Lucene search
K

13378 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/09 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: golang (UTSA-2026-016815)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016815 advisory. The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this c...

5.3CVSS5.8AI score0.00526EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/09 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: golang (UTSA-2026-016814)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016814 advisory. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large...

4.3CVSS5.8AI score0.00419EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/08 3:31 p.m.9 views

EUVD-2026-28686

In the Linux kernel, the following vulnerability has been resolved: hwmon: pmbus/q54sj108a2 fix stack overflow in debugfs read The q54sj108a2debugfsread function suffers from a stack buffer overflow due to incorrect arguments passed to bin2hex. The function currently passes 'data' as the...

6AI score0.00143EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/08 3:31 p.m.10 views

EUVD-2026-28611

In the Linux kernel, the following vulnerability has been resolved: USB: dummy-hcd: Fix locking/synchronization error Syzbot testing was able to provoke an addressing exception and crash in the usbgadgetudcreset routine in drivers/usb/gadgets/udc/core.c, resulting from the fact that the routine w...

5.8AI score0.00095EPSS
Exploits0References9
OSV
OSV
added 2026/05/08 3:16 p.m.10 views

UBUNTU-CVE-2026-43394

In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix cred ref leak in nfsdnllistenersetdoit. nfsdnllistenersetdoit uses getcurrentcred without putcred. As we can see from other callers, svcxprtcreatefromsa does not require the extra refcount. nfsdnllistenersetdoit is alwa...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2026/05/08 3:16 p.m.13 views

CVE-2025-67486

Dolibarr is an enterprise resource planning ERP and customer relationship management CRM software package. Versions 22.0.2 and earlier contains an authenticated remote code execution vulnerability in the user extrafields functionality. User-controlled input from the "computed value" field is pass...

8.6CVSS6.7AI score0.00881EPSS
Exploits1References3
OSV
OSV
added 2026/05/08 3:16 p.m.10 views

UBUNTU-CVE-2026-43382

In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid double-rtnllock ELP metric worker batadvvelpgetthroughput might be called when the RTNL lock is already held. This could be problematic when the work queue item is cancelled via canceldelayedworksync in...

5.5CVSS5.4AI score0.00095EPSS
Exploits0References11
OSV
OSV
added 2026/05/08 2:35 p.m.6 views

CLSA-2026-1778250885 dovecot: Fix of CVE-2026-27857

CVE-2026-27857: imap-login: limit IMAP parser open lists to prevent excessive memory usage...

7.5CVSS5.8AI score0.00667EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/08 2:21 p.m.8 views

CVE-2026-43419

In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leaks in cephmdscbuildpath Add putname calls to error code paths that did not free the "path" pointer obtained by getname. If ownership of this pointer is not passed to the caller via pathinfo.path, the function...

5.8AI score0.00122EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2026/05/08 2:16 p.m.34 views

CVE-2026-43327

In the Linux kernel, the following vulnerability has been resolved: USB: dummy-hcd: Fix locking/synchronization error Syzbot testing was able to provoke an addressing exception and crash in the usbgadgetudcreset routine in drivers/usb/gadgets/udc/core.c, resulting from the fact that the routine w...

5.5CVSS0.00095EPSS
Exploits0References8
NVD
NVD
added 2026/05/08 2:16 p.m.15 views

CVE-2026-43301

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix PM runtime usage count underflow Replace pmruntimeputsync with pmruntimedontuseautosuspend in the remove path to properly pair with pmruntimeuseautosuspend from probe. This allows pmruntimedisable t...

5.5CVSS0.00121EPSS
Exploits0References3
OSV
OSV
added 2026/05/08 2:16 p.m.11 views

UBUNTU-CVE-2026-43327

In the Linux kernel, the following vulnerability has been resolved: USB: dummy-hcd: Fix locking/synchronization error Syzbot testing was able to provoke an addressing exception and crash in the usbgadgetudcreset routine in drivers/usb/gadgets/udc/core.c, resulting from the fact that the routine w...

5.5CVSS5.7AI score0.00095EPSS
Exploits0References11
OSV
OSV
added 2026/05/08 2:16 p.m.8 views

UBUNTU-CVE-2026-43305

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix mismatched unlock for DMUB HW lock in HWSS fast path Why The evaluation for whether we need to use the DMUB HW lock isn't the same as whether we need to unlock which results in a hang when the fast path is us...

5.5CVSS5.7AI score0.00083EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/05/08 2:16 p.m.9 views

CVE-2026-43295

In the Linux kernel, the following vulnerability has been resolved: rapidio: replace riofreenet with kfree in rioscanallocnet When idtab allocation fails, net is not registered with rioaddnet yet, so kfreenet is sufficient to release the memory. Set mport-net to NULL to avoid dangling pointer...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2026/05/08 2:16 p.m.11 views

CVE-2026-43327

In the Linux kernel, the following vulnerability has been resolved: USB: dummy-hcd: Fix locking/synchronization error Syzbot testing was able to provoke an addressing exception and crash in the usbgadgetudcreset routine in drivers/usb/gadgets/udc/core.c, resulting from the fact that the routine w...

5.5CVSS5.7AI score0.00095EPSS
Exploits0References10
CVE
CVE
added 2026/05/08 1:31 p.m.30 views

CVE-2026-43327

CVE-2026-43327 affects the Linux kernel USB dummy-hcd code. The race involves usb_gadget_udc_reset() being invoked with a NULL second argument (driver) due to a race between USB reset and driver unbind, enabling a potential crash. The root cause was that stop_activity() could drop and re-acquire ...

5.5CVSS5.8AI score0.00095EPSS
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/08 1:31 p.m.8 views

CVE-2026-43327

In the Linux kernel, the following vulnerability has been resolved: USB: dummy-hcd: Fix locking/synchronization error Syzbot testing was able to provoke an addressing exception and crash in the usbgadgetudcreset routine in drivers/usb/gadgets/udc/core.c, resulting from the fact that the routine w...

5.5CVSS5.7AI score0.00095EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2026/05/08 1:31 p.m.46 views

CVE-2026-43327 USB: dummy-hcd: Fix locking/synchronization error

In the Linux kernel, the following vulnerability has been resolved: USB: dummy-hcd: Fix locking/synchronization error Syzbot testing was able to provoke an addressing exception and crash in the usbgadgetudcreset routine in drivers/usb/gadgets/udc/core.c, resulting from the fact that the routine w...

0.00095EPSS
Exploits0References8
CVE
CVE
added 2026/05/08 1:11 p.m.28 views

CVE-2026-43305

CVE-2026-43305 details a Linux kernel DRM AMD display issue where the DMUB HW lock unlock path in the HWSS fast path could hang due to a mismatch between evaluating the need for the lock and unlocking. The fix introduces a flag to track whether the lock should be used and applies that flag to gov...

5.5CVSS5.8AI score0.00083EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/08 1:11 p.m.21 views

CVE-2026-43301

CVE-2026-43301 relates to the Linux kernel driver for the wave5 media component. The issue arises when the driver’s remove path unconditionally calls pm_runtime_put_sync(), which can underflow the PM usage count if autosuspend was already activated during probe. This mismatch prevents proper refe...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder