Lucene search
K

11530 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.2 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mtdchar: Fixed integer overflow in read/write IOCs. The req.start and req.len variables are u64 values that originate from the user at the beginning of the function. We mask the high 32 bits of req.len, ensuring that its value is...

5.9AI score0.00156EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.2 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Fixed a potential UAF in xeoaaddconfigioctl In xeoaaddconfigioctl, we accessed oaconfig-id after dropping metricslock. Since this lock protects the lifetime of oaconfig, an attacker could guess the id and call...

7.8CVSS6.1AI score0.00115EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: The function mostregisterinterface did not properly release resources if it failed early before registering the device. In such cases, it returned an error code immediately, causing the memory allocated for the interface to be...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7615: Fixed a memory leak in mt7615mcuwtblstaadd. In mt7615mcuwtblstaadd, an skb object named sskb is allocated. If the subsequent call to mt76connacmcuallocwtblreq fails, the function returns an error without freeing the...

6.1AI score0.00161EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: Remove a drr class from the active list if it changes to strict. Whenever a user issues a ets qdisc change command, transforming a drr class into a strict one, the ets code does not check whether that class was in...

6.2AI score0.00173EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 12:5 p.m.6 views

RLSA-2026:28236 Moderate: libsolv security update

The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm. Security Fixes: libsolv: Stack-based buffer overflow in libsolv's Debian metadata parser when handling SHA384/SHA512 checksums CVE-2026-9150 libsolv: Heap buffer overflow in libsolv...

7.8CVSS6.1AI score0.00399EPSS
Exploits1References4
Rockylinux
Rockylinux
added 2026/06/24 12:5 p.m.9 views

libsolv security update

An update is available for libsolv. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libsolv packages provide a library for resolving package dependencies...

7.8CVSS6.2AI score0.00399EPSS
Exploits1
CVE
CVE
added 2026/06/24 7:14 a.m.14 views

CVE-2026-52929

The CVE affects the Linux kernel SCTP stream handling. When ADD_OUT_STREAMS is denied, the rollback only shrinks queued chunks and lowers outcnt, leaving removed stream metadata behind. A subsequent re-add can reuse a stale ext and trigger a null-pointer dereference in the scheduler get path, pot...

7.5CVSS5.7AI score0.00394EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2026/06/24 7:14 a.m.6 views

CVE-2026-52929

In the Linux kernel, the following vulnerability has been resolved: sctp: stream: fully roll back denied add-stream state When ADDOUTSTREAMS is denied, SCTP only shrinks the queued chunks and then lowers outcnt. That leaves removed stream metadata behind, so a later re-add can reuse a stale ext a...

7.5CVSS5.6AI score0.00394EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/24 7:14 a.m.48 views

CVE-2026-52929 sctp: stream: fully roll back denied add-stream state

In the Linux kernel, the following vulnerability has been resolved: sctp: stream: fully roll back denied add-stream state When ADDOUTSTREAMS is denied, SCTP only shrinks the queued chunks and then lowers outcnt. That leaves removed stream metadata behind, so a later re-add can reuse a stale ext a...

7.5CVSS0.00394EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-51933

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ocfs2 module where the OCFS2 IOC GROUP ADD ioctl can trigger a kernel BUG ON. This occurs because the ocfs2 group add function calls ocfs2 set new buffer uptodate ...

6.7CVSS6.2AI score0.00176EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-52929

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sctp: stream: fully roll back denied add-stream state When ADDOUTSTREAMS is denied, SCTP only shrinks the queued chunks and then lowers outcnt. That leaves...

7.5CVSS6AI score0.00394EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.7 views

PT-2026-51987

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An error pointer dereference exists in the brcmfmac WiFi driver. The function brcmf chip add core can return an error pointer that is not properly checked within the brcmf chip recogniti...

6AI score0.00176EPSS
Exploits0References17
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-51975

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Berkeley Packet Filter BPF verifier within the regsafe function. The issue occurs when comparing two scalar registers that both carry BPF ADD CONST values; the check...

7.8CVSS5.8AI score0.00116EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.14 views

PT-2026-51919

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the greybus raw component. The problem occurs when a raw bundle is disconnected while its character device chardev remains open by an application. Becaus...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.6 views

RockyLinux 10 : libsolv (RLSA-2026:28236)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:28236 advisory. libsolv: Stack-based buffer overflow in libsolv's Debian metadata parser when handling SHA384/SHA512 checksums CVE-2026-9150 libsolv: Heap buffer...

7.8CVSS6.1AI score0.00399EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/06/23 8:1 p.m.9 views

Moderate: Red Hat Security Advisory: libsolv security update

An update for libsolv is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.8CVSS6.2AI score0.00399EPSS
Exploits1References4
OSV
OSV
added 2026/06/23 4:16 p.m.2 views

DEBIAN-CVE-2025-55639

GPAC MP4Box v2.4 was discovered to contain a NULL pointer dereference in the gfisomaddtrackkind function at isomedia/isomwrite.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

6.5CVSS5.9AI score0.00352EPSS
Exploits1References1
Snyk
Snyk
added 2026/06/19 9:43 p.m.7 views

Directory Traversal

Overview everos is an EverOS — local-first markdown memory framework for AI agents and user chats; lightweight, dev-friendly, small-team Affected versions of this package are vulnerable to Directory Traversal via the senderid field in the POST /api/v1/memory/add endpoint. An attacker can create o...

8.8CVSS6.5AI score0.00356EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.15

The function rpmsgvirtioaddctrldev in the file drivers/rpmsg/virtiorpmsgbus.c in the Linux kernel, prior to version 5.18.4, contains a double-free...

5.5CVSS6.6AI score0.00281EPSS
Exploits0References2
Rows per page
Query Builder