Lucene search
K

125 matches found

RedHat Linux
RedHat Linux
added 2026/06/29 10:3 a.m.6 views

ImageMagick: ImageMagick: Denial of Service via missing memory request check

A flaw was found in ImageMagick. A remote attacker could exploit a missing check for maximum memory requests in the AcquireAlignedMemory function, leading to an out-of-memory condition. This vulnerability could result in a Denial of Service DoS, making the affected system or application unavailab...

7.5CVSS5.8AI score0.00346EPSS
Exploits0References5
CVE
CVE
added 2026/06/25 8:40 a.m.25 views

CVE-2026-53277

CVE-2026-53277 – Linux kernel (arm64 KVM) : A flaw where certain page-table walk operations (walk_s1 and kvm_walk_nested_s2) did not acquire the Sleepable RCU lock (SRCU) via kvm->srcu, risking memslot changes and potential instability during fault injection and Address Translation emulation. ...

8.8CVSS5.7AI score0.00114EPSS
Exploits0References6Affected Software1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: fbcon: check the return value of con2fbacquirenewinfo. If fbconopen fails when called from con2fbacquirenewinfo, then info-fbconpar pointer remains NULL, and this pointer will be dereferenced later. A check for the return value o...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerabilities have been resolved: locking/qrwlock: Fixed the ordering in queuedwritelockslowpath While this code is executed with waitlock held, a reader can acquire the lock without holding waitlock. The writer side loops checking the value using...

5.5CVSS6.4AI score0.00228EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/18 1:47 p.m.19 views

CVE-2026-42489 domctl lock open to abuse

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To create and manage guests, domctl operations are used by the control domain, a possible Xenstore domain, or by a domain controlling a particular guest. Some of these...

0.00078EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/17 7:13 a.m.8 views

CVE-2026-53460

A flaw was found in ImageMagick. A remote attacker could exploit a missing check for maximum memory requests in the AcquireAlignedMemory function, leading to an out-of-memory condition. This vulnerability could result in a Denial of Service DoS, making the affected system or application...

7.5CVSS5.8AI score0.00346EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/06/11 11:13 a.m.10 views

SUSE CVE-2026-53460

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, a missing check for maximum memory request in AcquireAlignedMemory could trigger an out-of-Memory condition. This issue has been patched in versions 6.9.13-50 a...

5.5CVSS5.2AI score0.00346EPSS
Exploits0References5
OSV
OSV
added 2026/06/10 11:16 p.m.12 views

UBUNTU-CVE-2026-53460

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, a missing check for maximum memory request in AcquireAlignedMemory could trigger an out-of-Memory condition. This issue has been patched in versions 6.9.13-50 a...

7.5CVSS5.2AI score0.00346EPSS
Exploits0References3
Snyk
Snyk
added 2026/06/10 11:12 p.m.6 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to insufficient validation of memory allocation requests in the AcquireAlignedMemory function. An attacker can cause the application to consume excessive memory resources by...

8.7CVSS5.3AI score0.00346EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/10 11:12 p.m.10 views

Allocation of Resources Without Limits or Throttling

Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

8.7CVSS5.3AI score0.00346EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/10 11:12 p.m.9 views

Allocation of Resources Without Limits or Throttling

Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.7CVSS5.3AI score0.00346EPSS
Exploits0References2
CVE
CVE
added 2026/05/28 9:36 a.m.34 views

CVE-2026-46147

CVE-2026-46147 concerns the Linux kernel KVM on ARM64, where two bugs in vCPU initialisation can leak pin references to host vCPU/SVE pages and allow observation of a partially initialised vCPU object. The fixes extract a helper for vCPU registration, ensure proper unpinning on error, and enforce...

5.5CVSS5.8AI score0.00126EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.21 views

PT-2026-44235

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A memory corruption issue exists in the RDMA hns component. The function hns roce qp remove is called without the required locks during the error unwind process within the hns roce create q...

7.8CVSS5.9AI score0.001EPSS
Exploits0
OSV
OSV
added 2026/05/22 9:5 a.m.31 views

CLSA-2026-1779375889 kernel: Fix of 95 CVEs

perf/x86/intel/uncore: Fix die ID init and look up bugs CVE-2026-43344 - x86/apic: Disable x2apic on resume if the kernel expects so CVE-2026-43363 - drm/amdgpu: Fix use-after-free race in VM acquire CVE-2026-43370 - dm: remove fake timeout to avoid leak request CVE-2026-43314 - md/bitmap: fix...

7.8CVSS5.9AI score0.00283EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: hwrng: virtio – Fixed a race condition related to dataavail and actual data. The virtio rng device initiates a new entropy request whenever the data available becomes zero. When a new request occurs at the end of a read...

6AI score0.00177EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/11 2:13 p.m.7 views

SUSE CVE-2026-43370

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix use-after-free race in VM acquire Replace non-atomic vm-processinfo assignment with cmpxchg to prevent race when parent/child processes sharing a drmfile both try to acquire the same VM after fork. cherry picked...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References3
NVD
NVD
added 2026/05/08 3:16 p.m.10 views

CVE-2026-43370

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix use-after-free race in VM acquire Replace non-atomic vm-processinfo assignment with cmpxchg to prevent race when parent/child processes sharing a drmfile both try to acquire the same VM after fork. cherry picked...

7.8CVSS0.00126EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/08 2:21 p.m.37 views

CVE-2026-43370 drm/amdgpu: Fix use-after-free race in VM acquire

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix use-after-free race in VM acquire Replace non-atomic vm-processinfo assignment with cmpxchg to prevent race when parent/child processes sharing a drmfile both try to acquire the same VM after fork. cherry picked...

7.8CVSS0.00126EPSS
Exploits0References8
CVE
CVE
added 2026/05/08 2:21 p.m.18 views

CVE-2026-43370

The CVE-2026-43370 issue affects the Linux kernel DRM/AMDGPU subsystem, specifically a use-after-free race in VM acquisition. Root cause: a non-atomic vm->process_info assignment could race when parent and child processes sharing a drm_file both attempt to acquire the same VM after fork(). The...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/08 2:21 p.m.7 views

CVE-2026-43370

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix use-after-free race in VM acquire Replace non-atomic vm-processinfo assignment with cmpxchg to prevent race when parent/child processes sharing a drmfile both try to acquire the same VM after fork. cherry picked...

5.7AI score0.00126EPSS
Exploits0References9Affected Software1
Rows per page
Query Builder