Lucene search
K

1434 matches found

Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.10 views

PT-2026-55986

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Memory corruption occurs when processing multiple IOCTL Input/Output Control calls that use the same buffer file descriptor input. This issue is caused by a...

7.8CVSS6.1AI score0.00064EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/07/01 9:48 a.m.13 views

kernel: mptcp: fix slab-use-after-free in __inet_lookup_established

A flaw was found in the Linux kernel's Multipath TCP MPTCP implementation. Due to incorrect memory allocation for IPv6 subflow child sockets, a use-after-free vulnerability exists. A remote attacker could exploit this by triggering concurrent lookups in the kernel's hash table, potentially leadin...

9.8CVSS6.5AI score0.004EPSS
Exploits0References5
NVD
NVD
added 2026/06/30 5:16 p.m.10 views

CVE-2026-10653

The Zephyr netbuf library lib/netbuf/buf.c manipulated both of its reference counts -- the per-header buf-ref and the per-data-block refcount at the start of each variable/heap data allocation -- with plain non-atomic C operators buf-ref++, if --buf-ref 0, if --refcount. The API is documented as...

8.1CVSS0.00237EPSS
Exploits1References2
Fedora
Fedora
added 2026/06/27 12:56 a.m.6 views

[SECURITY] Fedora 43 Update: nginx-1.30.3-1.fc43

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...

9.2CVSS7AI score0.03459EPSS
Exploits4
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-53303

In the Linux kernel, the following vulnerability has been resolved: f2fs: protect extensionlist reading with sblock in f2fssbishow In f2fssbishow, the extensionlist, extensioncount and hotextcount are read without holding sbi-sblock. If a concurrent sysfs store modifies the extension list via...

7.1CVSS0.00126EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/26 7:40 p.m.7 views

EUVD-2026-39838

In the Linux kernel, the following vulnerability has been resolved: f2fs: protect extensionlist reading with sblock in f2fssbishow In f2fssbishow, the extensionlist, extensioncount and hotextcount are read without holding sbi-sblock. If a concurrent sysfs store modifies the extension list via...

5.8AI score0.00126EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/06/26 7:40 p.m.6 views

CVE-2026-53303

In the Linux kernel, the following vulnerability has been resolved: f2fs: protect extensionlist reading with sblock in f2fssbishow In f2fssbishow, the extensionlist, extensioncount and hotextcount are read without holding sbi-sblock. If a concurrent sysfs store modifies the extension list via...

7.1CVSS5.7AI score0.00126EPSS
Exploits0
OSV
OSV
added 2026/06/25 6:43 p.m.4 views

GO-2026-5228 Juju: In-Memory Token Store for Discharge Tokens Lacks Concurrency Safety and Persistence in github.com/juju/juju

Juju: In-Memory Token Store for Discharge Tokens Lacks Concurrency Safety and Persistence in github.com/juju/juju...

6.4CVSS5.8AI score0.00243EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/06/25 6:17 p.m.6 views

CVE-2026-52988

A flaw was found in the Linux kernel's netfilter component. This vulnerability involves a concurrency issue during updates to netfilter rulesets. When multiple updates occur simultaneously, improper synchronization could lead to unsafe data access during netlink dump list traversal. This could...

7.1CVSS5.7AI score0.00122EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 9:16 a.m.6 views

CVE-2026-53259

In the Linux kernel, the following vulnerability has been resolved: ipv6: anycast: insert aca into global hash under idev-lock syzbot reported a splat 1: a slab-use-after-free in ipv6chkacastaddr, which walks the global inet6acaddrlst hash under RCU and dereferences a struct ifacaddr6 that has...

7.8CVSS0.00123EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 9:16 a.m.7 views

CVE-2026-53153

In the Linux kernel, the following vulnerability has been resolved: mm/listlru: drain before clearing xarray entry on reparent memcgreparentlistlrus clears the dying memcg's xarray entry with xasstore&xas, NULL before reparenting its per-node lists into the parent. This opens a window where a...

7.8CVSS0.00106EPSS
Exploits0References6
OSV
OSV
added 2026/06/25 9:16 a.m.4 views

UBUNTU-CVE-2026-53269

In the Linux kernel, the following vulnerability has been resolved: netfilter: synproxy: add mutex to guard hook reference counting As the synproxy infrastructure register netfilter hooks on-demand when a user adds the first iptables target or nftables expression, if done concurrently they can ra...

7.3CVSS5.7AI score0.00119EPSS
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53269

In the Linux kernel, the following vulnerability has been resolved: netfilter: synproxy: add mutex to guard hook reference counting As the synproxy infrastructure register netfilter hooks on-demand when a user adds the first iptables target or nftables expression, if done concurrently they can ra...

5.7AI score0.00119EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2026/06/25 8:39 a.m.25 views

CVE-2026-53265

The CVE-2026-53265 entry describes a Linux kernel race in the dm-cache policy SMQ path. A check-then-act race occurs in smq_invalidate_mapping where an e->allocated check was left outside the mq->lock after the destructive section was serialized; two concurrent invalidators can observe allo...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.29 views

CVE-2026-53242 ALSA: PCM: Fix wait queue list corruption in snd_pcm_drain() on linked streams

In the Linux kernel, the following vulnerability has been resolved: ALSA: PCM: Fix wait queue list corruption in sndpcmdrain on linked streams sndpcmdrain uses initwaitqueueentry which does not clear entry.prev/next, and addwaitqueue with a conditional removewaitqueue that is skipped when tocheck...

7.8CVSS0.00138EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.29 views

CVE-2026-53240 xfrm: iptfs: fix use-after-free on first_skb in __input_process_payload

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix use-after-free on firstskb in inputprocesspayload inputprocesspayload stores firstskb into xtfs-ranewskb under droplock when starting partial reassembly, then unlocks and breaks out of the processing loop. The...

8.8CVSS0.00418EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 8:38 a.m.17 views

CVE-2026-53153

CVE-2026-53153 affects the Linux kernel memcg list_lru path. A race during memcg_reparent_list_lrus() clears the dying memcg’s xarray entry before reparenting per-node lists, letting concurrent list_lru_del/walk operate on the parent and corrupt next/prev pointers. The fix reverses the order: rep...

7.8CVSS5.8AI score0.00106EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/06/25 8:38 a.m.5 views

EUVD-2026-39244

In the Linux kernel, the following vulnerability has been resolved: mm/listlru: drain before clearing xarray entry on reparent memcgreparentlistlrus clears the dying memcg's xarray entry with xasstore&xas, NULL before reparenting its per-node lists into the parent. This opens a window where a...

5.8AI score0.00106EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 5:17 p.m.3 views

UBUNTU-CVE-2026-54904

concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::AtomicReferenceupdate can enter a permanent busy retry loop when the current value is Float::NAN. The issue is caused by the interaction between AtomicReferenceupdate, which retries until compareandsetoldvalue,...

8.2CVSS5.9AI score0.00278EPSS
Exploits1References3
CVE
CVE
added 2026/06/24 4:30 p.m.18 views

CVE-2026-53071

CVE-2026-53071 concerns the Linux kernel Bluetooth L2CAP implementation. The flaw arises when l2cap_ecred_reconf_rsp() deletes a channel without holding l2cap_chan_lock(), unlike other callers which acquire the lock first. This can allow a remote BLE device to corrupt the channel list while anoth...

8.8CVSS5.8AI score0.00266EPSS
Exploits0References11
Rows per page
Query Builder