Lucene search
+L

1145 matches found

NVD
NVD
added 2026/02/18 4:22 p.m.11 views

CVE-2026-23225

In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Don't assume CID is CPU owned on mode switch Shinichiro reported a KASAN UAF, which is actually an out of bounds access in the MMCID management code. CPU0 CPU1 T1 runs in userspace T0: forkT4 - Switch to per CPU CID...

7.8CVSS0.00113EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/02/18 4:22 p.m.7 views

CVE-2026-23225

In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Don't assume CID is CPU owned on mode switch Shinichiro reported a KASAN UAF, which is actually an out of bounds access in the MMCID management code. CPU0 CPU1 T1 runs in userspace T0: forkT4 - Switch to per CPU CID...

7.8CVSS5.8AI score0.00113EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/18 2:53 p.m.1 views

CVE-2026-23225

In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Don't assume CID is CPU owned on mode switch Shinichiro reported a KASAN UAF, which is actually an out of bounds access in the MMCID management code. CPU0 CPU1 T1 runs in userspace T0: forkT4 - Switch to per CPU CID...

5AI score0.00113EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/02/18 2:53 p.m.21 views

CVE-2026-23225

CVE-2026-23225 affects the Linux kernel MMCID mode switch logic. The issue arises when the per-other CPU CID ownership state (TRANSIT) is set but the CID is not CPU-owned, causing mm_drop_cid_on_cpu() to clear ONCPU and then touch an invalid bit, yielding an out-of-bounds access. The root cause i...

7.8CVSS5.3AI score0.00113EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/02/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-23225

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Don't assume CID is CPU owned on mode switch Shinichiro reported a KASAN UAF,...

7.8CVSS5.8AI score0.00113EPSS
Exploits0References2
Fedora
Fedora
added 2026/02/01 12:50 a.m.10 views

[SECURITY] Fedora 43 Update: fontforge-20230101-19.fc43

FontForge former PfaEdit is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1, some Type 3 and Type 0, TrueType, OpenType Type2 and CID-keyed fonts...

8.8CVSS7.2AI score0.0058EPSS
Exploits0
OSV
OSV
added 2026/01/28 12:15 p.m.5 views

CVE-2025-59892

Cross-Site request forgery CSRF vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. An authenticated user could cause another user to perform unwanted actions within the application they are logged into. This vulnerability is possible due to the lack of...

8CVSS5.9AI score0.00127EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/28 11:52 a.m.5 views

EUVD-2025-206490

Cross-Site request forgery CSRF vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. An authenticated user could cause another user to perform unwanted actions within the application they are logged into. This vulnerability is possible due to the lack of...

8.5CVSS6AI score0.00127EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/28 11:52 a.m.3 views

CVE-2025-59892

Cross-Site request forgery CSRF vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. An authenticated user could cause another user to perform unwanted actions within the application they are logged into. This vulnerability is possible due to the lack of...

8.5CVSS6AI score0.00127EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2026/01/28 11:52 a.m.14 views

CVE-2025-59892

Cross-Site Request Forgery (CSRF) vulnerability affecting Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. Root cause: lack of proper CSRF token implementation allows an authenticated user to cause actions on behalf of another user. Practical impact includes unauthentica...

8.5CVSS6AI score0.00127EPSS
Exploits0References1Affected Software2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000722)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000722 advisory. The slhcinit function in drivers/net/slip/slhc.c in the Linux kernel through 4.2.3 does not ensure that certain slot numbers are valid, which allows local users to...

4.9CVSS6.2AI score0.00646EPSS
Exploits1References25
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004026)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004026 advisory. The vgacon subsystem in the Linux kernel before 5.8.10 mishandles software scrollback. There is a vgaconscrolldelta out-of-bounds read, aka CID-973c096f6a85. Tenable...

5.9CVSS6.5AI score0.00519EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004170)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004170 advisory. A memory leak in the cx23888irprobe function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of servi...

4.7CVSS6.5AI score0.00446EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001380)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001380 advisory. An issue was discovered in fs/fuse/fusei.h in the Linux kernel before 5.11.8. A stall on CPU can occur because a retry loop continually finds the same bad inode, aka...

5.5CVSS6.5AI score0.0036EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.2 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004198)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004198 advisory. A memory leak in the unittestdataadd function in drivers/of/unittest.c in the Linux kernel before 5.3.10 allows attackers to cause a denial of service memory...

7.8CVSS6.9AI score0.03551EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.8 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004053)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004053 advisory. In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sasdiscover.c because of mishandling of port disconnection during...

4.7CVSS6.4AI score0.00654EPSS
Exploits1References14
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001443)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001443 advisory. An issue was discovered in the Linux kernel before 5.9. arch/x86/kvm/svm/sev.c allows attackers to cause a denial of service soft lockup by triggering destruction of...

5.5CVSS6.4AI score0.00335EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004385)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004385 advisory. An issue was discovered in slcbump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It allows attackers to read uninitialized canframe data,...

4.4CVSS6.5AI score0.00722EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003840)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003840 advisory. An issue was discovered in the Linux kernel before 5.8.1. net/bluetooth/hcievent.c has a slab out-of- bounds read in hciextendedinquiryresultevt, aka CID-51c19bf3d5c...

7.1CVSS6.7AI score0.00536EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004011)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004011 advisory. In the Linux kernel before 5.0.6, there is a NULL pointer dereference in dropsysctltable in fs/proc/procsysctl.c, related to putlinks, aka CID-23da9588037e. Tenable...

5.5CVSS6.6AI score0.00477EPSS
Exploits0References9
Rows per page
Query Builder