Lucene search
K

33 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/24 4:29 p.m.5 views

CVE-2026-52988

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: join hook list via splicelistrcu in commit phase Publish new hooks in the list into the basechain/flowtable using splicelistrcu to ensure netlink dump list traversal via rcu is safe while concurrent ruleset...

5.7AI score0.00122EPSS
Exploits0References3Affected Software1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: smack: /smack/doi/ accepts previously used values. Writing a value to /smack/doi that has ever been written there in the past disables networking for non-ambient labels. For example: bash cat /smack/doi 3 netlabelctl -p cipso lis...

5.5CVSS5.8AI score0.0016EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.12 views

PT-2026-51882

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netfilter nf tables component where the process of joining the hook list during the commit phase was not handled safely. This could lead to unsafe netlink dump lis...

7.1CVSS5.8AI score0.00122EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/18 7:1 p.m.18 views

CVE-2026-48982 pam_usb: Missing O_EXCL on pad temp file creation allows concurrent update race

pamusb provides hardware authentication for Linux using ordinary removable media. In versions prior to 0.9.2, when updating a one-time pad file, a temporary file is created using open without the OEXCL flag. Without OEXCL, the create operation is not atomic: two concurrent processes racing to...

5.8CVSS0.00088EPSS
Exploits0References2
CVE
CVE
added 2026/06/18 7:1 p.m.19 views

CVE-2026-48982

CVE-2026-48982 affects pam_usb prior to version 0.9.2, where updating a one-time pad file creates a temporary file with open() lacking O_EXCL, enabling a race between concurrent processes to update the same pad. This non-atomicity can cause the stored pad to diverge from expectations, potentially...

5.8CVSS5.3AI score0.00088EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/27 5:17 p.m.10 views

CVE-2026-46086

A flaw was found in the Linux kernel. Inconsistent handling of local Forwarding Database FDB entries in the bridge networking component's RCU Read-Copy-Update readers can lead to a null-pointer dereference. A local attacker could exploit this by triggering a concurrent update to an FDB entry,...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from bridge FDB entries not using stable dst snapshots during RCU reading operations. This vulnerabili...

5.8AI score0.00123EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/05/13 5:19 p.m.11 views

CVE-2026-43484

A flaw was found in the Linux kernel's MultiMediaCard MMC core. Concurrent updates to bitfield flags, specifically 'claimed' and 'retunenow', can lead to unintended overwrites of other bits in asynchronous contexts. This can trigger spurious warnings and result in system instability or unexpected...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from concurrent updates to interface functions in the queryinterfaces function, potentially leading to...

8.8CVSS5.8AI score0.00354EPSS
Exploits0References1
CVE
CVE
added 2026/04/13 1:40 p.m.73 views

CVE-2026-31419

Summary of CVE-2026-31419 : A use-after-free in the Linux kernel bonding driver is caused by a race in bond_xmit_broadcast() where the last slave determination can change during RCUs, leading to double-free of the original skb and a potential crash. The fix replaces the racy bond_is_last_slave() ...

7.8CVSS5.7AI score0.00124EPSS
Exploits0References26Affected Software1
Snyk
Snyk
added 2026/03/30 4:34 p.m.2 views

Race Condition

Overview github.com/0xJacky/Nginx-UI/settings is a yet another Nginx Web UI Affected versions of this package are vulnerable to Race Condition through the settings update pipeline in api/settings/settings.go and settings/settings.go. An attacker can corrupt app.ini and disrupt service availabilit...

7.5CVSS5.9AI score0.00534EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.6 views

PT-2026-28348

Name of the Vulnerable Software and Affected Versions EVerest versions prior to 2026.02.0 Description EVerest is an EV charging software stack susceptible to a data race condition. This condition leads to concurrent access of std::map, potentially causing container or optional corruption. The iss...

4.6CVSS5.9AI score0.00105EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/19 10:6 p.m.25 views

CVE-2026-32018 OpenClaw < 2026.2.19 - Race Condition in Sandbox Registry Write Operations

OpenClaw versions prior to 2026.2.19 contain a race condition vulnerability in concurrent updateRegistry and removeRegistryEntry operations for sandbox containers and browsers. Attackers can exploit unsynchronized read-modify-write operations without locking to cause registry updates to lose data...

3.6CVSS0.00134EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/19 12:0 a.m.9 views

OpenClaw 竞争条件问题漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.2.19 contained a race condition vulnerability. This vulnerability stemmed from concurrent update operations involving sandbox containers and browsers, which could lead to registry...

4.8CVSS5.8AI score0.00134EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/03 11:32 p.m.9 views

OpenClaw's serialize sandbox registry writes to prevent races and delete-rollback corruption

Impact Concurrent updateRegistry/removeRegistryEntry operations for sandbox containers and browsers could lose updates or resurrect removed entries under race conditions. The registry writes were read-modify-write in a window with no locking and permissive fallback parsing, so concurrent registry...

4.8CVSS5.9AI score0.00134EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/03 12:0 a.m.9 views

PT-2026-26399

Impact Concurrent updateRegistry/removeRegistryEntry operations for sandbox containers and browsers could lose updates or resurrect removed entries under race conditions. The registry writes were read-modify-write in a window with no locking and permissive fallback parsing, so concurrent registry...

6.9CVSS5.8AI score0.00134EPSS
Exploits0References8
NVD
NVD
added 2026/02/21 12:16 a.m.6 views

CVE-2026-27189

OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Versions 1.1.2-alpha and below, use non-atomic and insufficiently synchronized local JSON persistence flows, potentially causing concurrent operations to lose updates or corrupt local state...

6.6CVSS0.00112EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/21 12:1 a.m.5 views

CVE-2026-27189 OpenSift: Race-prone local persistence could cause state corruption/loss

OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Versions 1.1.2-alpha and below, use non-atomic and insufficiently synchronized local JSON persistence flows, potentially causing concurrent operations to lose updates or corrupt local state...

6.6CVSS5.3AI score0.00112EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/21 12:0 a.m.10 views

OpenSift 安全漏洞

OpenSift is an open-source artificial intelligence learning assistant developed by OpenSift. Versions of OpenSift 1.1.2-alpha and earlier contained security vulnerabilities. These vulnerabilities stemmed from the use of non-atomic and insufficiently synchronized local JSON persistence processes,...

6.6CVSS5.8AI score0.00112EPSS
Exploits0References2
NVD
NVD
added 2026/02/18 4:22 p.m.5 views

CVE-2026-23230

In the Linux kernel, the following vulnerability has been resolved: smb: client: split cachedfid bitfields to avoid shared-byte RMW races isopen, haslease and onlist are stored in the same bitfield byte in struct cachedfid but are updated in different code paths that may run concurrently. Bitfiel...

8.8CVSS0.00218EPSS
Exploits0References7
Rows per page
Query Builder