Lucene search
+L

12714 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Corrected the allocation size for bytes controls. The size of the data behind scontrol-ipccontroldata for bytes controls is as follows: 1 sizeofstruct sofipc4controldata + // kernel-only struct 2...

5.5CVSS5.7AI score0.00127EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in Systemd

Systemd, a system and service manager, as PID 1 encounters an assertion error and freezes execution when an unprivileged IPC API call is made with spurious data. In versions v249 and earlier, the effect is not an assertion error, but stack overwriting, with the content being controlled by the...

5.5CVSS5.9AI score0.00121EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net: nfc: Fixed a deadlock between nfcunregisterdevice and rfkillfopwrite. A deadlock can occur between nfcunregisterdevice and rfkillfopwrite due to the inverted lock order between devicelock and rfkillglobalmutex. The problemat...

5.5CVSS5.5AI score0.00089EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in Chromium

The use of after-free in WebRTC in Google Chrome before version 147.0.7727.55 allowed a remote attacker to execute arbitrary code within a sandbox through a crafted HTML page. Chromium security severity: High...

8.8CVSS8AI score0.0048EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: ipc: Fix for use-after-free in ipcmsgsendrequest The ipcmsgsendrequest function waits for a generic netlink reply using an ipcmsgtableentry on the stack. The generic netlink handler handlegenericevent/handleresponse fil...

9.8CVSS6.9AI score0.00385EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: nfc: llcp: Fixed a memory leak in nfcllcpsenduiframe. syzbot reported various memory leaks related to NFC, struct nfcllcpsock, skbuff, nfcdev, etc. 0 The leading log hinted that nfcllcpsenduiframe failed to allocate skb due to...

5.5CVSS5.8AI score0.00115EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/24 7:14 a.m.7 views

CVE-2026-52923

In the Linux kernel, the following vulnerability has been resolved: ipc: limit nextid allocation to the valid ID range The checkpoint/restore sysctl path can request the next SysV IPC id through ids-nextid. ipcidralloc currently forwards that request to idralloc with an open-ended upper bound. If...

7.8CVSS5.6AI score0.00127EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVE
added 2026/06/24 7:14 a.m.7 views

CVE-2026-52923

In the Linux kernel, the following vulnerability has been resolved: ipc: limit nextid allocation to the valid ID range The checkpoint/restore sysctl path can request the next SysV IPC id through ids-nextid. ipcidralloc currently forwards that request to idralloc with an open-ended upper bound. If...

7.8CVSS5.6AI score0.00127EPSS
Exploits0
OSV
OSV
added 2026/06/24 7:14 a.m.3 views

CVE-2026-52923 ipc: limit next_id allocation to the valid ID range

In the Linux kernel, the following vulnerability has been resolved: ipc: limit nextid allocation to the valid ID range The checkpoint/restore sysctl path can request the next SysV IPC id through ids-nextid. ipcidralloc currently forwards that request to idralloc with an open-ended upper bound. If...

7.8CVSS5.8AI score0.00127EPSS
Exploits0References14
AstraLinux
AstraLinux
added 2026/06/23 11:48 a.m.17 views

Astra Linux – Vulnerability in Chromium

A stack buffer overflow in WebRTC in Google Chrome prior to version 146.0.7680.153 allowed a remote attacker to potentially exploit stack corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS6.1AI score0.00301EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/21 4:4 p.m.17 views

Malicious code in zomato-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0a12373009dd17131e45f4d20570904f2b8074367ee8b121e60a3ce5764fa00 The package's package.json declares a preinstall lifecycle hook that runs curl to POST the installer's hostname, whoami, current working directory, a...

6AI score
Exploits0References1
OSV
OSV
added 2026/06/21 4:4 p.m.17 views

MAL-2026-6253 Malicious code in zomato-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0a12373009dd17131e45f4d20570904f2b8074367ee8b121e60a3ce5764fa00 The package's package.json declares a preinstall lifecycle hook that runs curl to POST the installer's hostname, whoami, current working directory, a...

6AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/19 4:28 p.m.18 views

CVE-2026-56208

A heap buffer overflow vulnerability was found in libaom, the reference AV1 codec implementation. A flaw in the AV1 encoder's Look-Ahead Processing LAP mode causes the first-pass stats ring buffer wrap-around guard to be bypassed when glaginframes is set to 1 or higher. This results in a 232-byte...

7.6CVSS6.2AI score0.00275EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/19 8:50 a.m.9 views

CVE-2026-12461

An out of bounds read flaw was found in the WebRTC component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517727318...

6.5CVSS5.8AI score0.00242EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.23 views

PT-2026-50829

Name of the Vulnerable Software and Affected Versions Mitsubishi Electric MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP affected versions not specified Description An Expected Behavior Violation allows a remote attacker to cause a denial-of-service DoS condition. By continuously...

8.7CVSS5.9AI score0.00367EPSS
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 9:55 a.m.14 views

Malicious code in final-poc-usa (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b3c22cc39c10bad2886efadd5b8667bc3c0b70e51efdec8f7f75e801c370c90b Source: ossf-package-analysis 6cc39e355e69ec11b0532da1e2b2a418601a4c5594b100ba6f054f0e52be44be The OpenSSF Package Analysis project identified...

5.3AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 9:25 a.m.16 views

Malicious code in final-shoaib (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a4b7c42d877e678dab0b56186898c13b0e537f9371ce2a3beee0fdf7279ef6d Source: ossf-package-analysis f67c342dc8bb7b3c1a396b89796f09865373db04cd9b08034e6087bf47b324ef The OpenSSF Package Analysis project identified...

5.3AI score
Exploits0References1
NVD
NVD
added 2026/06/17 1:19 p.m.14 views

CVE-2026-0083

In Nfc::eventCallback of Nfc.h, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS0.00121EPSS
Exploits0References1
Fedora
Fedora
added 2026/06/17 8:44 a.m.24 views

[SECURITY] Fedora 44 Update: nss-3.124.0-1.fc44

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...

5.4AI score
Exploits0
Cvelist
Cvelist
added 2026/06/17 7:15 a.m.40 views

CVE-2026-0083

In Nfc::eventCallback of Nfc.h, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS0.00121EPSS
Exploits0References1
Rows per page
Query Builder