Lucene search
K

236 matches found

RedhatCVE
RedhatCVE
added 2026/06/29 8:15 a.m.6 views

CVE-2026-53294

A flaw was found in the Linux kernel's mailbox subsystem. This vulnerability occurs when the receive RX channel is aliased to the transmit TX channel with a different Memory-Mapped I/O MMIO and is not properly handled during the freeing of channels. This can lead to a double-free condition, which...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References4
NVD
NVD
added 2026/06/26 8:17 p.m.9 views

CVE-2026-53294

In the Linux kernel, the following vulnerability has been resolved: mailbox: mailbox-test: don't free the reused channel The RX channel can be aliased to the TX channel if it has a different MMIO. This special case needs to be handled when freeing the channels otherwise a double-free occurs...

7.8CVSS0.00129EPSS
Exploits0References8
CVE
CVE
added 2026/06/26 7:40 p.m.16 views

CVE-2026-53294

Technical details for CVE-2026-53294 are not publicly available in the provided documents. Monitor for updates from Debian/Ubuntu OSV entries and kernel advisories for affected components, versions, and fixes.

7.8CVSS5.8AI score0.00129EPSS
Exploits0References8Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/26 8:49 a.m.5 views

CVE-2026-53188

A flaw was found in the Linux kernel's RDMA/core component. This vulnerability arises from insufficient validation of file operations fops passed to the ibgetucaps function. A local attacker could exploit this by creating a block device with a device number devt that aliases a character device...

8.8CVSS5.8AI score0.00136EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.32 views

PT-2026-52933

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the mailbox-test component where a double-free occurs during the process of freeing channels. This happens because the RX channel can be aliased to the TX channel if i...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References21
RedHat Linux
RedHat Linux
added 2026/06/25 11:28 a.m.9 views

libpng: libpng: Arbitrary code execution due to use-after-free vulnerability

A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...

7.5CVSS7AI score0.01052EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2026/06/25 10:34 a.m.6 views

libpng: libpng: Arbitrary code execution due to use-after-free vulnerability

A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...

7.5CVSS6.8AI score0.01052EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2026/06/25 10:24 a.m.5 views

libpng: libpng: Arbitrary code execution due to use-after-free vulnerability

A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...

7.5CVSS6.8AI score0.01052EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2026/06/24 12:59 p.m.4 views

libpng: libpng: Arbitrary code execution due to use-after-free vulnerability

A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...

7.5CVSS7AI score0.01052EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2026/06/24 12:50 p.m.5 views

libpng: libpng: Arbitrary code execution due to use-after-free vulnerability

A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...

7.5CVSS7AI score0.01052EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2026/06/23 8:6 p.m.10 views

libpng: libpng: Arbitrary code execution due to use-after-free vulnerability

A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...

7.5CVSS7AI score0.01052EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.11 views

EulerOS Virtualization 2.13.0 : libpng (EulerOS-SA-2026-2404)

According to the versions of the libpng packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image...

7.6CVSS5.8AI score0.01052EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.15 views

EulerOS Virtualization 2.13.1 : libpng (EulerOS-SA-2026-2375)

According to the versions of the libpng packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image...

7.6CVSS5.8AI score0.01052EPSS
Exploits2References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/09 6:3 p.m.19 views

Malicious code in fhirproxy-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 405cf847121f4bfed32bc5679a40b64c1338b142af75823ef9583944a7ae7b5a On npm install via the prepare lifecycle hook and many other lifecycle aliases and on require, index.js performs broad reconnaissance and exfiltratio...

6.1AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.9 views

EulerOS 2.0 SP11 : libpng (EulerOS-SA-2026-2250)

According to the versions of the libpng packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In...

7.6CVSS6.4AI score0.01052EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.11 views

EulerOS 2.0 SP11 : libpng (EulerOS-SA-2026-2212)

According to the versions of the libpng packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. In...

7.6CVSS6.4AI score0.01052EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/05/29 7:41 p.m.45 views

CVE-2026-44422 FreeRDP RDPEAR NDR ref-id aliasing causes client-side UAF/double-free and type confusion

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's RDPEAR NDR parser accepts one non-null NDR pointer ref-id for multiple logical pointer fields without tracking the pointed object's expected NDR type or ownership. When the same ref-id is reused across two...

7.5CVSS0.00384EPSS
Exploits1References1
CVE
CVE
added 2026/05/29 7:41 p.m.46 views

CVE-2026-44422

CVE-2026-44422 affects FreeRDP prior to 3.26.0. The RDPEAR NDR parser incorrectly reused a non-null NDR pointer ref-id across multiple logical pointer fields, causing the same heap object to be assigned to two outputs. The destructor then frees both pointers, enabling a heap use-after-free / doub...

8.8CVSS5.8AI score0.00384EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2026/05/29 7:41 p.m.2 views

CVE-2026-44422 FreeRDP RDPEAR NDR ref-id aliasing causes client-side UAF/double-free and type confusion

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's RDPEAR NDR parser accepts one non-null NDR pointer ref-id for multiple logical pointer fields without tracking the pointed object's expected NDR type or ownership. When the same ref-id is reused across two...

7.5CVSS6AI score0.00384EPSS
Exploits1References7
OSV
OSV
added 2026/05/21 8:24 p.m.9 views

GHSA-VJ64-RJF3-W3V7 Plonky3 MultiField32Challenger: transcript malleability and challenge entropy loss

Impact - Key: challenger/src/multifieldchallenger.rs | MultiField32Challenger::duplexing | transcriptmalleability - Affected files: challenger/src/multifieldchallenger.rs, field/src/helpers.rs - Violated invariant: The Fiat-Shamir sponge must bind challenges to the exact sequence of observed fiel...

8.9CVSS5.8AI score0.00108EPSS
Exploits0References3
Rows per page
Query Builder