Lucene search
K

8349 matches found

Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-52009

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the fsl-mc bus. When a driver is probed via the driver attach function, the bus match callback is executed without holding the device lock. This lead...

5.9AI score0.00157EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-52006

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the rtlwifi PCI component. The irq prepare bcn tasklet is initialized in rtl pci init and scheduled upon a RTL IMR BCNINT hardware interrupt. Because thi...

5.9AI score0.00164EPSS
Exploits0References19
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.13 views

PT-2026-51842

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An integer overflow exists in the I2C TIMEOUT ioctl. The function accepts a user-provided timeout value in multiples of 10 ms. Although the argument is checked against INT MAX, it is...

5.9AI score0.00185EPSS
Exploits0References17
RedHat Linux
RedHat Linux
added 2026/06/19 5:14 p.m.9 views

kernel: ALSA: usb-audio: Add sanity check for OOB writes at silencing

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture USB audio subsystem. An inconsistency in how USB audio playback and capture streams are handled can lead to an out-of-bounds write to a memory buffer. This can result in a system crash, causing a denial of service for a...

7.8CVSS5.8AI score0.00123EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/19 4:39 p.m.8 views

kernel: ALSA: usb-audio: Add sanity check for OOB writes at silencing

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture USB audio subsystem. An inconsistency in how USB audio playback and capture streams are handled can lead to an out-of-bounds write to a memory buffer. This can result in a system crash, causing a denial of service for a...

7.8CVSS5.8AI score0.00123EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: asix: Proper error handling for USB read errors has been added. The Syzbot issue with the asix driver remains the same. The problem is still present—the asixreadcmd function reads fewer bytes than requested by the caller...

5.5CVSS6.1AI score0.00252EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: Do not delete the error page from the page cache. This change is very similar to the change made for shmem 1. It addresses the same issue, but for the HugeTLBFS mechanism instead. Currently, when a poisoned HugeTLB pag...

5.5CVSS5.9AI score0.00165EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.11 views

Astra Linux – Vulnerability in Linux 5.15

A buffer overflow vulnerability was discovered in the Linux kernel’s Intel iSMT SMBus host controller driver. This vulnerability allows a local user to crash the system by triggering the I2CSMBUSBLOCKDATA function with malicious input data. source-iocs-preserved const=I2CSMBUS...

5.5CVSS6.9AI score0.00301EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.15

A buffer overflow vulnerability was discovered in the Linux kernel’s Intel iSMT SMBus host controller driver, particularly in its handling of the I2CSMBUSBLOCKPROCCALL case using the ioctl I2CSMBUS function. This flaw could allow a local user to cause the system to crash...

5.5CVSS7AI score0.00225EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Intel Microcode

A failure in the protection mechanism of the bus lock regulator for certain IntelR processors may allow an unauthenticated user to potentially exploit the system to cause a denial of service through network access...

6.5CVSS6.5AI score0.0075EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.15

The rpmsgprobe function in the drivers/rpmsg/virtiorpmsgbus.c file in the Linux kernel, prior to version 5.18.4, contains a double-free issue...

5.5CVSS6.7AI score0.00327EPSS
Exploits0References2
NVD
NVD
added 2026/06/18 6:16 a.m.13 views

CVE-2026-55740

Nur-Alam39 bus-ticket no released versions; latest commit 459cabdbeb99c00225b26e46e3c2c30ae1de7bad contains an unauthenticated SQL injection vulnerability in businfo.php. The busid parameter received via HTTP POST is concatenated directly into a MySQL query select from businfo where id=$busid...

9.8CVSS0.00366EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/18 5:48 a.m.6 views

CVE-2026-55740

Nur-Alam39 bus-ticket no released versions; latest commit 459cabdbeb99c00225b26e46e3c2c30ae1de7bad contains an unauthenticated SQL injection vulnerability in businfo.php. The busid parameter received via HTTP POST is concatenated directly into a MySQL query select from businfo where id=$busid...

9.8CVSS5.8AI score0.00366EPSS
Exploits0References3
NVD
NVD
added 2026/06/17 1:20 p.m.8 views

CVE-2026-2604

A flaw was found in evolution-data-server. Inconsistent comparison logic in the addressbook file backend allows a Flatpak application with D-Bus access to craft a malicious URI containing directory traversal sequences. This URI is stored without proper validation during contact creation or...

5.6CVSS0.00189EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/16 7:18 a.m.6 views

wireshark: Improperly Controlled Sequential Memory Allocation in Wireshark

A flaw was found in the USB HID dissector in Wireshark. This issue occurs when malformed packets are decoded from a pcap file or the network, causing an excessive consumption of memory, resulting in a denial of service...

7.5CVSS5.1AI score0.00184EPSS
Exploits2References6
Cvelist
Cvelist
added 2026/06/15 10:2 a.m.39 views

CVE-2026-34021 Lack of cryptographic protection in Wertheim SafeController 5400 enables RS-485 message sniffing and replay

The Wertheim SafeController 5400, Controller 5400 - AssemblyVersion 6.11.8130.22320, uses RS-485 communication between the server and the microcontroller without cryptographic protection. An attacker with access to the communication path between the server and the microcontroller can sniff RS-485...

8.6CVSS0.00196EPSS
Exploits0References2
NVD
NVD
added 2026/06/14 11:16 p.m.10 views

CVE-2026-12189

A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzmate. Executing a manipulation can lead to improper authorization in handler for custom url scheme. The attack can only be executed locally. The exploit has been...

5.3CVSS0.00105EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/13 12:0 a.m.30 views

PT-2026-49074

Name of the Vulnerable Software and Affected Versions abrt-dbus affected versions not specified Description A race condition exists in the ChownProblemDir method of the abrt-dbus D-Bus service. The ChownProblemDir method opens the dump directory using DD OPEN READONLY and executes dd chown to...

7CVSS5.2AI score0.00091EPSS
Exploits0References5
NVD
NVD
added 2026/06/12 9:16 p.m.12 views

CVE-2026-44786

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, chat events for public category channels are published to MessageBus without permission scoping, so any MessageBus...

7.5CVSS0.00259EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 8:26 p.m.11 views

EUVD-2026-36560

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, the MessageBus.publish call for /webhookevents/ in Jobs::RedeliverWebHookEvents did not pass groupids, leaving the channel...

4.3CVSS5.2AI score0.00211EPSS
Exploits0References1
Rows per page
Query Builder