Lucene search
K

3084 matches found

RedHat Linux
RedHat Linux
added 2026/06/12 7:56 p.m.9 views

kernel: can: raw: fix ro->uniq use-after-free in raw_rcv()

A flaw was found in the Linux kernel's Controller Area Network CAN raw socket implementation. A use-after-free vulnerability can occur due to a timing window during the unregistration of CAN receive filters, allowing a freed memory region to be accessed. This could lead to system instability or a...

7.8CVSS5.4AI score0.00124EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/11 7:53 a.m.8 views

kernel: can: raw: fix ro->uniq use-after-free in raw_rcv()

A flaw was found in the Linux kernel's Controller Area Network CAN raw socket implementation. A use-after-free vulnerability can occur due to a timing window during the unregistration of CAN receive filters, allowing a freed memory region to be accessed. This could lead to system instability or a...

7.8CVSS5.4AI score0.00124EPSS
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/11 7:38 a.m.24 views

Malicious code in tailwind-typography-plus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29345b97ddc8c5fe985d1a69d53db15e4126052929267a584b463e94f43b0bc3 [email protected] impersonates the legitimate @tailwindcss/typography Tailwind CSS plugin confusable name, copied plugin export shape,...

6.2AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/10 5:44 p.m.10 views

kernel: can: raw: fix ro->uniq use-after-free in raw_rcv()

A flaw was found in the Linux kernel's Controller Area Network CAN raw socket implementation. A use-after-free vulnerability can occur due to a timing window during the unregistration of CAN receive filters, allowing a freed memory region to be accessed. This could lead to system instability or a...

7.8CVSS5.4AI score0.00124EPSS
Exploits0References5
NVD
NVD
added 2026/06/10 3:16 p.m.13 views

CVE-2026-53476

A flaw was found in assisted-migration-agent. An unauthenticated attacker, located on the same local area network LAN, can exploit a path traversal vulnerability. By crafting a specially designed gzipped tarball, the attacker can bypass security checks and write arbitrary files to the system. Thi...

9.6CVSS0.00291EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/10 2:35 p.m.13 views

EUVD-2026-36057

Reliance on IP Address for Authentication vulnerability in Erlang/OTP ssl inettlsdist module allows unauthenticated bypass of the distribution-over-TLS LAN allowlist. The inettlsdist:checkip/1 function, which enforces a LAN allowlist for Erlang distribution over TLS, calls inet:sockname/1 instead...

7.5CVSS5.5AI score0.00194EPSS
Exploits0References5
OSV
OSV
added 2026/06/10 2:35 p.m.8 views

EEF-CVE-2026-48860 Distribution-over-TLS LAN allowlist silently bypassed due to sockname/peername confusion in inet_tls_dist

Summary Reliance on IP Address for Authentication vulnerability in Erlang/OTP ssl inet\tls\dist module allows unauthenticated bypass of the distribution-over-TLS LAN allowlist. The inet\tls\dist:check\ip/1 function, which enforces a LAN allowlist for Erlang distribution over TLS, calls...

7.5CVSS5.5AI score0.00194EPSS
Exploits0References4
CVE
CVE
added 2026/06/10 1:55 p.m.28 views

CVE-2026-53476

The CVE-2026-53476 vulnerability affects the assisted-migration-agent and is triggered by an unauthenticated attacker on the same LAN who crafts a gzipped tarball to exploit a path traversal flaw, bypassing security checks and writing arbitrary files to the system. This leads to potential unautho...

9.6CVSS5.9AI score0.00291EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.16 views

PT-2026-48449

A flaw was found in assisted-migration-agent. An unauthenticated attacker, located on the same local area network LAN, can exploit a path traversal vulnerability. By crafting a specially designed gzipped tarball, the attacker can bypass security checks and write arbitrary files to the system. Thi...

9.6CVSS5.9AI score0.00291EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2026/06/10 12:0 a.m.7 views

Erlang/OTP -- TLS distribution check_ip flag does not enforce same-LAN constraint

https://github.com/erlang/otp/security/advisories/GHSA-gp7x-mfv6-52cv reports: Erlang distribution over TLS run with the kernel checkip flag now properly enforces connecting nodes to be on the same LAN. Previously the constraint was not enforced...

7.5CVSS5.4AI score0.00194EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 6:9 p.m.10 views

EUVD-2026-35790

Shenzhen Kangda Xin Intelligent Network Technology Company's router, model DR300, version 2.1.2.121, contains hardcoded login credentials and has telnet enabled by default on WAN and LAN interfaces. These vulnerabilities allow attackers to read and write to memory, modify firmware stored in flash...

9.8CVSS5.5AI score0.00209EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 6:9 p.m.9 views

CVE-2026-10045 CVE-2026-10045

Shenzhen Kangda Xin Intelligent Network Technology Company's router, model DR300, version 2.1.2.121, contains hardcoded login credentials and has telnet enabled by default on WAN and LAN interfaces. These vulnerabilities allow attackers to read and write to memory, modify firmware stored in flash...

5.5AI score0.00209EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 12:11 p.m.12 views

EUVD-2026-35408

In the Linux kernel, the following vulnerability has been resolved: Revert "mm/hugetlbfs: update hugetlbfs to use mmapprepare" This reverts commit ea52cb24cd3f "mm/hugetlbfs: update hugetlbfs to use mmapprepare" with conflict resolution to account for changes in commit ea52cb24cd3f "mm/hugetlbfs:...

5.4AI score0.001EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/09 12:11 p.m.34 views

CVE-2026-46318 Revert "mm/hugetlbfs: update hugetlbfs to use mmap_prepare"

In the Linux kernel, the following vulnerability has been resolved: Revert "mm/hugetlbfs: update hugetlbfs to use mmapprepare" This reverts commit ea52cb24cd3f "mm/hugetlbfs: update hugetlbfs to use mmapprepare" with conflict resolution to account for changes in commit ea52cb24cd3f "mm/hugetlbfs:...

0.001EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.19 views

PT-2026-48163

Shenzhen Kangda Xin Intelligent Network Technology Company's router, model DR300, version 2.1.2.121, contains hardcoded login credentials and has telnet enabled by default on WAN and LAN interfaces. These vulnerabilities allow attackers to read and write to memory, modify firmware stored in flash...

5.5AI score0.00209EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a null pointer dereferencing in the rtwcbufalloc function within the staging rtl8723bs driver. Th...

5.5CVSS5.3AI score0.001EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.29 views

EulerOS Virtualization 2.12.0 : avahi (EulerOS-SA-2026-2095)

According to the versions of the avahi package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and...

6.5CVSS5.6AI score0.00353EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.33 views

EulerOS Virtualization 2.12.1 : avahi (EulerOS-SA-2026-2070)

According to the versions of the avahi package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and...

6.5CVSS5.6AI score0.00353EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.10 views

CVE-2026-49317

Incorrect behavior order in the Infotainment / Digital Round display of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker to bypass the PIN entry screen. The Infotainment uses presence of Wireless Control Module WCM traffic during its boot window as a...

2.4CVSS5.5AI score0.00143EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:45 p.m.13 views

CVE-2026-37345

SourceCodester Vehicle Parking Area Management System v1.0 is vulnerable to SQL Injection in the file /parking/managepark.php...

9.8CVSS5.7AI score0.00346EPSS
Exploits0References1
Rows per page
Query Builder