Lucene search
K

877 matches found

RedhatCVE
RedhatCVE
added 2026/06/26 9:56 a.m.4 views

CVE-2026-53137

A flaw was found in the Linux kernel's drm/amd/display component. A malicious HDMI repeater could exploit this vulnerability during HDCP 2.x repeater authentication by sending a message size larger than the allocated buffer. This could lead to an out-of-bounds write, potentially causing a denial ...

5.8AI score0.00212EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/25 9:31 a.m.3 views

EUVD-2026-39342

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Clamp HDMI HDCP2 rxidlist read to buffer size Why & How During HDCP 2.x repeater authentication over HDMI, the driver reads the sink's RxStatus register and extracts a 10-bit message size field max value 1023. Th...

6AI score0.00212EPSS
Exploits0References9
CVE
CVE
added 2026/06/25 8:38 a.m.10 views

CVE-2026-53137

CVE-2026-53137 concerns the Linux kernel driver for AMD display over HDMI. The issue arises in the DRM HDCP2 path where the driver reads the sink’s 10-bit message size field and uses it as the read length for the ReceiverID list without clamping to the destination buffer size. This can allow an H...

6AI score0.00212EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/06/22 9:4 p.m.7 views

CVE-2026-56311

Capgo before 12.128.2 contains an authorization bypass vulnerability in the public.getcurrentplanmaxorg RPC function that allows unauthenticated attackers to retrieve arbitrary organization plan limits. Attackers can call the RPC endpoint with any organization UUID using only the public Supabase...

6.9CVSS6AI score0.00265EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/22 9:4 p.m.18 views

CVE-2026-56311 Capgo - Unauthenticated Cross-Tenant Disclosure via get_current_plan_max_org RPC

Capgo before 12.128.2 contains an authorization bypass vulnerability in the public.getcurrentplanmaxorg RPC function that allows unauthenticated attackers to retrieve arbitrary organization plan limits. Attackers can call the RPC endpoint with any organization UUID using only the public Supabase...

6.9CVSS0.00265EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/i915/hdcp: Added a encoder check in hdcp2getcapability. Also added a encoder check in intelhdcp2getcapability to avoid null pointer errors...

5.5CVSS6.2AI score0.00204EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: wifi: rtw88: use a work to update the rate to avoid RCU warnings. The ieee80211ops::starcupdate function must be atomic, because ieee80211chanbwchange holds a rcuread lock while calling drvstarcupdate. Therefore, a work must b...

5.5AI score0.00166EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: PCI/bwctrl: Fixed NULL pointer dereferencing when bus numbers are exhausted. When the BIOS fails to assign bus numbers to PCI bridges, the kernel attempts to correct this during PCI device enumeration. If there are no availabl...

5.5CVSS6AI score0.00208EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: interconnect: Fixed locking issues for runpm vs. reclaim For cases where iccbwset can be called in callbaths that may lead to deadlocks with shrinker/reclaim, such as during runpm resume, we need to separate the icc locking...

5.8AI score0.00163EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: armmpam: Fixed null pointer dereference when restoring bandwidth counters When a MSC that supports memory bandwidth monitoring is brought offline and then brought back online, the mpamrestorembwustate function calls rismsmonread...

5.5CVSS5.6AI score0.00107EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: xhci: Device endpoints are removed from the bandwidth list when the device is freed. Endpoints are normally deleted from the bandwidth list when they are dropped, before the virt device is freed. If the xHCI host is dying or bein...

7.8CVSS5.9AI score0.00158EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/i915: fix null pointer dereference Asus Chromebook CX550 crashes during boot with the v5.17-rc1 kernel. The root cause is a null pointer dereference in tglgetbwinfo in drivers/gpu/drm/i915/display/intelbw.c. BUG: Kernel NULL...

5.5CVSS6AI score0.00137EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/10 9:2 p.m.10 views

CVE-2026-49842

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, modverto's WebSocket frame loop intercepts a -prefixed speed-test protocol SPU / SPB / SP...

7.5CVSS5.4AI score0.00449EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/06/09 4:2 p.m.7 views

CVE-2026-49842

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, modverto's WebSocket frame loop intercepts a -prefixed speed-test protocol SPU / SPB / SP...

7.5CVSS5.4AI score0.00449EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/09 4:2 p.m.7 views

CVE-2026-49842 FreeSWITCH: Pre-authentication bandwidth amplification via `mod_verto` speed-test frames

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, modverto's WebSocket frame loop intercepts a -prefixed speed-test protocol SPU / SPB / SP...

7.5CVSS5.4AI score0.00449EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/09 4:2 p.m.31 views

CVE-2026-49842 FreeSWITCH: Pre-authentication bandwidth amplification via `mod_verto` speed-test frames

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, modverto's WebSocket frame loop intercepts a -prefixed speed-test protocol SPU / SPB / SP...

7.5CVSS0.00449EPSS
Exploits0References2
CVE
CVE
added 2026/06/09 4:2 p.m.18 views

CVE-2026-49842

CVE-2026-49842 - FreeSWITCH mod_verto pre-auth bandwidth amplification : Before v1.11.1, FreeSWITCH’s mod_verto WebSocket frame loop processed a #-prefixed speed-test protocol (#SPU/#SPB/#SPE) prior to authentication. The payload size in #SPU was parsed with atoi() and non-positive values were re...

7.5CVSS5.4AI score0.00449EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

FreeSWITCH 资源管理错误漏洞

FreeSWITCH is a free and open-source communication software developed by Anthony Minessale, an individual developer from the United States. This software can be used to create audio, video, and short message-based products and applications. Prior to FreeSWITCH version 1.11.1, there was a resource...

7.5CVSS5.3AI score0.00449EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:34 p.m.8 views

CVE-2026-49140

Nanobot prior to version 0.2.1 contains a denial of service vulnerability in the Matrix channel media download handler that allows authenticated room members to exhaust process memory and bandwidth by sending media events with missing or invalid size metadata. Attackers can send multiple concurre...

5.3CVSS5.5AI score0.00268EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/06/05 12:0 a.m.5 views

ScaleDisturb: Exploiting Temporal Asymmetry to Amplify Read Disturbance in Modern DRAM Chips

DRAM suffers from read disturbance phenomena e.g., RowHammer and RowPress, where repeatedly accessing or continuously keeping open a DRAM row aggressor row induces bitflips in other physically nearby unaccessed rows victim rows. The disturbance mechanism is practically exploitable from the softwa...

5.5AI score
Exploits0
Rows per page
Query Builder