Lucene search
+L

3186 matches found

OSV
OSV
added 2026/06/22 4:34 p.m.6 views

SUSE-SU-2026:2494-1 Security update for the Linux Kernel (Live Patch 69 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise Kernel 4.12.14-122.261 fixes various security issues The following security issues were fixed: - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. - CVE-2026-31504: net: fix fanout UAF in packetrelease via NETDEVUP race...

9.8CVSS6.4AI score0.0049EPSS
Exploits7References9
RedHat Linux
RedHat Linux
added 2026/06/22 6:44 a.m.7 views

kernel: Linux kernel: Use-After-Free in net/gro due to improper handling of zerocopy skbs

A flaw was found in the Linux kernel's Generic Receive Offload GRO networking subsystem. This vulnerability occurs when skbgroreceive attempts to merge zerocopy socket buffers skbs without properly managing page reference counts, specifically when the SKBFLMANAGEDFRAGREFS flag is set. An attacker...

7.8CVSS6.1AI score0.00137EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2026/06/22 6:28 a.m.12 views

kernel: Linux kernel: Use-After-Free in net/gro due to improper handling of zerocopy skbs

A flaw was found in the Linux kernel's Generic Receive Offload GRO networking subsystem. This vulnerability occurs when skbgroreceive attempts to merge zerocopy socket buffers skbs without properly managing page reference counts, specifically when the SKBFLMANAGEDFRAGREFS flag is set. An attacker...

7.8CVSS6.1AI score0.00137EPSS
Exploits0References11
OSV
OSV
added 2026/06/22 5:47 a.m.4 views

BIT-NGINX-2026-42055 NGINX ngx_http_proxy_v2_module and ngx_http_grpc_module vulnerability

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpproxyv2module and ngxhttpgrpcmodule modules. This vulnerability exists when the proxyhttpversion to 2 or grpcpass directives are used to proxy HTTP/2 traffic, the ignoreinvalidheaders directive is set to off, and the...

9.2CVSS6.5AI score0.03552EPSS
Exploits1References11
RedHat Linux
RedHat Linux
added 2026/06/22 2:43 a.m.17 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds heap write in DRI2 DRIGetBuffers/DRIGetBuffersWithFormat

An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attachments and one DRI2BufferFrontLeft can trigger an out-of-bounds heap write. This may be used to crash the server, or for...

7.8CVSS5.8AI score0.00148EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.6 views

Amazon Linux 2023 : perl-DBI, perl-DBI-tests (ALAS2023-2026-1850)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1850 advisory. DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder characters to numbered binders of t...

9.8CVSS6.2AI score0.00452EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: mt76: fixed the crash in monitor mode with the sdio driver. The mt7921s driver may receive frames with fragment buffers. If a CTS packet is received in monitor mode, the payload is only 10 bytes, and 6 bytes of header padding ...

5.5CVSS6.6AI score0.00231EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: crypto: qat – added parameter checks for RSA. Requests with a source buffer size greater than the size of the key are rejected. This prevents potential integer underflow issues that might occur when copying the source scatterlist...

5.5CVSS6.3AI score0.00254EPSS
Exploits0References2
OSV
OSV
added 2026/06/19 12:3 a.m.10 views

RLSA-2026:26610 Important: xorg-x11-server security, bug fix, and enhancement update

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fixes: xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution du...

7.8CVSS5.7AI score0.00165EPSS
Exploits0References10
OSV
OSV
added 2026/06/19 12:1 a.m.10 views

RLSA-2026:26562 Important: xorg-x11-server-Xwayland security, bug fix, and enhancement update

Xwayland is an X server for running X clients under Wayland. Security Fixes: xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch CVE-2026-50256 xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server:...

7.8CVSS5.7AI score0.00165EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/06/19 12:0 a.m.15 views

nginx 1.13.10 < 1.30.3 / 1.31.x < 1.31.2 Buffer Overflow

The installed version of nginx is 1.13.10 prior to 1.30.3, or 1.31.x prior to 1.31.2. It is, therefore, affected by the following issue : - NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpproxyv2module and ngxhttpgrpcmodule modules. This vulnerability exists when the...

9.2CVSS6.6AI score0.03552EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.38 views

PT-2026-50769

Name of the Vulnerable Software and Affected Versions pam usb versions 0.9.1 and earlier Description The xfree memory release helper calls free without zeroing buffer contents first. This results in heap-allocated buffers containing sensitive data, such as one-time pad bytes read from disk, being...

4.7CVSS6AI score0.00109EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/17 6:6 p.m.16 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds heap write in DRI2 DRIGetBuffers/DRIGetBuffersWithFormat

An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attachments and one DRI2BufferFrontLeft can trigger an out-of-bounds heap write. This may be used to crash the server, or for...

7.8CVSS5.3AI score0.00148EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/17 4:6 p.m.8 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds heap write in DRI2 DRIGetBuffers/DRIGetBuffersWithFormat

An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attachments and one DRI2BufferFrontLeft can trigger an out-of-bounds heap write. This may be used to crash the server, or for...

7.8CVSS5.3AI score0.00148EPSS
Exploits0References7
OSV
OSV
added 2026/06/17 3:16 p.m.3 views

CVE-2026-42055

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpproxyv2module and ngxhttpgrpcmodule modules. This vulnerability exists when the proxyhttpversion to 2 or grpcpass directives are used to proxy HTTP/2 traffic, the ignoreinvalidheaders directive is set to off, and the...

9.2CVSS7.8AI score0.03552EPSS
Exploits1References10
OSV
OSV
added 2026/06/17 3:16 p.m.4 views

ALPINE-CVE-2026-42055

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpproxyv2module and ngxhttpgrpcmodule modules. This vulnerability exists when the proxyhttpversion to 2 or grpcpass directives are used to proxy HTTP/2 traffic, the ignoreinvalidheaders directive is set to off, and the...

9.2CVSS6.5AI score0.03552EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2026/06/17 3:13 p.m.11 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds heap write in DRI2 DRIGetBuffers/DRIGetBuffersWithFormat

An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attachments and one DRI2BufferFrontLeft can trigger an out-of-bounds heap write. This may be used to crash the server, or for...

7.8CVSS5.3AI score0.00148EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/17 2:4 p.m.13 views

EUVD-2026-37718

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpproxyv2module and ngxhttpgrpcmodule modules. This vulnerability exists when the proxyhttpversion to 2 or grpcpass directives are used to proxy HTTP/2 traffic, the ignoreinvalidheaders directive is set to off, and the...

9.2CVSS6AI score0.03552EPSS
Exploits1References1
AlpineLinux
AlpineLinux
added 2026/06/17 2:4 p.m.6 views

CVE-2026-42055

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpproxyv2module and ngxhttpgrpcmodule modules. This vulnerability exists when the proxyhttpversion to 2 or grpcpass directives are used to proxy HTTP/2 traffic, the ignoreinvalidheaders directive is set to off, and the...

9.2CVSS6.5AI score0.03552EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/17 7:4 a.m.5 views

Security Bulletin: IBM Cloud Pak for Data System (CPDS 1.0) is affected by multiple vulnerabilities in the cryptography package

Summary IBM Cloud Pak for Data System CPDS 1.0 uses the Python cryptography package, which is affected by multiple security vulnerabilities. CVE-2026-34073 involves improper certificate validation where DNS name constraints are only validated against SANs within child certificates and not the "pe...

9.8CVSS5.5AI score0.00652EPSS
Exploits0Affected Software1
Rows per page
Query Builder