Lucene search
K

34380 matches found

CVE
CVE
added yesterday13 views

CVE-2026-13368

WatchGuard Fireware OS contains a race condition that leads to a use-after-free in LDAP authentication for Mobile User VPN with IKEv2. A remote unauthenticated attacker could exploit this to execute arbitrary code in the iked process on Fireboxes configured to use an external LDAP authentication ...

9.2CVSS6.2AI score
Exploits0References1
RedhatCVE
RedhatCVE
added yesterday3 views

CVE-2026-53358

A flaw was found in the Linux kernel's Bluetooth L2CAP Logical Link Control and Adaptation Protocol implementation. This vulnerability arises from an incorrect order of acquiring locks during channel cleanup, which could lead to a race condition. This issue could potentially cause instability or...

5.5CVSS5.8AI score
Exploits0References4
RedhatCVE
RedhatCVE
added yesterday3 views

CVE-2026-53357

A flaw was found in the Linux kernel's Bluetooth component. A Use-After-Free UAF vulnerability exists in the l2capsockcleanuplisten and l2capconndel functions. This flaw occurs due to a race condition during the cleanup of a listening socket and a concurrent Bluetooth HCI disconnect. An...

7CVSS5.8AI score
Exploits0References4
NVD
NVD
added yesterday6 views

CVE-2026-55950

Time-of-check Time-of-use TOCTOU race condition vulnerability in Erlang/OTP ssl dtlspacketdemux module allows an unauthenticated remote attacker to crash all active DTLS sessions on a listener. A DTLS server listener uses a single shared dtlspacketdemux genserver process to route incoming UDP...

8.7CVSS
Exploits0References5
Debian CVE
Debian CVE
added yesterday3 views

CVE-2026-55950

Time-of-check Time-of-use TOCTOU race condition vulnerability in Erlang/OTP ssl dtlspacketdemux module allows an unauthenticated remote attacker to crash all active DTLS sessions on a listener. A DTLS server listener uses a single shared dtlspacketdemux genserver process to route incoming UDP...

8.7CVSS5.8AI score
Exploits0
Cvelist
Cvelist
added yesterday17 views

CVE-2026-55950 DTLS listener crash via race condition in dtls_packet_demux causes denial of service for all sessions

Time-of-check Time-of-use TOCTOU race condition vulnerability in Erlang/OTP ssl dtlspacketdemux module allows an unauthenticated remote attacker to crash all active DTLS sessions on a listener. A DTLS server listener uses a single shared dtlspacketdemux genserver process to route incoming UDP...

8.7CVSS
Exploits0References5
OSV
OSV
added yesterday4 views

EEF-CVE-2026-55950 DTLS listener crash via race condition in dtls_packet_demux causes denial of service for all sessions

Summary Time-of-check Time-of-use TOCTOU race condition vulnerability in Erlang/OTP ssl dtls\packet\demux module allows an unauthenticated remote attacker to crash all active DTLS sessions on a listener. A DTLS server listener uses a single shared dtls\packet\demux gen\server process to route...

8.7CVSS5.8AI score
Exploits0References4
Nuclei
Nuclei
added yesterday43 views

Webmin < 1.920 - Authenticated Remote Code Execution

rpc.cgi in Webmin through 1.920 allows authenticated Remote Code Execution via a crafted object name because unserialisevariable makes an eval call. NOTE: the WebminServersIndex documentation states "RPC can be used to run any command or modify any file on a server, which is why access to it must...

8.8CVSS7.4AI score0.38038EPSS
Exploits4References5
Nuclei
Nuclei
added yesterday29 views

Academy LMS 6.0 - Cross-Site Scripting

Creative Item Academy LMS 6.0 was discovered to contain a cross-site scripting XSS vulnerability through query parameter. id: CVE-2023-38964 info: name: Academy LMS 6.0 - Cross-Site Scripting author: ritikchaddha severity: medium description: | Creative Item Academy LMS 6.0 was discovered to...

6.1CVSS6.2AI score0.01056EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday46 views

Jenkins build-metrics 1.3 - Cross-Site Scripting

Jenkins build-metrics 1.3 is vulnerable to a reflected cross-site scripting vulnerability that allows attackers to inject arbitrary HTML and JavaScript into the web pages the plugin provides. id: CVE-2019-10475 info: name: Jenkins build-metrics 1.3 - Cross-Site Scripting author: madrobot severity...

6.1CVSS6.4AI score0.57735EPSS
Exploits5References5
RedhatCVE
RedhatCVE
added 2 days ago6 views

CVE-2026-53348

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA System on Chip ASoC SoundWire Digital Audio SDCA component. The sdcadevunregisterfunctions function does not properly check for NULL function device entries during unregistration. This oversight can lead to a NULL point...

5.5CVSS5.8AI score0.00145EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2 days ago5 views

CVE-2026-53352

A flaw was found in the Linux kernel. A race condition exists in the zapotherthreads function where job control flags are not properly cleared for the calling thread. This can occur when a multi-threaded process receives a stop signal, and one of its threads concurrently calls execve. The...

5.5CVSS5.8AI score0.00164EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2 days ago4 views

kernel: tcp: fix potential race in tcp_v6_syn_recv_sock()

A flaw was found in the Linux kernel. A race condition exists in the TCP Transmission Control Protocol IPv6 Internet Protocol version 6 socket handling, specifically within the tcpv6synrecvsock function. This occurs because a child socket becomes visible in the TCP hash table before its...

9.8CVSS6.5AI score0.0028EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2 days ago6 views

CVE-2026-53332

A flaw was found in the Linux kernel's Qualcomm NGD Next Generation Display controller qcom-ngd-ctrl component. This vulnerability arises from a race condition where callbacks are registered before the NGD device is fully initialized. This can lead to the callbacks operating on uninitialized data...

5.8AI score0.00168EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2 days ago5 views

CVE-2026-53341

A flaw was found in the Linux kernel. This vulnerability, a Use-After-Free UAF, occurs in the fhandle component when the maydecodefh function accesses mount namespace information without proper locking. This creates a race condition that could be exploited by an attacker. The most severe...

7CVSS5.7AI score0.00154EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2 days ago5 views

CVE-2026-20215

A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in 7z file...

7.5CVSS6AI score0.00389EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2 days ago8 views

CVE-2026-20215

CVE-2026-20215 affects ClamAV’s 7z file format parser. The issue stems from improper boundary checks on 7z content during scanning, causing an out-of-bounds memory write that can crash the ClamAV scanning process. This allows an unauthenticated, remote attacker to trigger a DoS (and possibly expa...

7.5CVSS6AI score0.00389EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2 days ago6 views

CVE-2026-20216

A vulnerability in the InstallShield file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper handling of temporary resources during file scanning. An attacker could exploit this vulnerabilit...

7.5CVSS5.8AI score0.00389EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2 days ago5 views

CVE-2026-24260

NVIDIA Container Toolkit for Linux contains a vulnerability where an attacker could cause a time-of-check time-of-use race condition. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, and data tampering...

8.5CVSS0.00489EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2 days ago4 views

CVE-2026-24260

NVIDIA Container Toolkit for Linux contains a vulnerability where an attacker could cause a time-of-check time-of-use race condition. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, and data tampering...

8.5CVSS5.8AI score0.00489EPSS
Exploits0References4
Rows per page
Query Builder