Lucene search
K

245 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.18 views

Linux Distros Unpatched Vulnerability : CVE-2026-53109

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - powerpc/pgtable-frag: Fix bad page state in ptefragdestroy powerpc uses ptfragrefcount as a reference counter for tracking it's pte and pmd page table fragments...

6AI score0.00161EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm: khugepaged: skip huge page collapse for special files The read-only THP for file systems will collapse the THP for files that are opened in read-only mode and mapped with VMEXEC. The intended use case is to avoid TLB misses f...

5.5CVSS5.8AI score0.0021EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: Invoking MMU notifiers in shmem/file collapse paths. Any code path that updates page table entries must invoke MMU notifiers to ensure that secondary MMUs such as those related to KVM do not continue to access page...

7.8CVSS6.2AI score0.00251EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.8 views

FlexRIC 安全漏洞

FlexRIC is an open-source RAN intelligent controller developed by Mosaic5G. Version FlexRIC v2.0.0 contains a security vulnerability. This vulnerability stems from reachable assert0 calls within the stub message processor, which could allow remote unauthenticated attackers to send E2AP message...

7.5CVSS5.4AI score0.00415EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

FlexRIC 安全漏洞

FlexRIC is an open-source RAN intelligent controller developed by Mosaic5G. Version FlexRIC v2.0.0 contains a security vulnerability. This vulnerability arises from the use of the assert function to enforce mapping relationships before sending the E2SETUPREQUEST message. This could allow remote...

7.5CVSS5.4AI score0.00347EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm, thp: Bail out early for writeback pages in collapsefile Currently, collapsefile does not explicitly check PGwriteback. Instead, pagehasprivate and trytoreleasepage are used to filter writeback pages. This approach does not wo...

5.5CVSS5.7AI score0.0021EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/MADVCOLLAPSE: handling !none !huge !bad pmd lookups In commit 34488399fa08 “mm/madvise: adding file and shmem support to MADVCOLLAPSE”, we made the following change to findpmdorthpornone: – if !pmdpresentpmde return...

4.7CVSS6.1AI score0.00106EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: msm8998: Fixed the latency and residency issues during CPU/L2 idle states. The entry/exit latency and minimum residency in the idle states of the MSM8998 device were incorrect. Firstly, the timings were set for...

5.5CVSS5.2AI score0.00225EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mm: thp: Deny THP for files on anonymous inodes The filethpenabled function incorrectly allows THP for files on anonymous inodes e.g., guestmemfd and secretmem. These files are created using allocfilepseudo, which does not cal...

5.5CVSS5.9AI score0.00119EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: smb3: Fixed temporary data corruption in the collapse range. The “collapse range” does not discard the affected cached regions; therefore, there is a risk of temporarily corrupting the file data. This fix corresponds to bug xfste...

3.3CVSS6.2AI score0.00195EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: arm64/mm: fixed an issue where incorrect filemapcount values were stored for non-leaf pmd/puds. The page table check trigger BUGON occurred unexpectedly when collapsing hugepages: ------------ cut here ------------ Kernel bug at...

5.5CVSS5.5AI score0.0014EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fixed the flushtlbrange function when it is used to erase normal PMD entries entries that point to page tables, along with the PTE entries in the pointed-to page tables. In the arm64 version of flushtlbrange, there is a...

5.5CVSS6.2AI score0.00186EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/05/14 12:0 a.m.10 views

Widening the Gap: Exploiting LLM Quantization Via Outlier Injection

LLM quantization has become essential for memory-efficient deployment. Recent work has shown that quantization schemes can pose critical security risks: an adversary may release a model that appears benign in full precision but exhibits malicious behavior once quantized by users. However, existin...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/23 12:0 a.m.8 views

Risk Models As Mediating Artifacts: A Postphenomenological Analysis of the CIIM Framework in Cybersecurity Practice

This article applies postphenomenological theory to the field of cybersecurity risk management, arguing that formal risk models function as mediating artifacts that shape how security practitioners or analysts perceive, interpret, and act on threats. Based on Don Ihde's taxonomy on human-technolo...

5.3AI score
Exploits0
OSV
OSV
added 2026/04/22 8:48 a.m.10 views

MAL-2026-2984 Malicious code in @bmg-web/bmg-collapse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6fac63a733e9add336ae6a3fa8cf87b72abbe29bb1efeb397b54dd35f2875fcd The package @bmg-web/bmg-collapse was found to contain malicious code. Source: ossf-package-analysis...

5.7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/22 8:48 a.m.15 views

Malicious code in @bmg-web/bmg-collapse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6fac63a733e9add336ae6a3fa8cf87b72abbe29bb1efeb397b54dd35f2875fcd The package @bmg-web/bmg-collapse was found to contain malicious code. Source: ossf-package-analysis...

5.7AI score
Exploits0
NVD
NVD
added 2026/04/09 10:16 p.m.10 views

CVE-2026-35635

OpenClaw before 2026.3.22 contains a webhook path route replacement vulnerability in the Synology Chat extension that allows attackers to collapse multi-account configurations onto shared webhook paths. Attackers can exploit inherited or duplicate webhook paths to bypass per-account DM access...

6.5CVSS0.00245EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/09 9:27 p.m.1 views

CVE-2026-35635

OpenClaw before 2026.3.22 contains a webhook path route replacement vulnerability in the Synology Chat extension that allows attackers to collapse multi-account configurations onto shared webhook paths. Attackers can exploit inherited or duplicate webhook paths to bypass per-account DM access...

6.3CVSS6AI score0.00245EPSS
Exploits0References5
NVD
NVD
added 2026/04/07 5:16 p.m.9 views

CVE-2026-35615

PraisonAI is a multi-agent teams system. Prior to 1.5.113, validatepath calls os.path.normpath first, which collapses .. sequences, then checks for '..' in normalized. Since .. is already collapsed, the check always passes. This makes the check completely useless and allows trivial path traversal...

9.2CVSS0.00416EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/07 11:0 a.m.3 views

Security Bulletin: Cross-Site Scripting (XSS) Vulnerability in data-target Attribute Handling in Bootstrap, affects watsonx.data

Summary A Cross-Site Scripting XSS vulnerability in Bootstrap versions before 3.4.0 and 4.0.0-beta.2 allows attackers to inject malicious code via the data-target attribute due to improper input handling. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2016-10735 DESCRIPTION: In...

6.4CVSS6.5AI score0.1686EPSS
Exploits6Affected Software1
Rows per page
Query Builder