Lucene search
K

6056 matches found

CNNVD
CNNVD
added 2026/05/28 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the potential for reusing memory after the creation of the createbigsync function in the Bluetooth HCI...

7.8CVSS5.8AI score0.00125EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.16 views

PT-2026-44367

Name of the Vulnerable Software and Affected Versions Apache Artemis versions 2.50.0 through 2.53.0 Apache ActiveMQ Artemis versions 2.0.0 through 2.44.0 Description An issue exists where an application using the STOMP Simple Text Oriented Messaging Protocol protocol can augment the routing-type ...

4.3CVSS5.8AI score0.00372EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/05/27 8:25 p.m.14 views

CVE-2026-46023

A flaw was found in the Linux kernel's device mapper dm mirror component. A local user could exploit an integer overflow vulnerability in the createdirtylog function by providing a specially crafted device mapper table string. This could lead to out-of-bounds reads, potentially causing system...

7CVSS5.8AI score0.0013EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/27 8:14 p.m.11 views

CVE-2026-9472

A flaw has been found in dazeb markdown-downloader up to 3d4394b34b6c99d81af817623af55e3384df5a6a. Affected is the function downloadmarkdown/listdownloadedfiles/createsubdirectory of the file src/index.ts. Executing a manipulation can lead to path traversal. The attack can be launched remotely. T...

6.5CVSS6.3AI score0.00337EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 5:9 p.m.10 views

CVE-2026-45716

Budibase is an open-source low-code platform. Prior to 3.38.1, the POST /api/global/users/onboard endpoint is protected by workspaceBuilderOrAdmin middleware, allowing any user with builder permissions to access it. When SMTP email is not configured the default for self-hosted Budibase instances,...

8.8CVSS6AI score0.00261EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/05/27 3:33 p.m.9 views

EUVD-2026-32353

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix memleak of newsk in unixstreamconnect. When preparepeercred fails in unixstreamconnect, unixreleasesock is not called for newsk, and the memory is leaked. Let's move preparepeercred before unixcreate1...

5.8AI score0.00153EPSS
Exploits0References4
NVD
NVD
added 2026/05/27 2:17 p.m.13 views

CVE-2026-46023

In the Linux kernel, the following vulnerability has been resolved: dm mirror: fix integer overflow in createdirtylog The argument count calculation in createdirtylog performs argsused = 2 + paramcount before validating against argc. When a user provides a paramcount close to UINTMAX via the devi...

5.5CVSS0.0013EPSS
Exploits0References8
OSV
OSV
added 2026/05/27 2:17 p.m.4 views

UBUNTU-CVE-2026-46048

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: fix usbdev refcount leak on probe failure createcard takes a reference on the USB device with usbgetdev and stores the matching usbputdev in cardfree, which is installed as the sndcard's -privatefree destructor...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References4
OSV
OSV
added 2026/05/27 2:17 p.m.5 views

UBUNTU-CVE-2026-46023

In the Linux kernel, the following vulnerability has been resolved: dm mirror: fix integer overflow in createdirtylog The argument count calculation in createdirtylog performs argsused = 2 + paramcount before validating against argc. When a user provides a paramcount close to UINTMAX via the devi...

5.5CVSS5.8AI score0.0013EPSS
Exploits0References6
NVD
NVD
added 2026/05/27 2:16 p.m.11 views

CVE-2025-71308

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix potential NULL pointer dereference in context cleanup aiedestroycontext is invoked during error handling in aie2createcontext. However, aiedestroycontext assumes that the context's mailbox channel pointer is...

5.5CVSS0.00137EPSS
Exploits0References2
OSV
OSV
added 2026/05/27 2:16 p.m.5 views

UBUNTU-CVE-2025-71308

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix potential NULL pointer dereference in context cleanup aiedestroycontext is invoked during error handling in aie2createcontext. However, aiedestroycontext assumes that the context's mailbox channel pointer is...

5.5CVSS5.7AI score0.00137EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:57 p.m.7 views

CVE-2026-46048

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: fix usbdev refcount leak on probe failure createcard takes a reference on the USB device with usbgetdev and stores the matching usbputdev in cardfree, which is installed as the sndcard's -privatefree destructor...

5.7AI score0.00123EPSS
Exploits0References9Affected Software1
EUVD
EUVD
added 2026/05/27 12:56 p.m.12 views

EUVD-2026-32404

In the Linux kernel, the following vulnerability has been resolved: dm mirror: fix integer overflow in createdirtylog The argument count calculation in createdirtylog performs argsused = 2 + paramcount before validating against argc. When a user provides a paramcount close to UINTMAX via the devi...

5.8AI score0.0013EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/27 12:56 p.m.43 views

CVE-2026-46023 dm mirror: fix integer overflow in create_dirty_log()

In the Linux kernel, the following vulnerability has been resolved: dm mirror: fix integer overflow in createdirtylog The argument count calculation in createdirtylog performs argsused = 2 + paramcount before validating against argc. When a user provides a paramcount close to UINTMAX via the devi...

0.0013EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/05/27 12:56 p.m.10 views

CVE-2026-46023

In the Linux kernel, the following vulnerability has been resolved: dm mirror: fix integer overflow in createdirtylog The argument count calculation in createdirtylog performs argsused = 2 + paramcount before validating against argc. When a user provides a paramcount close to UINTMAX via the devi...

5.5CVSS5.8AI score0.0013EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/27 12:18 p.m.43 views

CVE-2026-45969 HID: playstation: Add missing check for input_ff_create_memless

In the Linux kernel, the following vulnerability has been resolved: HID: playstation: Add missing check for inputffcreatememless The psgamepadcreate function calls inputffcreatememless without verifying its return value, which can lead to incorrect behavior or potential crashes when FF effects ar...

0.00123EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/05/27 12:18 p.m.45 views

CVE-2026-45960 hfsplus: return error when node already exists in hfs_bnode_create

In the Linux kernel, the following vulnerability has been resolved: hfsplus: return error when node already exists in hfsbnodecreate When hfsbnodecreate finds that a node is already hashed which should not happen in normal operation, it currently returns the existing node without incrementing its...

0.00123EPSS
Exploits0References8
CVE
CVE
added 2026/05/27 12:18 p.m.22 views

CVE-2026-45960

CVE-2026-45960 concerns the Linux kernel hfsplus filesystem. The root cause is in hfs_bnode_create(): when a node is already hashed, it returns the existing node without incrementing its reference count, causing refcnt inconsistency and a kernel panic during hfs_bnode_put(). The vulnerability is ...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/05/27 12:15 p.m.39 views

CVE-2025-71308 accel/amdxdna: Fix potential NULL pointer dereference in context cleanup

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix potential NULL pointer dereference in context cleanup aiedestroycontext is invoked during error handling in aie2createcontext. However, aiedestroycontext assumes that the context's mailbox channel pointer is...

0.00137EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/27 7:57 a.m.8 views

CVE-2026-40840 Authenticated SQLi in VerifyCreateLicences function

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the VerifyCreateLicences function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

7.1CVSS5.9AI score0.00262EPSS
Exploits0References1
Rows per page
Query Builder