Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

90 matches found

AstraLinux
AstraLinuxadded 6 days ago7 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: xtensa: simdisk: added input size checking in procwritesimdisk A malicious user could potentially enter an arbitrarily bad value into memdupusernul, which might cause the kernel to crash. This follows the same pattern as the patc...

5.6AI score0.00166EPSS
Exploits0References2
AstraLinux
AstraLinuxadded 6 days ago5 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: xtensa: Fixed the refcount leak issue in the time.c file. In calibccount, the offindcompatiblenode function will return a node pointer with the refcount incremented. We should use ofnodeput when this node pointer is no longer...

5.5CVSS5.9AI score0.00237EPSS
Exploits0References2
NVD
NVDadded 2026/06/16 6:16 a.m.10 views

CVE-2026-10635

On Xtensa targets with CONFIGUSERSPACE and CONFIGXTENSAMMU, the page-table code arch/xtensa/core/ptables.c maintains a global list, xtensadomainlist, of active memory domains using a list node embedded inside the caller-owned struct kmemdomain. When a domain is destroyed via kmemdomaindeinit -...

6.3CVSS0.00164EPSS
Exploits1References2
CVE
CVEadded 2026/06/16 5:19 a.m.14 views

CVE-2026-10635

CVE-2026-10635 affects Zephyr v4.4.0 on Xtensa targets with CONFIG_USERSPACE and CONFIG_XTENSA_MMU. The bug arises when destroying a memory domain via k_mem_domain_deinit(): the page-table code keeps a global xtensa_domain_list entry for the domain, but the node is not removed, leaving a dangling...

6.3CVSS5.5AI score0.00164EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2026/06/16 5:19 a.m.32 views

CVE-2026-10635 Dangling memory-domain pointer (use-after-free) in Xtensa MMU page-table code on memory-domain de-init

On Xtensa targets with CONFIGUSERSPACE and CONFIGXTENSAMMU, the page-table code arch/xtensa/core/ptables.c maintains a global list, xtensadomainlist, of active memory domains using a list node embedded inside the caller-owned struct kmemdomain. When a domain is destroyed via kmemdomaindeinit -...

6.3CVSS0.00164EPSS
Exploits1References2
EUVD
EUVDadded 2026/06/16 5:19 a.m.8 views

EUVD-2026-37036

On Xtensa targets with CONFIGUSERSPACE and CONFIGXTENSAMMU, the page-table code arch/xtensa/core/ptables.c maintains a global list, xtensadomainlist, of active memory domains using a list node embedded inside the caller-owned struct kmemdomain. When a domain is destroyed via kmemdomaindeinit -...

6.3CVSS5.5AI score0.00164EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2026/06/16 12:0 a.m.10 views

PT-2026-49610

On Xtensa targets with CONFIG USERSPACE and CONFIG XTENSA MMU, the page-table code arch/xtensa/core/ptables.c maintains a global list, xtensa domain list, of active memory domains using a list node embedded inside the caller-owned struct k mem domain. When a domain is destroyed via k mem domain...

6.3CVSS5.5AI score0.00164EPSS
Exploits1References3
AstraLinux
AstraLinuxadded 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: xtensa: xtfpga: Fixed a refcount leak bug in setup. In machinesetup, offindcompatiblenode will return a node pointer with the refcount incremented. We should use ofnodeput when it is no longer needed...

5.5CVSS5.7AI score0.00237EPSS
Exploits0References2
OSV
OSVadded 2026/03/16 2:3 p.m.12 views

USN-8095-1 linux, linux-aws, linux-gcp, linux-gcp-6.8, linux-gke, linux-gkeop, linux-hwe-6.8, linux-ibm, linux-ibm-6.8, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-oracle, linux-oracle-6.8 vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

7.8CVSS6.8AI score0.00544EPSS
Exploits6References425
Ubuntu
Ubuntuadded 2026/02/24 11:20 a.m.14 views

USN-8029-3: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - Nios II architecture; - PA-RISC architecture; - RISC-V architecture; -...

7.8CVSS7.7AI score0.00544EPSS
Exploits3
Tenable Nessus
Tenable Nessusadded 2026/02/19 12:0 a.m.15 views

Ubuntu 24.04 LTS : Linux kernel (OEM) vulnerabilities (USN-8048-1)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8048-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

7.8CVSS6AI score0.00544EPSS
Exploits3References367
Ubuntu
Ubuntuadded 2026/02/17 3:24 p.m.16 views

USN-8048-1: Linux kernel (OEM) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - Nios II architecture; - PA-RISC architecture; - RISC-V architecture; -...

7.8CVSS7.4AI score0.00544EPSS
Exploits3
OSV
OSVadded 2026/02/17 3:24 p.m.7 views

USN-8048-1 linux-oem-6.17 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - Nios II architecture; - PA-RISC architecture; - RISC-V architecture; -...

7.8CVSS6.7AI score0.00544EPSS
Exploits3References367
Tenable Nessus
Tenable Nessusadded 2026/02/13 12:0 a.m.10 views

Ubuntu 25.10 : Linux kernel (GCP) vulnerabilities (USN-8030-1)

The remote Ubuntu 25.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8030-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the...

7.8CVSS8.6AI score0.00544EPSS
Exploits3References367
OSV
OSVadded 2026/02/12 9:39 a.m.7 views

USN-8030-1 linux-gcp vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - Nios II architecture; - PA-RISC architecture; - RISC-V architecture; -...

7.8CVSS6.5AI score0.00544EPSS
Exploits3References367
Ubuntu
Ubuntuadded 2026/02/12 9:15 a.m.7 views

USN-8029-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - Nios II architecture; - PA-RISC architecture; - RISC-V architecture; -...

7.8CVSS5.7AI score0.00544EPSS
Exploits3
RedhatCVE
RedhatCVEadded 2026/01/07 9:9 a.m.7 views

CVE-2024-2214

In Eclipse ThreadX before version 6.4.0, the Mtxinit function in the Xtensa port was missing an array size check causing a memory overwrite. The affected file was ports/xtensa/xcc/src/txcliblock.c...

7.8CVSS6.8AI score0.00336EPSS
Exploits1References1
Microsoft CVE
Microsoft CVEadded 2025/11/25 1:1 a.m.6 views

Constant Time Issue with Xtensa-based ESP32 and X22519

...

7.5CVSS7AI score0.00268EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2025/11/22 11:12 p.m.4 views

CVE-2025-12888

Vulnerability in X25519 constant-time cryptographic implementations due to timing side channels introduced by compiler optimizations and CPU architecture limitations, specifically with the Xtensa-based ESP32 chips. If targeting Xtensa it is recommended to use the low memory implementations of...

7.5CVSS6.7AI score0.00268EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2025/11/22 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2025-12888

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in X25519 constant-time cryptographic implementations due to timing side channels introduced by compiler optimizations and CPU architecture...

7.5CVSS5.8AI score0.00268EPSS
Exploits0References3
Rows per page
Query Builder