CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 2026/06/19 11:10 a.m.•3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: s390/ctcm: Fixed double-kfree issue. The function ‘mpcrcvdsweepreqmpcginfo’ is called conditionally from the function ‘ctcmpcunpackskb’. It frees the passed mpcginfo. After that, a call to the function ‘kfree’ within the function...

6.1AI score0.00177EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•6 views

Astra Linux - Vulnerability in linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: security: Restrict CONFIGZEROCALLUSEDREGS to gcc or clang 15.0.6 A serious bug in clang's implementation of -fzero-call-used-regs can result NULL pointer dereferences see the links above the check for more information. Restrict...

5.7AI score0.00201EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rtc: msc313: The mismatch between function prototypes in msc313rtcprobe has been fixed. With Clang’s Kernel Control Flow Integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer...

5.5CVSS5.7AI score0.00143EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: avoid stack overflow warnings with clang A previous patch addressed a issue related to KASAN in stv0367; now a similar problem has emerged with clang: drivers/media/dvb-frontends/stv0367.c:1222:12: Error:...

7.8CVSS5.7AI score0.0033EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•4 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fixed the type of the second parameter in the odneditdpmtable callback. With Clang’s kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer...

5.4AI score0.00201EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•12 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fixed a mismatch in the function prototype in sndseqexpandvarevent. With Clang’s Kernel Control Flow Integrity kCFI; CONFIGCFICLANG feature, indirect call targets are validated against the expected function pointer...

5.5CVSS6.1AI score0.00235EPSS

Fedora•added 2026/06/09 1:27 a.m.•8 views

[SECURITY] Fedora 43 Update: mingw-objfw-1.5.5-1.fc43

ObjFW is a portable, lightweight framework for the Objective-C language. It enables you to write an application in Objective-C that will run on any platform supported by ObjFW without having to worry about differences between operating systems or various frameworks you would otherwise need if you...

5.4AI score

Fedora•added 2026/06/09 1:22 a.m.•10 views

[SECURITY] Fedora 44 Update: objfw-1.5.5-1.fc44

5.4AI score

Fedora•added 2026/06/09 1:22 a.m.•12 views

[SECURITY] Fedora 44 Update: mingw-objfw-1.5.5-1.fc44

5.4AI score

Fedora•added 2026/06/01 12:49 a.m.•18 views

[SECURITY] Fedora 44 Update: objfw-1.5.4-1.fc44

5.8AI score

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: drm/sti: The return type of stidvo,hda,hdmiconnectormodevalid has been corrected. With Clang’s Kernel Control Flow Integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer...

5.5CVSS5.8AI score0.00149EPSS

RedhatCVE•added 2026/05/11 8:26 p.m.•10 views

CVE-2026-45181

Hex-Rays IDA Pro 9.2 and 9.3 before 9.3sp2 does not block Clang dependency-file generation via argument injection, which allows attackers to place their code into a plugins directory if the victim uses an attacker-supplied .i64 file...

NVD•added 2026/05/09 10:16 p.m.•27 views

CVE-2026-45181

6.5CVSS0.00159EPSS

CVE•added 2026/05/09 9:47 p.m.•15 views

CVE-2026-45181

Hex-Rays IDA Pro 9.2 and 9.3 prior to 9.3sp2 do not block Clang dependency-file generation, enabling argument-injection via attacker-supplied .i64 files to place code into a plugins directory. Root cause: missing validation in dependency-file generation. Impact: local attacker could achieve code ...

ATTACKERKB•added 2026/05/09 9:47 p.m.•4 views

CVE-2026-45181

Exploits0References3Affected Software1

Vulnrichment•added 2026/05/09 9:47 p.m.•8 views

CVE-2026-45181

CNNVD•added 2026/05/09 12:0 a.m.•8 views

Hex-Rays IDA Pro 参数注入漏洞

Hex-Rays IDA Pro is a professional reverse-engineering tool developed by the Belgian company Hex-Rays. It is used for disassembly and program analysis. Versions of Hex-Rays IDA Pro from 9.2 to 9.3sp2 contained a parameter injection vulnerability. This vulnerability stemmed from the lack of...

Positive Technologies•added 2026/05/09 12:0 a.m.•16 views

PT-2026-39420

Name of the Vulnerable Software and Affected Versions Hex-Rays IDA Pro versions 9.2 through 9.3 Hex-Rays IDA Pro versions prior to 9.3sp2 Description An argument injection flaw exists where the software fails to block Clang dependency-file generation. This allows an attacker to place malicious co...