Lucene search
K

257 matches found

OSV
OSV
added 2026/06/15 12:6 p.m.16 views

RXSA-2026:25121 Critical: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: geneve: Fix use-after-free in genevefinddev. CVE-2025-21858 kernel: smc: Fix use-after-free in tcpwritetimerhandler CVE-2023-53781 kernel: nbd: defer config unlock in nbdgenlconnect...

8.8CVSS6.3AI score0.00563EPSS
Exploits0References14
Rockylinux
Rockylinux
added 2026/06/12 6:1 p.m.18 views

kernel-rt security update

An update is available for kernel-rt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel-rt packages provide the Real Time Linux Kernel, which enables...

9.8CVSS6.5AI score0.00563EPSS
Exploits0
SUSE Linux
SUSE Linux
added 2026/06/09 8:18 a.m.13 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: CVE-2026-31405: media: dvb-net: fix OOB access in ULE extension header tables bsc1261700. CVE-2026-31473: media: mc, v4l2: serialize REINIT and REQBUFS with reqqueuemutex...

9.3CVSS6AI score0.00563EPSS
Exploits16References98
RedHat Linux
RedHat Linux
added 2026/06/04 3:52 p.m.10 views

kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()

A flaw was found in the Linux kernel's IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel's IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash denial of...

9.8CVSS6.4AI score0.00563EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/03 7:37 p.m.54 views

kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()

A flaw was found in the Linux kernel's IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel's IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash denial of...

9.8CVSS6.4AI score0.00563EPSS
Exploits0References5
OSV
OSV
added 2026/05/20 6:33 p.m.8 views

MAL-2026-4507 Malicious code in cb-wallet-http (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8d704c0a6a48da0e2fef8eddcd1f98e7d380c3e19f22753f3df51d9893f60ce Package name mimics Coinbase's internal cb-wallet- namespace to capture dependency-confusion resolutions. On npm install postinstall.js and on...

5.8AI score
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: netlink: Annotate accesses to nlk-cbrunning Both netlinkrecvmsg and netlinknativeseqshow read nlk-cbrunning without locking it. Use READONCE in those functions. Add corresponding WRITEONCE to netlinkdump and netlinkdumpstart...

6AI score0.00209EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/20 2:34 a.m.12 views

Malicious code in cb-wallet-data (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d076ee3d487c7c10f785494c4391e39eb327b696224d5653746144fa5ac8d37 Package name 'cb-wallet-data' targets a presumed Coinbase-internal namespace and is published by an unaffiliated party. Both postinstall.js npm insta...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/20 2:34 a.m.9 views

MAL-2026-4506 Malicious code in cb-wallet-data (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d076ee3d487c7c10f785494c4391e39eb327b696224d5653746144fa5ac8d37 Package name 'cb-wallet-data' targets a presumed Coinbase-internal namespace and is published by an unaffiliated party. Both postinstall.js npm insta...

5.8AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-43037

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ip6tunnel: clear skb2-cb in ip4ip6err Oskar Kjos reported the following problem. ip4ip6err calls icmpsend on a cloned skb whose cb was written by the IPv6 recei...

9.8CVSS6.3AI score0.00563EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/01 2:15 p.m.31 views

CVE-2026-43038 ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach()

In the Linux kernel, the following vulnerability has been resolved: ipv6: icmp: clear skb2-cb in ip6errgenicmpv6unreach Sashiko AI-review observed: In ip6errgenicmpv6unreach, the skb is an outer IPv4 ICMP error packet where its cb contains an IPv4 inetskbparm. When skb is cloned into skb2 and...

9.8CVSS0.00255EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.7 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the ip6errgenicmpv6unreach function failing to clear the cb array of skb2, which results in the IPv4 cb...

9.8CVSS5.8AI score0.00255EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.10 views

Linux kernel 缓冲区错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a buffer error vulnerability that stems from the ip4ip6err function failing to clear the cb array of skb2, which results in the IPv6 cb structure...

9.8CVSS6.2AI score0.00563EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011227)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011227 advisory. In the Linux kernel, the following vulnerability has been resolved: netlink: annotate accesses to nlk-cbrunning Both netlinkrecvmsg and netlinknativeseqshow read...

5.9AI score0.00209EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.5 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013055)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013055 advisory. In the Linux kernel, the following vulnerability has been resolved: netlink: annotate accesses to nlk-cbrunning Both netlinkrecvmsg and netlinknativeseqshow read...

5.7AI score0.00209EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013142)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013142 advisory. In the Linux kernel, the following vulnerability has been resolved: netlink: annotate accesses to nlk-cbrunning Both netlinkrecvmsg and netlinknativeseqshow read...

5.7AI score0.00209EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/04/16 12:0 a.m.3 views

CVE-2026-30656

A NULL pointer dereference vulnerability exists in fio Flexible I/O Tester v3.41 when parsing job files containing the fdppli option. The callback function strfdpplicb does not validate the input pointer and calls strdup on a NULL value when the option is specified without an argument. This resul...

7.5CVSS5.2AI score0.00278EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.3 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006738)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006738 advisory. In the Linux kernel, the following vulnerability has been resolved: ipvti: fix potential slab-use-after-free in decodesession6 When ipvti device is set to the qdisc ...

7.8CVSS6.3AI score0.00139EPSS
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/12 1:56 a.m.8 views

Malicious code in b2b-common-cb-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0699be4242e2a015c76aad1b5ee1f2482f01a59017778511108ed33b8729a8e The package b2b-common-cb-lib was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
Snyk
Snyk
added 2026/03/12 1:56 a.m.1 views

Malicious Package

Overview b2b-common-cb-lib is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Rows per page
Query Builder