Lucene search
K

8 matches found

OSV
OSV
added 2026/06/12 8:9 p.m.5 views

GHSA-CHGR-C6PX-7XPP PyO3 has a missing `Sync` bound on `PyCFunction::new_closure` closures

PyCFunction::newclosure and the temporary newclosurebound complement in the 0.21–0.22 series required the supplied closure to be Send + 'static but not Sync. The resulting PyCFunction is a Python callable that can be invoked from any Python thread, which means the closure may be called concurrent...

6.3CVSS5.7AI score
Exploits0References4
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of serialization in the VFIODEVICESETIRQS operation within the vfio/cdx driver. This...

7.8CVSS5.8AI score0.00125EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/13 6:30 p.m.25 views

EUVD-2026-30020

In the Linux kernel, the following vulnerability has been resolved: mmc: core: Avoid bitfield RMW for claim/retune flags Move claimed and retune control flags out of the bitfield word to avoid unrelated RMW side effects in asynchronous contexts. The host-claimed bit shared a word with retune flag...

5.8AI score0.00114EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper use of the tcon field in the cifs driver’s locking mechanism. This vulnerability may lead to...

8.8CVSS5.8AI score0.00298EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/03/27 8:10 a.m.2 views

CVE-2025-59028

When sending invalid base64 SASL data, login process is disconnected from the auth server, causing all active authentication sessions to fail. Invalid BASE64 data can be used to DoS a vulnerable server to break concurrent logins. Install fixed version or disable concurrency in login processes hea...

7.5CVSS5.9AI score0.00447EPSS
Exploits0References1
CVE
CVE
added 2026/02/02 8:38 p.m.22 views

CVE-2026-24040

The CVE-2026-24040 issue affects jspdf in versions prior to 4.1.0, where the addJS method uses a module-scoped shared variable to store JavaScript content. In concurrent environments (notably Node.js servers), this shared state can be overwritten by simultaneous requests, causing cross-user data ...

6.3CVSS5.3AI score0.00253EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2025/04/16 3:15 p.m.3 views

UBUNTU-CVE-2025-22060

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: Prevent parser TCAM memory corruption Protect the parser TCAM/SRAM memory, and the cached shadow SRAM information, from concurrent modifications. Both the TCAM and SRAM tables are indirectly accessed by configuring an...

4.7CVSS6.2AI score0.00119EPSS
Exploits0References40
RedHat Linux
RedHat Linux
added 2024/06/26 12:9 a.m.6 views

kernel: net: hns3: do not allow call hns3_nic_net_open repeatedly

A vulnerability was discovered in the Linux kernel's hns3 network driver. The hns3nicnetopen function is designed to be called only once per device instance. However, due to insufficient checks, multiple calls to this function are possible. This can lead to scenarios where hns3nicnetopen is invok...

5.5CVSS7.2AI score0.00244EPSS
Exploits0References5
Rows per page
Query Builder