Lucene search
K

2027 matches found

OSV
OSV
added 2026/06/24 9:59 a.m.2 views

SUSE-SU-2026:22488-1 Security update for the Linux Kernel RT (Live Patch 20 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-42.1 fixes various security issues The following security issues were fixed: - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. - CVE-2026-3150...

9.8CVSS6AI score0.03663EPSS
Exploits25References18
OSV
OSV
added 2026/06/24 9:39 a.m.5 views

SUSE-SU-2026:22397-1 Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-33.1 fixes various security issues The following security issues were fixed: - CVE-2026-23278: netfilter: nftables: always walk all pending catchall elements bsc1260907. - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache...

9.8CVSS6.2AI score0.0049EPSS
Exploits8References14
OSV
OSV
added 2026/06/23 11:34 a.m.2 views

SUSE-SU-2026:2549-1 Security update for the Linux Kernel (Live Patch 71 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise Kernel 4.12.14-122.269 fixes various security issues The following security issues were fixed: - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. - CVE-2026-31504: net: fix fanout UAF in packetrelease via NETDEVUP race...

9.8CVSS5.9AI score0.0049EPSS
Exploits7References9
OSV
OSV
added 2026/06/22 4:34 p.m.5 views

SUSE-SU-2026:2494-1 Security update for the Linux Kernel (Live Patch 69 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise Kernel 4.12.14-122.261 fixes various security issues The following security issues were fixed: - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. - CVE-2026-31504: net: fix fanout UAF in packetrelease via NETDEVUP race...

9.8CVSS6.4AI score0.0049EPSS
Exploits7References9
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.10 views

AlmaLinux 8 : kernel (ALSA-2026:27353)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:27353 advisory. kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service CVE-2026-31419 kernel: drm/amd/display: Do not skip unrelated mode...

9.8CVSS6.8AI score0.00353EPSS
Exploits11References10
OSV
OSV
added 2026/06/19 12:0 a.m.20 views

ALSA-2026:27353 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service CVE-2026-31419 kernel: drm/amd/display: Do not skip unrelated mode changes in DSC validation CVE-2026-31488 kerne...

9.8CVSS5.8AI score0.00353EPSS
Exploits11References18
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.13 views

AlmaLinux 10 : kernel (ALSA-2026:18134)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:18134 advisory. kernel: tcpbpf: Fix the skmemuncharge logic in tcpbpfsendmsg CVE-2024-56633 kernel: KVM: x86: Load DR6 with guest value only before entering .vcpurun lo...

7.8CVSS8.1AI score0.00344EPSS
Exploits8References27
OSV
OSV
added 2026/06/04 12:0 a.m.18 views

ALSA-2026:23329 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: proc: use the same treatment to check proclseek as ones for procreaditer et.al CVE-2025-38653 kernel: nbd: defer config unlock in nbdgenlconnect CVE-2025-68366 kernel: smb: client: fix OO...

8.8CVSS5.8AI score0.00378EPSS
Exploits4References16
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-40290

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology...

7.8CVSS5.9AI score0.00187EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2026/05/28 1:35 p.m.27 views

Important: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

9.8CVSS6.6AI score0.00675EPSS
Exploits0References19
OSV
OSV
added 2026/05/27 2:17 p.m.21 views

UBUNTU-CVE-2026-46004

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: Handle probe errors properly The probe procedure of setupcard in caiaq driver doesn't treat the error cases gracefully, e.g. the error from sndcardregister calls sndcardfree but continues. This would lead to a UAF fo...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References7
CVE
CVE
added 2026/05/27 12:18 p.m.50 views

CVE-2026-45972

The CVE-2026-45972 issue affects the Linux kernel SMB client, specifically smb2_open_file(), where improper handling could lead to memory corruption (UAF) or a double free during SMB2_open() retries. The fixed description states that zeroing err_iov and err_buftype before retrying SMB2_open() pre...

9.8CVSS5.8AI score0.00333EPSS
Exploits0References9Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: Fixed an issue related toracy under the cocurrent smb2 tree disconnect scenario. There is also a UAF issue under the cocurrent smb2 tree disconnect scenario. This patch introduces TREECONNEXPIRE flags for tcon to avoid...

7CVSS5.3AI score0.00164EPSS
Exploits0References2
OSV
OSV
added 2026/05/18 10:6 a.m.9 views

SUSE-SU-2026:21752-1 Security update for gnutls

This update for gnutls fixes the following issues - CVE-2026-3832: cert-session: fix multi-entry OCSP revocation bypass bsc1263706. - CVE-2026-3833: x509/name-constraints: compare domain names case-insensitive bsc1263707. - CVE-2026-5260: lib/pkcs11privkey: guard against overreading on short...

9.8CVSS5.8AI score0.01335EPSS
Exploits2References27
OSV
OSV
added 2026/05/18 10:6 a.m.6 views

SUSE-SU-2026:21815-1 Security update for gnutls

This update for gnutls fixes the following issues - CVE-2026-3832: cert-session: fix multi-entry OCSP revocation bypass bsc1263706. - CVE-2026-3833: x509/name-constraints: compare domain names case-insensitive bsc1263707. - CVE-2026-5260: lib/pkcs11privkey: guard against overreading on short...

9.8CVSS5.8AI score0.01335EPSS
Exploits2References27
Oracle linux
Oracle linux
added 2026/05/10 12:0 a.m.25 views

Unbreakable Enterprise kernel security update

6.12.0-202.76.4.1 - rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present Hyunwoo Kim Orabug: 39344513 CVE-2026-43500 - rxrpc: Fix conn-level packet handling to unshare RESPONSE packets David Howells Orabug: 39344513 - rxrpc: only handle RESPONSE during service challenge Wang Jie...

9.8CVSS6.4AI score0.96267EPSS
Exploits261
OSV
OSV
added 2026/05/05 4:38 p.m.7 views

CLSA-2026-1777999127 Fix CVE(s): CVE-2026-28387, CVE-2026-28388, CVE-2026-28389, CVE-2026-28390

SECURITY UPDATE: fix UAF/double-free in DANE client by using X509free for dane-mcert - debian/patches/CVE-2026-28387.patch: fix UAF/double-free in DANE client by using X509free for dane-mcert - CVE-2026-28387 SECURITY UPDATE: NULL check delta-crlnumber before ASN1INTEGERcmp in checkdeltabase -...

8.1CVSS5.8AI score0.01059EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/01 3:56 p.m.4 views

CVE-2026-22165 GPU DDK - UAF read of GLES3Context::psDrawParams and GLES3Context::psMode and UAF read/write of RMJob::apsCCBs

A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger a write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the process executing graphics workload has system privileges this could enable further exploits on the...

5.8AI score0.00346EPSS
Exploits0References1
Amazon
Amazon
added 2026/04/30 12:0 a.m.10 views

Important: python3.9

Issue Overview: The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update, |= operator, and unpickling paths were not patched, allowing control characters to bypass input validation. Additionally, BaseCookie.jsoutput lacked the output...

9.1CVSS4.7AI score0.00579EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.14 views

Important: python3.11

Issue Overview: The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update, |= operator, and unpickling paths were not patched, allowing control characters to bypass input validation. Additionally, BaseCookie.jsoutput lacked the output...

9.1CVSS4.7AI score0.00621EPSS
Exploits0
Rows per page
Query Builder