits10References2
BDU FSTEC
BDU FSTEC
added 2024/03/06 12:0 a.m.5 views

The vulnerability of the nft_trans_gc_{queue_async_done,space}() function in the net/netfilter/nf_tables_api.c module of the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the nfttransgcqueueasyncdone,space function in the net/netfilter/nftablesapi.c module of the Linux operating system is related to memory release errors. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of th...

8.4CVSS6.4AI score0.00255EPSS
Exploits0References18Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/01/09 12:0 a.m.5 views

The vulnerability of the nft_set_commit_update() function in the net/netfilter/nf_tables_api.c module of the netfilter component of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information, thereby enhancing their privileges.

The vulnerability of the nftsetcommitupdate function in the net/netfilter/nftablesapi.c module of the netfilter component of the Linux kernel operating system is related to the repeated use of previously freed memory. Exploiting this vulnerability could allow a privileged attacker to compromise t...

6.7CVSS6.7AI score0.00843EPSS
Exploits0References28Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/12/26 12:0 a.m.8 views

The vulnerability in the net/netfilter/nf_tables_api.c component of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the net/netfilter/nftablesapi.c component in the Linux operating system is related to errors during resource release. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.5AI score0.00308EPSS
Exploits0References8Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/09/04 12:0 a.m.14 views

The vulnerability of the nft_set_catchallFlush() function in the net/netfilter/nf_tables_api.c module of the Linux kernel’s netfilter component allows a attacker to access protected information or cause a service failure.

The vulnerability of the nftsetcatchallFlush function in the net/netfilter/nftablesapi.c module of the Linux kernel’s netfilter component is related to the re-release of previously released memory. Exploiting this vulnerability could allow an attacker to access protected information or cause...

7.1CVSS6.4AI score0.00282EPSS
Exploits0References16Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/09/04 12:0 a.m.5 views

The vulnerability of the nft_verdict_dump() function in the net/netfilter/nf_tables_api.c module of the Linux kernel’s netfilter component allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the nftverdictdump function in the net/netfilter/nftablesapi.c module of the Linux kernel’s netfilter component is related to the reutilization of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attacker to compromis...

7CVSS6.4AI score
Exploits0References11Affected Software1
OSV
OSV
added 2023/08/28 10:15 p.m.8 views

AZL-28545 CVE-2023-4569 affecting package kernel for versions less than 5.15.131.1-2

A memory leak flaw was found in nftsetcatchallflush in net/netfilter/nftablesapi.c in the Linux Kernel. This issue may allow a local attacker to cause double-deactivations of catchall elements, which can result in a memory leak...

5.5CVSS6.7AI score0.00282EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/08/28 10:15 p.m.3 views

CVE-2023-4569

A memory leak flaw was found in nftsetcatchallflush in net/netfilter/nftablesapi.c in the Linux Kernel. This issue may allow a local attacker to cause double-deactivations of catchall elements, which can result in a memory leak...

5.5CVSS6.6AI score0.00282EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/08/28 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a memory leak vulnerability that originates from nftsetcatchallflush in net/netfilter/nftablesapi.c not freeing or failing to free dynamically allocat...

5.5CVSS8AI score0.00282EPSS
Exploits0References11
BDU FSTEC
BDU FSTEC
added 2023/08/14 12:0 a.m.6 views

The vulnerability of the netfilter kernel module in Linux operating systems, located in the function nf_tables_newrule(), allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the netfilter kernel module in Linux operating systems relates to improper handling when rules are added to the function nftablesnewrule in the net/netfilter/nftablesapi.c module. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity...

7.8CVSS6.5AI score0.0056EPSS
Exploits1References14Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/07/21 12:0 a.m.5 views

The vulnerability of the nft_chain_lookup_byid() function in the net/netfilter/nf_tables_api.c module of the Linux kernel’s netfilter packet filtering subsystem allows a attacker to escalate their privileges and compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the nftchainlookupbyid function in the net/netfilter/nftablesapi.c module of the Linux kernel’s packet filtering subsystem is related to the reutilization of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attacker t...

7.8CVSS6.5AI score0.02033EPSS
Exploits0References15Affected Software5
OSV
OSV
added 2023/06/28 9:15 p.m.1 views

DEBIAN-CVE-2023-3390

A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nftablesapi.c. Mishandled error handling with NFTMSGNEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local...

7.8CVSS6.4AI score0.00864EPSS
Exploits0References1
Rows per page
Query Builder