Lucene search
+L

7 matches found

osv
osv
added 2026/06/09 4:3 p.m.2 views

CVE-2026-45447 Heap Use-After-Free in the PKCS7_verify() Function

Issue summary: A specially crafted PKCS7 or S/MIME signed message could trigger a use-after-free during PKCS7 signature verification. Impact summary: A use-after-free may result in process crashes, heap corruption, or potentially remote code execution. When processing a PKCS7 or S/MIME signed...

8.8CVSS7.3AI score0.02719EPSS
Exploits0References23
snyk
snyk
added 2026/06/04 2:25 p.m.10 views

Use of Weak Hash

Overview Affected versions of this package are vulnerable to Use of Weak Hash in the mlflow.data.digestutils function. An attacker can compromise data integrity or cause unexpected behavior by exploiting the use of a weak hash algorithm during dataset digest computation. PoC python import pandas ...

3.6CVSS5.4AI score0.00103EPSS
Exploits1References2
snyk
snyk
added 2026/06/04 2:25 p.m.8 views

Use of Weak Hash

Overview mlflow is a platform to streamline machine learning development, including tracking experiments, packaging code into reproducible runs, and sharing and deploying models. Affected versions of this package are vulnerable to Use of Weak Hash in the mlflow.data.digestutils function. An...

3.6CVSS5.5AI score0.00103EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: It is necessary to check that sock is valid before assigning it to iscsisetparam. The validity of sock should be checked before assigning it to prevent incorrect values. The change introduced in commit 57569c37f0a...

5.5CVSS5.2AI score0.00151EPSS
Exploits0References2
susecve
susecve
added 2025/10/02 11:58 p.m.4 views

SUSE CVE-2023-53464

In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Check that sock is valid before iscsisetparam The validity of sock should be checked before assignment to avoid incorrect values. Commit 57569c37f0ad "scsi: iscsi: iscsitcp: Fix null-ptr-deref while calling...

5.5CVSS6.5AI score0.00151EPSS
Exploits0References10
nvd
nvd
added 2025/10/01 12:15 p.m.6 views

CVE-2023-53464

In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Check that sock is valid before iscsisetparam The validity of sock should be checked before assignment to avoid incorrect values. Commit 57569c37f0ad "scsi: iscsi: iscsitcp: Fix null-ptr-deref while calling...

5.5CVSS0.00151EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2025/10/01 12:0 a.m.5 views

PT-2025-40171

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s SCSI subsystem, specifically within the iscsi tcp component. The issue stems from a missing validation check for the sock variable before it is assign...

6AI score0.00151EPSS
Exploits0References7
Rows per page
Query Builder