Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2026/06/26 11:45 a.m.6 views

CVE-2026-53042

A flaw was found in the Linux kernel's fwctl module. An issue with the class initialization ordering can lead to a null pointer dereference when a device is removed. This can cause a system crash, resulting in a Denial of Service DoS...

5.5CVSS5.8AI score0.00166EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 4:29 p.m.9 views

EUVD-2026-38910

In the Linux kernel, the following vulnerability has been resolved: fwctl: Fix class init ordering to avoid NULL pointer dereference on device removal CXL is linked before fwctl in drivers/Makefile. Both use moduleinit, so cxlpcidriverinit runs first. When cxlpciprobe calls fwctlregister and then...

5.8AI score0.00166EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 4:29 p.m.3 views

CVE-2026-53042 fwctl: Fix class init ordering to avoid NULL pointer dereference on device removal

In the Linux kernel, the following vulnerability has been resolved: fwctl: Fix class init ordering to avoid NULL pointer dereference on device removal CXL is linked before fwctl in drivers/Makefile. Both use moduleinit, so cxlpcidriverinit runs first. When cxlpciprobe calls fwctlregister and then...

5.5CVSS5.8AI score0.00166EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.11 views

PT-2026-51936

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the fwctl component where incorrect class initialization ordering can lead to a NULL pointer dereference during device removal. Because CXL is linked before fwctl in t...

6AI score0.00166EPSS
Exploits0References12
Snyk
Snyk
added 2026/05/04 6:26 p.m.22 views

Unsafe Reflection

Overview Affected versions of this package are vulnerable to Unsafe Reflection that leads to arbitrary class instantiation, via the instantiateExtension method in the ExtensionLoader class. An attacker can trigger the static initializer of any class present on the classpath by supplying a model...

9.8CVSS6.1AI score0.00692EPSS
Exploits0References2
NVD
NVD
added 2026/05/04 5:16 p.m.14 views

CVE-2026-42027

Arbitrary Class Instantiation via Model Manifest in Apache OpenNLP ExtensionLoader Versions Affected: before 1.9.5, before 2.5.9, before 3.0.0-M3 Description: The ExtensionLoader.instantiateExtensionClass, String method loads a class by its fully-qualified name via Class.forName and invokes its...

9.8CVSS0.00692EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-29428

Malicious code in bioql PyPI...

6.6AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/07/15 3:35 p.m.5 views

Measured is vulnerable to Path Traversal attacks during class initialization

Impact A path traversal vulnerability exists where an attacker with access to manipulate inputs when initializing the Measured::Cache::Json class would be able to instruct the library to read arbitrary files. Patches Users should update to the latest version...

7AI score
Exploits0References3Affected Software1
OSV
OSV
added 2025/07/15 3:35 p.m.3 views

GHSA-29G5-M8V7-V564 Measured is vulnerable to Path Traversal attacks during class initialization

Impact A path traversal vulnerability exists where an attacker with access to manipulate inputs when initializing the Measured::Cache::Json class would be able to instruct the library to read arbitrary files. Patches Users should update to the latest version...

7.1CVSS7AI score
Exploits0References3
CNNVD
CNNVD
added 2021/04/21 12:0 a.m.5 views

Eclipse OpenJ9 安全漏洞

Eclipse OpenJ9 is a Java application engine from the Eclipse Foundation. The product is primarily used to run Java applications. A security vulnerability exists in Eclipse Openj9 version 0.25, which stems from the fact that the jdk.internal.reflect.ConstantPool API causes the JVM to pre-parse...

6.5CVSS5.6AI score0.01104EPSS
Exploits1References3
OPENSUSE Linux
OPENSUSE Linux
added 2019/02/12 12:0 a.m.183 views

Security update for java-11-openjdk (important)

openSUSE Security Update: Security update for java-11-openjdk Announcement ID: openSUSE-SU-2019:0161-1 Rating: important References: 1120431 1122293 1122299 Cross-References: CVE-2018-11212 CVE-2019-2422 CVE-2019-2426 Affected Products: openSUSE Leap 15.0 An update that fixes three vulnerabilitie...

6.5CVSS8.3AI score0.05074EPSS
Exploits1References3
Rows per page
Query Builder