Lucene search
K

587 matches found

CVE
CVE
added 5 days ago9 views

CVE-2026-42952

CVE-2026-42952 concerns the Hydro-Québec Le Circuit Électrique charging-station backend. The issue is an improper restriction of excessive authentication attempts due to lack of throttling, which could enable a denial-of-service condition. Technical details in the connected records indicate an ex...

8.7CVSS6.1AI score0.0038EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.13 views

PT-2026-55274

Name of the Vulnerable Software and Affected Versions Fiber versions prior to 3.3.0 Description The default Authorizer function in the BasicAuth middleware, located in middleware/basicauth/config.go, uses short-circuit evaluation when validating credentials. If a username does not exist, the syst...

5.3CVSS6AI score0.00516EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2026/07/01 5:1 p.m.7 views

CVE-2026-53339

A flaw was found in the Linux kernel's i2c-qcom-cci driver. This vulnerability occurs when the device unbinding or driver removal process is initiated on systems where only one I2C master is initialized, despite the Qualcomm CCI controller providing two. This can lead to a NULL pointer dereferenc...

5.5CVSS5.8AI score0.00164EPSS
Exploits0References4
EUVD
EUVD
added 2026/07/01 1:32 p.m.7 views

EUVD-2026-40974

In the Linux kernel, the following vulnerability has been resolved: i2c: imx: fix clock and pinctrl state inconsistency in runtime PM In i2cimxruntimesuspend, the clock is disabled before switching the pinctrl state to sleep. If pinctrlpmselectsleepstate fails, the runtime suspend is aborted but...

5.8AI score0.00154EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 1:32 p.m.9 views

EUVD-2026-40973

In the Linux kernel, the following vulnerability has been resolved: i2c: qcom-cci: Fix NULL pointer dereference in cciremove On all modern platforms Qualcomm CCI controller provides two I2C masters, and on particular boards only one I2C master may be initialized, and in such cases the device...

5.8AI score0.00164EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/26 7:40 p.m.7 views

EUVD-2026-39884

In the Linux kernel, the following vulnerability has been resolved: drm/gma500/oaktraillvds: fix hang on init failure The LVDS init code looks up an I2C adapter using i2cgetadapter and tries to read the EDID before falling back to allocating and registering its own adapter. The error handling doe...

5.8AI score0.00122EPSS
Exploits0References6
CVE
CVE
added 2026/06/26 7:40 p.m.15 views

CVE-2026-53279

CVE-2026-53279 affects the Linux kernel driver path drm/gma500/oaktrail_lvds. The issue occurs during LVDS initialization where the code looks up an I2C adapter (via i2c_get_adapter) and may read EDID, then either uses the adapter or falls back to allocating/registering its own adapter. On late i...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References6Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/26 3:1 p.m.8 views

CVE-2026-52948

A flaw was found in the Linux kernel's I2C Inter-Integrated Circuit subsystem. A malicious local user can exploit an integer overflow vulnerability in the I2CTIMEOUT ioctl. By providing a large timeout value, the multiplication by 10 causes an overflow, leading to a truncated value. This results ...

5.5CVSS5.8AI score0.00185EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/25 9:31 a.m.3 views

EUVD-2026-39342

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Clamp HDMI HDCP2 rxidlist read to buffer size Why & How During HDCP 2.x repeater authentication over HDMI, the driver reads the sink's RxStatus register and extracts a 10-bit message size field max value 1023. Th...

6AI score0.00143EPSS
Exploits0References9
CVE
CVE
added 2026/06/24 4:26 p.m.12 views

CVE-2026-52948

CVE-2026-52948 affects the Linux kernel I2C subsystem (i2c: dev) where the I2C_TIMEOUT ioctl accepts a user timeout in 10 ms steps. The argument is checked against INT_MAX but is then multiplied by 10 before passing to msecs_to_jiffies(). A malicious user can pass a value (e.g., 429496729) that p...

5.5CVSS5.8AI score0.00185EPSS
Exploits0References8Affected Software1
NVD
NVD
added 2026/06/09 5:16 a.m.45 views

CVE-2026-41710

An attacker can craft a large number of unique requests that trigger a failure, exhausting the capacity of the application-wide stateful retry cache. Once the cache is full, it permanently rejects any further updates, causing all later stateful retries and circuit breakers in the application to...

5.9CVSS0.0028EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 3:48 a.m.10 views

EUVD-2026-35321

An attacker can craft a large number of unique requests that trigger a failure, exhausting the capacity of the application-wide stateful retry cache. Once the cache is full, it permanently rejects any further updates, causing all later stateful retries and circuit breakers in the application to...

5.9CVSS5.5AI score0.0028EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.19 views

PT-2026-47646

Name of the Vulnerable Software and Affected Versions Spring Retry versions 2.0.0 through 2.0.12 Spring Retry versions 1.3.0 through 1.3.4 Description An attacker can send a large volume of unique requests that trigger failures, which exhausts the capacity of the application-wide stateful retry...

5.9CVSS5.8AI score0.0028EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:34 p.m.11 views

CVE-2026-49325

Improper handling of physical conditions in the bike-shutdown control of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows a physical attacker with access to the Wireless Control Module WCM wiring harness to bypass the anti-theft shutdown. The WCM signals shutdown to a peer ECU via...

4.6CVSS5.5AI score0.0016EPSS
Exploits0References1
CVE
CVE
added 2026/05/29 12:37 p.m.20 views

CVE-2026-49325

The CVE affects the Indian Motorcycle Scout Bobber + Tech 2025 model year, where the Wireless Control Module (WCM) wiring harness controls anti‑theft shutdown. A falling‑edge voltage transition on a dedicated wire pair signals shutdown to a peer ECU, but the receiving ECU cannot distinguish an ac...

4.6CVSS5.8AI score0.0016EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/28 9:41 a.m.12 views

EUVD-2026-32757

In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5647: Fix runtime PM refcount leak in sctrl Three control cases AUTOGAIN, EXPOSUREAUTO, ANALOGUEGAIN directly return without calling pmruntimeput, causing runtime PM reference count leaks. Change these cases from...

5.8AI score0.00105EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/28 4:2 a.m.14 views

CVE-2026-45865

A flaw was found in the Linux kernel's Message Control Transport Protocol MCTP over I2C Inter-Integrated Circuit implementation. A local attacker could exploit this vulnerability by performing I2C reads on an MCTP-I2C device. This could lead to the disclosure of uninitialized stack memory,...

5.5CVSS5.8AI score0.00156EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2026/05/28 12:0 a.m.13 views

Dissecting the Black Box: Circuit-Level Analysis of LLM Vulnerability Detection

Large language models LLMs can detect software vulnerabilities, but how do they actually identify vulnerable code? We address this question using mechanistic interpretability; analyzing the internal computations of a neural network to understand its reasoning process.Using Circuit Tracer on...

5.9AI score
Exploits0
OSV
OSV
added 2026/05/27 2:17 p.m.9 views

UBUNTU-CVE-2026-45941

In the Linux kernel, the following vulnerability has been resolved: tpm: tpmi2cinfineon: Fix locality leak on getburstcount failure getburstcount can return -EBUSY on timeout. When this happens, the function returns directly without releasing the locality that was acquired at the beginning of...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.17 views

PT-2026-43808

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A locality leak occurs in the tpm i2c infineon component. When the get burstcount function returns -EBUSY due to a timeout, it exits immediately without releasing the locality previously...

5.5CVSS5.4AI score0.00123EPSS
Exploits0
Rows per page
Query Builder