Lucene search
K

563 matches found

NVD
NVD
added 2026/06/01 4:16 a.m.18 views

CVE-2026-48191

An incorrect handling of permissions in STORM powered by OTRS and in OTRS 2026.x and above Document Search Article Meta Filters modules allows gaining knowledge about number of affected CIs, SLA and services without gaining access to them. This issue affects OTRS with STORM modules: 7.0.X 8.0.X...

3.5CVSS0.00143EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/01 3:32 a.m.14 views

EUVD-2026-33549

An incorrect handling of permissions in STORM powered by OTRS and in OTRS 2026.x and above Document Search Article Meta Filters modules allows gaining knowledge about number of affected CIs, SLA and services without gaining access to them. This issue affects OTRS with STORM modules: 7.0.X 8.0.X...

3.5CVSS5.8AI score0.00143EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/01 12:0 a.m.12 views

CVE-2026-37222

FlexRIC v2.0.0 uses hardcoded assertions to validate Information Element IE counts in decoded E2AP messages. A remote unauthenticated attacker can send a valid E2AP PDU containing an unexpected number of IEs e.g., an E2setupRequest with extra optional fields to crash the near-RT RIC port 36421 or...

5.9AI score0.00428EPSS
Exploits0References2
CVE
CVE
added 2026/06/01 12:0 a.m.20 views

CVE-2026-37222

FlexRIC v2.0.0 contains a vulnerability where the stack asserts exact Information Element (IE) counts in decoded E2AP messages instead of validating against protocol ranges. An unauthenticated remote attacker can send a valid E2AP PDU (for example, an E2setupRequest with extra optional fields) th...

7.5CVSS5.9AI score0.00428EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.14 views

PT-2026-45452

FlexRIC v2.0.0 uses hardcoded assertions to validate Information Element IE counts in decoded E2AP messages. A remote unauthenticated attacker can send a valid E2AP PDU containing an unexpected number of IEs e.g., an E2setupRequest with extra optional fields to crash the near-RT RIC port 36421 or...

7.5CVSS5.9AI score0.00428EPSS
Exploits0References3
CVE
CVE
added 2026/05/29 7:58 p.m.29 views

CVE-2026-46385

Summary (CVE-2026-46385) iskorotkov/avro’s Go Avro decoder can trigger remote, unauthenticated CPU exhaustion by looping up to math.MaxInt64 iterations when decoding large attacker-controlled block counts, because inner loops did not check the reader’s error state after each decode. Affected: git...

8.7CVSS5.8AI score0.00378EPSS
Exploits0References5
OSV
OSV
added 2026/05/29 7:55 p.m.7 views

GHSA-QJVR-435C-5FJH Nerdbank.MessagePack has a memory amplification DoS in collection deserialization

Nerdbank.MessagePack deserializers for many collection-shaped types trusted the element count declared in MessagePack array and map headers when allocating destination storage. A crafted payload could therefore force large arrays, pooled buffers, dictionaries, or collection instances to be...

5.3CVSS5.7AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/29 7:55 p.m.39 views

Nerdbank.MessagePack has a memory amplification DoS in collection deserialization

Nerdbank.MessagePack deserializers for many collection-shaped types trusted the element count declared in MessagePack array and map headers when allocating destination storage. A crafted payload could therefore force large arrays, pooled buffers, dictionaries, or collection instances to be...

5.7AI score
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an undercounting of reference counts in the metadata of the rebalancechildren function within...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of consistent reduction of socket reference counts during the retransmission of ADDADDR ...

5.8AI score0.00127EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from changes in the mmapprepare function of the afs file system. This change leads to a leak of...

7.8CVSS5.8AI score0.00127EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/22 11:49 p.m.10 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the core sequence parsing process. An attacker can cause a crash or denial of service by providing a specially crafted HEIF file that manipulates the stco.entrycount, saio.entrycount, and saiz.samplecount values to...

7.1CVSS5.8AI score0.00253EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2026/05/21 10:10 p.m.11 views

Important: Red Hat Security Advisory: A Subscription Management tool for finding and reporting Red Hat product usage

A Subscription Management tool for finding and reporting Red Hat product usage Red Hat Discovery, also known as Discovery, is an inspection and reporting tool that finds, identifies, and reports environment data, or facts, such as the number of physical and virtual systems on a network, their...

9.8CVSS5.8AI score0.0068EPSS
Exploits1References6
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: mediatek: common: Fixed a reference count leak in parsedailinkinfo. Added calls to ofnodeput before the returns from ofnodeget and ofnodeput, which can prevent imbalance if the “foreachavailablechildofnode” loop terminat...

5.7AI score0.00155EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: md: Fix for softlockup when the bitmap size is less than the array size. It is reported that for dm-raid10, the command lvextend followed by --syncaction will trigger a softlockup. The error message is as follows: kernel:watchdog...

5.5CVSS6.2AI score0.00197EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Fixed a crash that occurred when setting the number of CPU cores to an odd number. When the number of CPU cores is adjusted to 7 or other odd numbers, the size of the zones becomes an odd number. The addresses of thes...

5.5CVSS5.8AI score0.00243EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Use the number of bits to manage bitmap sizes. To allocate bitmaps, the mpi3mr driver calculates the sizes of bitmaps using bytes as the unit. However, bitmap helper functions assume that bitmaps are allocated using...

7.1CVSS6.5AI score0.00147EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.17 views

PT-2026-42065

Name of the Vulnerable Software and Affected Versions Bottom Bar versions prior to 0.1.8 Description The Bottom Bar plugin for WordPress is susceptible to Cross-Site Request Forgery CSRF, a flaw where an attacker tricks a victim into performing actions they did not intend to do. The issue exists ...

4.3CVSS5.9AI score0.00187EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.10 views

NLnet Labs Unbound 安全漏洞

NLnet Labs Unbound is a high-performance DNS resolver open-sourced by NLnet Labs. Versions of NLnet Labs Unbound 1.25.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the DNSSEC verifier failing to account for NSEC3 hash calculation restrictions when querying D...

6.9CVSS5.8AI score0.00339EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.9 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021619)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021619 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing: Prevent bad count for tracingcpumaskwrite If a large count is provided, it will trigger ...

5.5CVSS6.7AI score0.00203EPSS
Exploits0References3
Rows per page
Query Builder