Lucene search
K

457127 matches found

CVE
CVE
added 2026/06/24 4:28 p.m.10 views

CVE-2026-52950

The CVE-2026-52950 issue affects the Linux kernel DRM/XE DMA-BUF path. The vulnerability is a Use-After-Free in the retry loop where a buffer object could be freed on error, potentially leading to memory corruption. The documented fix changes the sequence to allocate and initialize before the att...

7.8CVSS5.7AI score0.00132EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:28 p.m.6 views

CVE-2026-52950

In the Linux kernel, the following vulnerability has been resolved: drm/xe/dma-buf: fix UAF with retry loop Retry doesn't work here, since bo will be freed on error, leading to UAF. However, now that we do the alloc & init before the attach, we can now combine this as one unit and have the init d...

5.7AI score0.00132EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/06/24 4:28 p.m.25 views

CVE-2026-52950 drm/xe/dma-buf: fix UAF with retry loop

In the Linux kernel, the following vulnerability has been resolved: drm/xe/dma-buf: fix UAF with retry loop Retry doesn't work here, since bo will be freed on error, leading to UAF. However, now that we do the alloc & init before the attach, we can now combine this as one unit and have the init d...

7.8CVSS0.00132EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/24 4:28 p.m.3 views

CVE-2026-52950

In the Linux kernel, the following vulnerability has been resolved: drm/xe/dma-buf: fix UAF with retry loop Retry doesn't work here, since bo will be freed on error, leading to UAF. However, now that we do the alloc & init before the attach, we can now combine this as one unit and have the init d...

7.8CVSS5.7AI score0.00132EPSS
Exploits0
CVE
CVE
added 2026/06/24 4:26 p.m.8 views

CVE-2026-52945

The CVE-2026-52945 entry describes a Linux kernel vulnerability in the WireGuard component where enabling threaded NAPI can cause the decryption path for a WireGuard peer to stall under heavy network load (notably with Cilium), effectively causing a DoS for that peer while other peers remain func...

7.5CVSS5.8AI score0.00223EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:26 p.m.5 views

CVE-2026-52945

In the Linux kernel, the following vulnerability has been resolved: Revert "wireguard: device: enable threaded NAPI" This reverts commit 933466fc50a8e4eb167acbd0d8ec96a078462e9c which is commit db9ae3b6b43c79b1ba87eea849fd65efa05b4b2e upstream. We have had three independent production user report...

5.7AI score0.00223EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/24 4:26 p.m.28 views

CVE-2026-52945 Revert "wireguard: device: enable threaded NAPI"

In the Linux kernel, the following vulnerability has been resolved: Revert "wireguard: device: enable threaded NAPI" This reverts commit 933466fc50a8e4eb167acbd0d8ec96a078462e9c which is commit db9ae3b6b43c79b1ba87eea849fd65efa05b4b2e upstream. We have had three independent production user report...

7.5CVSS0.00223EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/06/24 4:26 p.m.3 views

CVE-2026-52945

In the Linux kernel, the following vulnerability has been resolved: Revert "wireguard: device: enable threaded NAPI" This reverts commit 933466fc50a8e4eb167acbd0d8ec96a078462e9c which is commit db9ae3b6b43c79b1ba87eea849fd65efa05b4b2e upstream. We have had three independent production user report...

7.5CVSS5.7AI score0.00223EPSS
Exploits0
Snyk
Snyk
added 2026/06/24 4:16 p.m.5 views

Deserialization of Untrusted Data

Overview feast is a Python SDK for Feast Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the ApplyFeatureView handler of registryserver.py, which calls FeatureView.fromproto and deserializes the feature view's embedded user-defined function before the appl...

9.8CVSS6.2AI score0.00862EPSS
Exploits1References2
NVD
NVD
added 2026/06/24 4:16 p.m.7 views

CVE-2026-56121

Feast before 0.63.0 contains an unsafe deserialization vulnerability that allows unauthenticated or unauthorized attackers to achieve remote code execution by sending a crafted gRPC request to the registry server. The userdefinedfunction.body field of an OnDemandFeatureView spec is decoded from...

9.8CVSS0.00862EPSS
Exploits1References7
NVD
NVD
added 2026/06/24 4:16 p.m.8 views

CVE-2026-56111

Marlin Firmware through 2.1.2.7, fixed in commit 1f255d1, when built with MESHBEDLEVELING enabled, contains an out-of-bounds write vulnerability in the M421 G-code handler that allows attackers to corrupt firmware memory by supplying out-of-range X and Y grid indices. Attackers can send a single...

9.1CVSS0.00542EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/24 4:5 p.m.4 views

Security Bulletin: Unrestricted upload of file with dangerous type, improper certificate validation, and other vulnerabilities might affect IBM Storage Defender - Resiliency Service

Summary IBM Storage Defender - Resiliency Service is vulnerable to unrestricted upload of file with dangerous type, improper certificate validation, and others. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2026-3219 DESCRIPTION: pip handles concatenated tar and ZIP fil...

9.1CVSS6.3AI score0.00544EPSS
Exploits2Affected Software1
CVE
CVE
added 2026/06/24 3:37 p.m.10 views

CVE-2026-13164

Technical details are not publicly available in the provided documents. Monitor for updates.

8.8CVSS6AI score0.00406EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/24 3:37 p.m.5 views

CVE-2026-13164 Unauthenticated self-registration in MailerUp allows access to stored email data

Missing Authentication for Critical Function CWE-306 in the RegisterView apps/accounts/views.py, exposed at POST /api/auth/register/, in MailerUp 1.0.1 allows a remote, unauthenticated attacker to self-register a working account on instances where registration is intended to be restricted, becaus...

8.8CVSS6AI score0.00406EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/24 3:37 p.m.6 views

CVE-2026-13164

Missing Authentication for Critical Function CWE-306 in the RegisterView apps/accounts/views.py, exposed at POST /api/auth/register/, in MailerUp 1.0.1 allows a remote, unauthenticated attacker to self-register a working account on instances where registration is intended to be restricted, becaus...

8.8CVSS6AI score0.00406EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/24 3:37 p.m.38 views

CVE-2026-13164 Unauthenticated self-registration in MailerUp allows access to stored email data

Missing Authentication for Critical Function CWE-306 in the RegisterView apps/accounts/views.py, exposed at POST /api/auth/register/, in MailerUp 1.0.1 allows a remote, unauthenticated attacker to self-register a working account on instances where registration is intended to be restricted, becaus...

8.8CVSS0.00406EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 2:49 p.m.33 views

CVE-2026-56121 Feast < 0.63.0 Unauthenticated RCE via ApplyFeatureView gRPC Deserialization

Feast before 0.63.0 contains an unsafe deserialization vulnerability that allows unauthenticated or unauthorized attackers to achieve remote code execution by sending a crafted gRPC request to the registry server. The userdefinedfunction.body field of an OnDemandFeatureView spec is decoded from...

9.8CVSS0.00862EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/06/24 2:49 p.m.6 views

CVE-2026-56121

Feast before 0.63.0 contains an unsafe deserialization vulnerability that allows unauthenticated or unauthorized attackers to achieve remote code execution by sending a crafted gRPC request to the registry server. The userdefinedfunction.body field of an OnDemandFeatureView spec is decoded from...

9.8CVSS6.8AI score0.00862EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/06/24 2:49 p.m.10 views

CVE-2026-56121 Feast < 0.63.0 Unauthenticated RCE via ApplyFeatureView gRPC Deserialization

Feast before 0.63.0 contains an unsafe deserialization vulnerability that allows unauthenticated or unauthorized attackers to achieve remote code execution by sending a crafted gRPC request to the registry server. The userdefinedfunction.body field of an OnDemandFeatureView spec is decoded from...

9.8CVSS6.8AI score0.00862EPSS
Exploits1References4
CVE
CVE
added 2026/06/24 2:49 p.m.13 views

CVE-2026-56121

Feast

9.8CVSS6.8AI score0.00862EPSS
Exploits1References7
Rows per page
Query Builder