Lucene search
K

2020 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/24 4:30 p.m.4 views

CVE-2026-53070

In the Linux kernel, the following vulnerability has been resolved: sctp: disable BH before calling udptunnelxmitskb udptunnelxmitskb / udptunnel6xmitskb are expected to run with BH disabled. After commit 6f1a9140ecda "add xmit recursion limit to tunnel xmit functions", on the path:...

7.5CVSS5.7AI score0.00339EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/06/24 4:30 p.m.4 views

EUVD-2026-38938

In the Linux kernel, the following vulnerability has been resolved: sctp: disable BH before calling udptunnelxmitskb udptunnelxmitskb / udptunnel6xmitskb are expected to run with BH disabled. After commit 6f1a9140ecda "add xmit recursion limit to tunnel xmit functions", on the path:...

5.7AI score0.00339EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.6 views

PT-2026-51964

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the SCTP implementation where Bottom Half BH processing is not disabled before calling the udp tunnel xmit skb and udp tunnel6 xmit skb functions. These functions are...

7.5CVSS5.9AI score0.00339EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

A vulnerability related to deallocation was discovered in the preparetorelocate function in fs/btrfs/relocation.c within btrfs in the Linux Kernel. This potential flaw can be triggered by calling btrfsioctlbalance before calling btrfsioctldefrag...

7.8CVSS6.6AI score0.00442EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed the race condition between balance operations and cancel/pause requests. Syzbot reported a panic that appears as follows: Assertion failed: fsinfo-exclusiveoperation == BTRFSEXCLOPBALANCEPAUSED, in fs/btrfs/ioctl.c:4...

6AI score0.00155EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Fixed an assertion issue when starting the balance operation. The use of “exclusive” state for balance operations is compatible with paused balance and device addition. However, this complicates certain situations. The...

6AI score0.00168EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: schedext: The deadlock caused by SCXKICKWAIT was fixed by deferring the wait until the target CPU’s kickSYNC progresses. The busy-waiting mechanism in kickcpusirqworkfn uses smpCondLoadAcquire until the target CPU’s kickSYNC...

5.5CVSS5.8AI score0.00083EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: btrfs: fixed the BUGON condition in btrfscancelbalance. Pausing and canceling balance can race to interrupt balance, leading to a BUGON panic in btrfscancelbalance. The BUGON condition in btrfs CancelBalance does not take this ra...

5.5CVSS5.4AI score0.00187EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Remove the unreasonable unlock in ocfs2readblocks. Patch series “Misc fixes for ocfs2readblocks”, version 5. This series contains two fixes for ocfs2readblocks. The first patch addresses the issue reported by syzbot, which...

5.5CVSS6.2AI score0.00189EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: fixed a NULL pointer dereference when attempting to start a new transaction. BUG Syzbot reported a NULL pointer dereference, accompanied by a crash: FAULTINJECTION: Forced a failure. starttransaction+0x830/0x1670...

5.5CVSS6.5AI score0.00288EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/11 3:10 a.m.10 views

Malicious code in solana-dev-tools (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 059c5a74392811a397d3868092b7bcc84fbfac9d2f3de1c69a6421cdf756b652 On npm install, the package's postinstall hook node install.js executes a multi-stage attack against the installer's machine. It reads...

5.5AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/10 3:39 p.m.8 views

axios: Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget

A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as a Prototype Pollution "Gadget" attack, allows a remote attacker to subtly alter JSON API responses. By manipulating a specific function, an attacker can selectively modify data within these responses. This could le...

9.1CVSS5.5AI score0.00586EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/06/05 7:45 p.m.11 views

CVE-2026-31051

An issue in Hostbill v.2025-11-24 and 2025-12-01 allows a remote attacker to cause a denial of service via the Client Balance component...

3.8CVSS5.5AI score0.00421EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:38 p.m.9 views

CVE-2026-34064

nimiq-account contains account primitives to be used in Nimiq's Rust implementation. Prior to version 1.3.0, VestingContract::canchangebalance returns AccountError::InsufficientFunds when newbalance balance, the node crashes while trying to return an error. The mincap balance precondition is...

8.2CVSS5.4AI score0.00275EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:12 p.m.7 views

CVE-2026-26210

KTransformers through 0.5.3 contains an unsafe deserialization vulnerability in the balanceserve backend mode where the scheduler RPC server binds a ZMQ ROUTER socket to all interfaces with no authentication and deserializes incoming messages using pickle.loads without validation. Attackers can...

9.8CVSS6.1AI score0.00703EPSS
Exploits1References1
OSV
OSV
added 2026/06/04 6:47 p.m.6 views

GHSA-9392-PJ54-QQF8 WWBN AVideo: Authenticated wallet credit bypass in AuthorizeNet processPayment endpoint

Summary plugin/AuthorizeNet/processPayment.json.php credits the logged-in user's wallet based only on the attacker-controlled amount POST parameter. The endpoint contains a TODO for real Authorize.Net charging, hardcodes $paymentSuccess = true, and then calls YPTWallet::addBalance without...

7.1CVSS5.9AI score0.0012EPSS
Exploits1References4
NVD
NVD
added 2026/05/29 2:16 p.m.14 views

CVE-2026-47696

WWBN AVideo is an open source video platform. In 29.0 and earlier, plugin/AuthorizeNet/processPayment.json.php credits the logged-in user's wallet based only on the attacker-controlled amount POST parameter. The endpoint contains a TODO for real Authorize.Net charging, hardcodes $paymentSuccess =...

7.1CVSS0.0012EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/29 12:59 p.m.9 views

CVE-2026-47696

WWBN AVideo is an open source video platform. In 29.0 and earlier, plugin/AuthorizeNet/processPayment.json.php credits the logged-in user's wallet based only on the attacker-controlled amount POST parameter. The endpoint contains a TODO for real Authorize.Net charging, hardcodes $paymentSuccess =...

7.1CVSS5.9AI score0.0012EPSS
Exploits1References2Affected Software1
Microsoft CVE
Microsoft CVE
added 2026/05/29 8:5 a.m.9 views

tracepoint: balance regfunc() on func_add() failure in tracepoint_add_func()

...

5.5CVSS5.4AI score0.00128EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/05/28 9:36 a.m.9 views

CVE-2026-46196

In the Linux kernel, the following vulnerability has been resolved: tracepoint: balance regfunc on funcadd failure in tracepointaddfunc When a tracepoint goes through the 0 - 1 transition, tracepointaddfunc invokes the subsystem's ext-regfunc before attempting to install the new probe via funcadd...

5.5CVSS5.7AI score0.00128EPSS
Exploits0
Rows per page
Query Builder