CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added last week•6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe/nvm: Fixed a double-free operation in the aux add failure case. After a successful auxiliarydeviceinit call, auxdev-dev.release i.e., xenvmreleasedev is responsible for freeing the memory allocated to nvm. If there is a...

7.8CVSS5.5AI score0.00113EPSS

AstraLinux•added last week•2 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: perf/aux: Fixed AUX buffer serialization. Ole reported that the event-mmapmutex is strictly insufficient to serialize the AUX buffer. To serialize it properly, a per-RB mutex should be added...

7.8CVSS6.3AI score0.00292EPSS

AstraLinux•added last week•6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fixed a possible memory leak in bnxtrdmaauxdeviceinit. If ulp = kzalloc fails, the allocated edev will leak because it is not properly assigned, and the cleanup mechanism will not be able to free it. This issue was fixed ...

5.5CVSS5.7AI score0.00225EPSS

AstraLinux•added last week•2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: dp: Change the logging to dev for mtkdpauxtransfer. Change the logging from drmerr,info to deverr,info in the functions mtkdpauxtransfer and mtkdpauxdotransfer. This will be essential to avoid kernel panics due to...

5.5CVSS5.2AI score0.00134EPSS

AstraLinux•added last week•4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: reset: gpio: fix double-free in resetaddgpioauxdevice error path. When auxiliarydeviceadd fails, resetadd gpioauxdevice calls auxiliarydeviceuninitadev. The device release callback resetgpioauxdevicerelease frees adev, but the...

7.8CVSS5.6AI score0.0012EPSS

AstraLinux•added last week•4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: perf/core: Abrupt exit if the requested AUX area is out of bounds. When using perf-record with a large AUX area, for example 4GB, the following error occurs: bash perf record -C 0 -m ,4G -e armspe0// -- sleep 1 Failed to mmap wit...

7.8CVSS5.9AI score0.00255EPSS

GithubExploit•added 2026/06/13 6:59 a.m.•75 views

metasploit-cheatsheet

Metasploit Cheatsheet A practical reference for using Metaspl...

5.7AI score

Exploits0

Packet Storm News•added 2026/06/09 12:0 a.m.•7 views

FreeBSD Security Advisory - FreeBSD-SA-26:30.linux

FreeBSD Security Advisory - The Linuxulator determined whether a binary was set-user-ID or set-group-ID by checking the PSUGID process flag. During execve2, this flag is not yet set at the point where the auxiliary vector is constructed, so ATSECURE was incorrectly set to zero for set-user-ID and...

5.5AI score

Exploits1

Tenable Nessus•added 2026/06/03 12:0 a.m.•10 views

Linux Distros Unpatched Vulnerability : CVE-2026-46162

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ice: fix double free in icesfethactivate error path When auxiliarydeviceadd fails, icesfethactivate jumps to auxdevuninit and calls...

7.8CVSS7.1AI score0.00138EPSS

Exploits0References3

SUSE CVE•added 2026/05/29 1:16 a.m.•11 views

SUSE CVE-2026-46162

In the Linux kernel, the following vulnerability has been resolved: ice: fix double free in icesfethactivate error path When auxiliarydeviceadd fails, icesfethactivate jumps to auxdevuninit and calls auxiliarydeviceuninit&sfdev-adev. The device release callback icesfdevrelease frees sfdev, but th...

5.5CVSS5.8AI score0.00138EPSS

Exploits0References3

CNNVD•added 2026/05/29 12:0 a.m.•9 views

arcane 操作系统命令注入漏洞

Arcane is an open-source Docker management software developed by Arcane. Versions of Arcane 1.18.1 and earlier contain a vulnerability related to operating system command injection. This vulnerability stems from the path cleaner in the GET /environments/id/volumes/volumeName/browse endpoint not...

6.3CVSS6.1AI score0.0021EPSS

RedhatCVE•added 2026/05/28 5:33 p.m.•14 views

CVE-2026-46162

A flaw was found in the Linux kernel's ice driver. An error in the icesfethactivate function's error handling path can lead to a double free of memory. This occurs when auxiliarydeviceadd fails, causing kfreesfdev to be called twice. This vulnerability could lead to memory corruption or a denial ...

7.8CVSS5.8AI score0.00138EPSS

NVD•added 2026/05/28 2:16 p.m.•19 views

CVE-2026-49237

An issue was discovered in Canonical Multipass for macOS before version 1.16.3 due to an incomplete fix for CVE-2025-5199. While the patch in version 1.16.0 updated the ownership of the multipassd daemon binary to root:wheel, five co-located binaries multipass, qemu-img, qemu-system-aarch64,...

7.8CVSS0.00141EPSS

Exploits1References1

NVD•added 2026/05/28 10:16 a.m.•9 views

CVE-2026-46162

7.8CVSS0.00138EPSS

OSV•added 2026/05/28 10:16 a.m.•6 views

UBUNTU-CVE-2026-46162

7.8CVSS5.7AI score0.00138EPSS

Exploits0References7

EUVD•added 2026/05/28 9:36 a.m.•8 views

EUVD-2026-32789

5.8AI score0.00138EPSS

ATTACKERKB•added 2026/05/28 9:36 a.m.•7 views

CVE-2026-46162

In the Linux kernel, the following vulnerability has been resolved: ice: fix double free in icesfethactivate error path When auxiliarydeviceadd fails, icesfethactivate jumps to auxdevuninit and calls auxiliarydeviceuninitdev-adev. The device release callback icesfdevrelease frees sfdev, but the...

5.7AI score0.00138EPSS

Exploits0References5Affected Software1

Cvelist•added 2026/05/28 9:36 a.m.•30 views

CVE-2026-46162 ice: fix double free in ice_sf_eth_activate() error path

0.00138EPSS