Lucene search
K

470 matches found

OSV
OSV
added 2026/07/01 1:32 p.m.5 views

CVE-2026-53335 mm/damon/lru_sort: handle ctx allocation failure

In the Linux kernel, the following vulnerability has been resolved: mm/damon/lrusort: handle ctx allocation failure DAMONLRUSORT allocates the damonctx object for its kdamond in its init function. damonlrusortenabledstore wrongly assumes the allocation will always succeed once tried. If the...

6.2AI score0.00166EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/07/01 12:20 a.m.7 views

kernel: mptcp: fix slab-use-after-free in __inet_lookup_established

A flaw was found in the Linux kernel's Multipath TCP MPTCP implementation. Due to incorrect memory allocation for IPv6 subflow child sockets, a use-after-free vulnerability exists. A remote attacker could exploit this by triggering concurrent lookups in the kernel's hash table, potentially leadin...

9.8CVSS6.5AI score0.00459EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/30 9:4 a.m.11 views

Important: Red Hat Security Advisory: postgresql:15 security update

An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

8.8CVSS5.9AI score0.00668EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/29 6:16 a.m.5 views

kernel: RDMA/vmw_pvrdma: Fix double free on pvrdma_alloc_ucontext() error path

A flaw was found in the Linux kernel, specifically within the RDMA Remote Direct Memory Access vmwpvrdma module. This vulnerability is a double free, which means the system attempts to release the same memory resource twice. This can occur in an error handling path within the pvrdmaallocucontext...

7.8CVSS5.8AI score0.00143EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:12 a.m.10 views

batman-adv: dat: handle forward allocation error

...

9.8CVSS5.8AI score0.00394EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Before versions 7.1.2-16 and 6.9.13-41, there was a vulnerability where a memory allocation failure in the sixel encoder could lead to writing beyond the end of a buffer on the stack. This vulnerability...

6.7CVSS6AI score0.00096EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/24 7:14 a.m.7 views

CVE-2026-52922

In the Linux kernel, the following vulnerability has been resolved: batman-adv: dat: handle forward allocation error batadvdatforwarddata calls pskbcopyforclone to duplicate an skb for each DHT candidate, but does not check the return value before passing it to batadvsendskbprepareunicast4addr...

7.5CVSS5.7AI score0.00394EPSS
Exploits0
Redos
Redos
added 2026/06/15 12:0 a.m.9 views

ROS-20260615-73-0041

The vulnerability of the yuvensurebuffer function in the RDP client FreeRDP is related to incorrect calculations of the size of the buffer allocated. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending specially crafted NAL packets...

7.5CVSS5.7AI score0.00265EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.26 views

EulerOS 2.0 SP13 : libarchive (EulerOS-SA-2026-2294)

According to the versions of the libarchive packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archivereaddata processing...

7.5CVSS7.2AI score0.00693EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

Poppler 数字错误漏洞

Poppler is an open-source PDF rendering library developed by Poppler. Poppler has a vulnerability related to input validation errors. This vulnerability stems from an integer overflow in the tilingPatternFill function within the Splash backend. As a result of this overflow, insufficient heap memo...

7.8CVSS6.1AI score0.00252EPSS
Exploits0References13
NVD
NVD
added 2026/05/28 10:16 a.m.14 views

CVE-2026-46189

In the Linux kernel, the following vulnerability has been resolved: RDMA/vmwpvrdma: Fix double free on pvrdmaallocucontext error path Sashiko points out that pvrdmauarfree is already called within pvrdmadeallocucontext, so calling it before triggers a double free...

7.8CVSS0.00143EPSS
Exploits0References19
NVD
NVD
added 2026/05/27 2:17 p.m.14 views

CVE-2026-46010

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix error handling in rxgkextracttoken Fix a missing bit of error handling in rxgkextracttoken: in the event that rxgkdecryptskb returns -ENOMEM, it should just return that rather than continuing on for anything else, it...

8.1CVSS0.00403EPSS
Exploits0References3
OSV
OSV
added 2026/05/27 2:17 p.m.19 views

UBUNTU-CVE-2026-45896

In the Linux kernel, the following vulnerability has been resolved: mtd: intel-dg: Fix accessing regions before setting nregions The regions array is counted by nregions, but it's set only after accessing it: UBSAN: array-index-out-of-bounds in drivers/mtd/devices/mtdinteldg.c:750:15 index 0 is o...

7.8CVSS5.7AI score0.00162EPSS
Exploits0References3
OSV
OSV
added 2026/05/27 12:56 p.m.4 views

CVE-2026-46010 rxrpc: Fix error handling in rxgk_extract_token()

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix error handling in rxgkextracttoken Fix a missing bit of error handling in rxgkextracttoken: in the event that rxgkdecryptskb returns -ENOMEM, it should just return that rather than continuing on for anything else, it...

8.1CVSS5.8AI score0.00403EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/05/27 12:18 p.m.9 views

CVE-2026-45964

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix gssauth kref leak in gssallocmsg error path Commit 5940d1cf9f42 "SUNRPC: Rebalance a kref in authgss.c" added a krefget&gssauth-kref call to balance the gssputauth done in gssreleasemsg, but forgot to add a...

5.5CVSS5.7AI score0.0016EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.11 views

CVE-2026-45964

SUNRPC: fix gssauth kref leak in gssallocmsg error path...

5.8AI score0.0016EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Media: MediTech; vcodec: Fix resource leaks in vdecmsgqueueinit. If any error occurs in vdecmsgqueueinit, we need to set “msgqueue-wdmaaddr.size = 0;”. Normally, this is done within the vdecmsgqueuedeinit function. However, if...

6.1AI score0.00168EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: i40e: Fixed DMA mapping leaks During the reallocation of RX buffers, new DMA mappings are created for those buffers. Reproduction steps: While doing the following: Do For i=0; i=8160; i=i+32 Do ethtool -G enp130s0f0 rx $i tx $...

6AI score0.00214EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Prevent double-free on error. The error handling path in itsvpeirqdomainalloc causes a double-free when itsvpeinit fails after successfully allocating at least one interrupt. This occurs because...

7.8CVSS5.8AI score0.00248EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: fec: handle pagepooldevallocpages error The fecenetupdatecbd function calls pagepooldevallocpages, but it does not handle the case where NULL is returned. A WARNON!newpage message is generated, but the program still proceeds...

5.5CVSS5.8AI score0.00201EPSS
Exploits0References2
Rows per page
Query Builder