Lucene search
+L

121 matches found

OSV
OSV
added 5 days ago7 views

JLSEC-2026-731 In TLSX_EchChangeSNI, the ctx->extensions branch set extensions unconditionally even when...

In TLSXEchChangeSNI, the ctx-extensions branch set extensions unconditionally even when TLSXFind returned NULL. This caused TLSXUseSNI to attach the attacker-controlled publicName to the shared WOLFSSLCTX when no inner SNI was configured. TLSXEchRestoreSNI then failed to clean it up because its...

9.1CVSS6.1AI score0.00393EPSS
Exploits0References3
NVD
NVD
added 2026/07/10 9:17 p.m.7 views

CVE-2026-7639

Software installed and run as a non-privileged user may conduct a sequence of improper GPU system calls causing use after free, which helps in facilitating unprivileged memory access from a shader code. Triggering failure path in the MMU mapping logic by a malicious code could lead to incomplete...

7.8CVSS0.00122EPSS
Exploits0References1
CVE
CVE
added 2026/07/07 1:32 p.m.14 views

CVE-2026-6101

The CVE-2026-6101 entry affects the AMP for WP – Accelerated Mobile Pages WordPress plugin (versions up to and including 1.1.12). The vulnerability arises from unsafe ZIP extraction in ampforwp_save_local_font() plus inadequate cleanup that omits removal of nested directories/files, enabling auth...

7.5CVSS6.7AI score0.00646EPSS
Exploits0References10
EUVD
EUVD
added 2026/07/06 9:54 p.m.7 views

EUVD-2026-25004

mknod: Device nodes created mislabeled on SELinux, with broken cleanup removedir on a node...

4.4CVSS5.9AI score0.00142EPSS
Exploits1References5
CVE
CVE
added 2026/06/30 2:21 p.m.15 views

CVE-2026-44947

CVE-2026-44947 describes a missing clean-up in the legacy Project Role Template Binding (PRTB) reconciler in Rancher, affecting versions 2.13.0–2.13.7 and 2.14.0–2.14.3. The issue allows users to retain unauthorized Pod Security Admission (PSA) permissions after an administrator removes those per...

6.9CVSS5.7AI score0.00229EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 7:40 p.m.16 views

CVE-2026-53299

CVE-2026-53299 affects the Linux kernel net:airoha component. The vulnerability stems from premature initialization of ndesc in airoha_qdma_init_tx_queue; if queue entry list allocation fails, airoha_qdma_cleanup_tx_queue() may dereference a NULL queue entry array, potentially causing a DoS/syste...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References3Affected Software1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.11 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: tpm: st33zp24: Fixed an issue where missing cleanup was performed after a getburstcount call failed. getburstcount may return -EBUSY when it times out. In such cases, st33zp24send returns directly without releasing the locality...

5.5CVSS5.7AI score0.00163EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.12 views

draw.io 跨站脚本漏洞

Draw.IO is an open-source configurable charting and whiteboard application. Versions of Draw.IO prior to 29.7.12 had a cross-site scripting vulnerability. This vulnerability occurred because the feature detection routine in the Text Format panel did not clean up the original cell labels, allowing...

6.1CVSS5.4AI score0.00221EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/28 9:41 a.m.12 views

CVE-2026-46235

In the Linux kernel, the following vulnerability has been resolved: media: saa7164: add ioremap return checks and cleanups Add checks for ioremap return values in saa7164devsetup. If ioremap for BAR0 or BAR2 fails, release the already allocated PCI memory regions, remove the device from the globa...

5.8AI score0.00119EPSS
Exploits0References7Affected Software1
RedHat Linux
RedHat Linux
added 2026/05/28 2:21 a.m.15 views

kernel: netfilter: nf_conntrack_helper: pass helper to expect cleanup

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackhelper. When a connection tracking helper is unregistered, its associated expectations are not properly cleaned up. This oversight can lead to a use-after-free vulnerability, where the system attempts t...

7.8CVSS5.8AI score0.00131EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-45941

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tpm: tpmi2cinfineon: Fix locality leak on getburstcount failure getburstcount can return -EBUSY on timeout. When this happens, the function returns directly...

5.5CVSS6.2AI score0.00123EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.11 views

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Vulnerabilities exist in versions of Mattermost 11.6.0 and earlier 11.6.x series, as well as versions prior to 11.5.3 11.5.x series, 11.4.4 and earlier 11.4.x series, and 10.11.14 and earlier 10.11.x...

4.3CVSS5.8AI score0.00184EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: cxl/region: Do not attempt cleanup after a failure in cxlRegionAttach. Commit 5e42bcbc3fef “cxl/region: Decrement -nrtargets in case of errors in cxlRegionAttach” attempted to prevent initialization errors when -nrtargets...

5.5CVSS6AI score0.00236EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iouring/rw: Potential allocated iovec in the cache may be freed after a failure. If a read/write request passes through ioreqrwcleanup, and an allocated iovec is attached to the request but fails to be placed into the rwcache, it...

5.5CVSS5.1AI score0.001EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/bridge: tpd12s015: A buggy exit annotation for the remove function was removed. With tpd12s015remove marked with exit, this function is discarded when the driver is compiled as a built-in component. As a result, when the driv...

5.5CVSS5.6AI score0.00236EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: net: dsa: Fixed possible memory leaks in dsaloopinit. kmemleak: Reported memory leaks in dsaloopinit: kmemleak: 12 new suspected memory leaks. Unreferenced object 0xffff8880138ce000 size 2048: comm "modprobe", pid 390, jiffies...

5.5CVSS6AI score0.00155EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/19 1:31 p.m.23 views

kernel: nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails

In the Linux kernel, the following vulnerability has been resolved: nfs: Clean up /proc/net/rpc/nfs when nfsfsprocnetinit fails. syzbot reported a warning below 1 following a fault injection in nfsfsprocnetinit. 0 When nfsfsprocnetinit fails, /proc/net/rpc/nfs is not removed. Later, rpcprocexit...

5.5CVSS6.2AI score0.00183EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/08 3:31 p.m.11 views

EUVD-2026-28675

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix NULL pointer dereference in device cleanup When GPU initialization fails due to an unsupported HW block IP blocks may have a NULL version pointer. During cleanup in amdgpudevicefinihw, the code calls...

5.8AI score0.00121EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.10 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure to properly clean up the userspace infrastructure when force-feed initialization fails in the...

7.8CVSS5.8AI score0.00116EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/24 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the leakage of mechToken after the SPNEGO decoding fails. This vulnerability arises due to an err...

5.5CVSS5.8AI score0.00136EPSS
Exploits0References2
Rows per page
Query Builder