Lucene search
+L

1458 matches found

OSV
OSV
added 2 days ago5 views

GHSA-8FV2-88GG-HM7Q Envoy Gateway: Wasm cache ServeHTTP reads mappingPath2Cache without lock

Vulnerability report without repro case. Repro case may be added later after harness is complete. Preconditions 4: - Pod-network reachability to :18002 no auth - Tenant can create EnvoyExtensionPolicy baseline - Attacker pod floods GET while churning EnvoyExtensionPolicy with distinct Wasm URLs -...

5.3CVSS6.1AI score0.0004EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 3 days ago11 views

ViewComponent: Reused Component Instances Retain Stale Render Context

Reused Component Instances Retain Stale Render Context Summary ViewComponent::Base instances retain multiple render-scoped objects across calls to renderin. If the same component, collection, or spacer component instance is reused across requests, users, tenants, or threads, later renders can use...

6.8CVSS6.1AI score
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 3 days ago5 views

CVE-2026-53518

Better Auth is an authentication and authorization library for TypeScript. From 1.6.0 until 1.6.11, the @better-auth/oauth-provider POST /oauth2/token endpoint for the authorizationcode grant redeems a single-use authorization code through a non-atomic find-then-delete sequence, allowing two...

7.6CVSS6.1AI score0.00496EPSS
Exploits0References4Affected Software1
CVE
CVE
added 4 days ago7 views

CVE-2026-49806

The vulnerability CVE-2026-49806 affects the Windows USB Print Driver and is caused by a race condition from concurrent access to a shared resource due to improper synchronization. This leads to local privilege escalation by an authenticated, local attacker. The CVE’s base metrics indicate a LOCA...

7CVSS6.1AI score0.00153EPSS
Exploits0References1Affected Software4
RedHat Linux
RedHat Linux
added 5 days ago6 views

kernel: eventpoll: defer struct eventpoll free to RCU grace period

A flaw was found in the Linux kernel's eventpoll component. In certain situations, the epfree function in eventpoll.c can prematurely free the eventpoll data structure while it is still being used by another concurrent thread. This use-after-free UAF vulnerability could allow a local attacker to...

7.8CVSS6.1AI score0.00129EPSS
Exploits3References5
RedHat Linux
RedHat Linux
added 2026/07/10 1:19 p.m.13 views

kernel: eventpoll: defer struct eventpoll free to RCU grace period

A flaw was found in the Linux kernel's eventpoll component. In certain situations, the epfree function in eventpoll.c can prematurely free the eventpoll data structure while it is still being used by another concurrent thread. This use-after-free UAF vulnerability could allow a local attacker to...

7.8CVSS6.1AI score0.00129EPSS
Exploits3References5
RedHat Linux
RedHat Linux
added 2026/07/08 3:22 p.m.7 views

kernel: wifi: mac80211: drop stray 'static' from fast-RX rx_result

A flaw was found in the Linux kernel's Wi-Fi mac80211 subsystem. The ieee80211invokefastrx function uses a static variable for rxresult, which is shared across concurrent calls. This can lead to incorrect processing of Wi-Fi packets, where a packet might be mishandled or its status incorrectly...

8.8CVSS5.9AI score0.00167EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/07 12:0 a.m.8 views

PT-2026-56302

Name of the Vulnerable Software and Affected Versions @better-auth/oauth-provider versions 1.6.0 through 1.6.10 better-auth versions 1.4.8-beta.7 through 1.6.10 Description The POST /oauth2/token endpoint for the authorization code grant redeems a single-use authorization code using a non-atomic...

8.1CVSS6.1AI score0.00496EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.17 views

PT-2026-55986

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Memory corruption occurs when processing multiple IOCTL Input/Output Control calls that use the same buffer file descriptor input. This issue is caused by a...

7.8CVSS6.1AI score0.00064EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/07/01 9:48 a.m.21 views

kernel: mptcp: fix slab-use-after-free in __inet_lookup_established

A flaw was found in the Linux kernel's Multipath TCP MPTCP implementation. Due to incorrect memory allocation for IPv6 subflow child sockets, a use-after-free vulnerability exists. A remote attacker could exploit this by triggering concurrent lookups in the kernel's hash table, potentially leadin...

9.8CVSS6.5AI score0.00459EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/07/01 3:19 a.m.8 views

SUSE CVE-2026-53071

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: Add missing chan lock in l2capecredreconfrsp l2capecredreconfrsp calls l2capchandel without holding l2capchanlock. Every other l2capchandel caller in the file acquires the lock first. A remote BLE device can sen...

7.1CVSS5.9AI score0.00266EPSS
Exploits0References13
NVD
NVD
added 2026/06/30 5:16 p.m.12 views

CVE-2026-10653

The Zephyr netbuf library lib/netbuf/buf.c manipulated both of its reference counts -- the per-header buf-ref and the per-data-block refcount at the start of each variable/heap data allocation -- with plain non-atomic C operators buf-ref++, if --buf-ref 0, if --refcount. The API is documented as...

8.1CVSS0.00237EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/06/30 4:20 p.m.6 views

CVE-2026-10653

The Zephyr netbuf library lib/netbuf/buf.c manipulated both of its reference counts -- the per-header buf-ref and the per-data-block refcount at the start of each variable/heap data allocation -- with plain non-atomic C operators buf-ref++, if --buf-ref 0, if --refcount. The API is documented as...

8.1CVSS6AI score0.00237EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/30 4:20 p.m.9 views

CVE-2026-10653 Non-atomic `net_buf` reference counts cause double-free / free-list corruption under concurrent unref

The Zephyr netbuf library lib/netbuf/buf.c manipulated both of its reference counts -- the per-header buf-ref and the per-data-block refcount at the start of each variable/heap data allocation -- with plain non-atomic C operators buf-ref++, if --buf-ref 0, if --refcount. The API is documented as...

6.4CVSS6.2AI score0.00237EPSS
Exploits1References2
Fedora
Fedora
added 2026/06/27 12:56 a.m.8 views

[SECURITY] Fedora 43 Update: nginx-1.30.3-1.fc43

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...

9.2CVSS7AI score0.03552EPSS
Exploits4
NVD
NVD
added 2026/06/26 8:17 p.m.11 views

CVE-2026-53303

In the Linux kernel, the following vulnerability has been resolved: f2fs: protect extensionlist reading with sblock in f2fssbishow In f2fssbishow, the extensionlist, extensioncount and hotextcount are read without holding sbi-sblock. If a concurrent sysfs store modifies the extension list via...

7.1CVSS0.00126EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/06/26 7:40 p.m.7 views

CVE-2026-53303

In the Linux kernel, the following vulnerability has been resolved: f2fs: protect extensionlist reading with sblock in f2fssbishow In f2fssbishow, the extensionlist, extensioncount and hotextcount are read without holding sbi-sblock. If a concurrent sysfs store modifies the extension list via...

7.1CVSS5.7AI score0.00126EPSS
Exploits0
EUVD
EUVD
added 2026/06/26 7:40 p.m.10 views

EUVD-2026-39838

In the Linux kernel, the following vulnerability has been resolved: f2fs: protect extensionlist reading with sblock in f2fssbishow In f2fssbishow, the extensionlist, extensioncount and hotextcount are read without holding sbi-sblock. If a concurrent sysfs store modifies the extension list via...

5.8AI score0.00126EPSS
Exploits0References6
OSV
OSV
added 2026/06/25 6:43 p.m.7 views

GO-2026-5228 Juju: In-Memory Token Store for Discharge Tokens Lacks Concurrency Safety and Persistence in github.com/juju/juju

Juju: In-Memory Token Store for Discharge Tokens Lacks Concurrency Safety and Persistence in github.com/juju/juju...

6.4CVSS5.8AI score0.00243EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/06/25 6:17 p.m.7 views

CVE-2026-52988

A flaw was found in the Linux kernel's netfilter component. This vulnerability involves a concurrency issue during updates to netfilter rulesets. When multiple updates occur simultaneously, improper synchronization could lead to unsafe data access during netlink dump list traversal. This could...

7.1CVSS5.7AI score0.00122EPSS
Exploits0References4
Rows per page
Query Builder