Lucene search
K

87 matches found

Microsoft CVE
Microsoft CVE
added 2026/06/27 8:17 a.m.7 views

drm/amd/display: Fix NULL deref and buffer over-read in SDP debugfs

...

5.5CVSS5.8AI score0.00122EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.14 views

PT-2026-52963

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the mana network driver regarding the naming of debugfs directories. The driver previously used a hardcoded "0" for Physical Functions PFs and the pci slot name functi...

5.5CVSS6AI score0.00115EPSS
Exploits0References16
Cvelist
Cvelist
added 2026/06/10 12:37 p.m.37 views

CVE-2026-49497 Ghidra < 12.1 - Path Traversal via .gnu_debuglink in DWARF External Debug File Resolution

Ghidra before 12.1 contains a path traversal vulnerability in SameDirDebugInfoProvider that fails to validate filenames from ELF binary .gnudebuglink sections before constructing file paths. Attackers can craft malicious ELF binaries with traversal sequences to probe filesystem existence and leak...

4.6CVSS0.00185EPSS
Exploits1References2
CVE
CVE
added 2026/06/10 12:37 p.m.45 views

CVE-2026-49497

CVE-2026-49497 concerns Ghidra before 12.1, which contains a path traversal flaw in the SameDirDebugInfoProvider. The bug arises because filenames from ELF binary .gnu_debuglink sections are not validated before file paths are built, enabling a local attacker to craft malicious ELF binaries with ...

4.6CVSS5.6AI score0.00185EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/06/05 9:44 p.m.7 views

GHSA-5389-F7VH-WXJ8 Bugsink: Project scoping missing in sourcemap and debug-file lookup

Summary Bugsink before 2.2.0 resolved sourcemaps and debug files by debug ID without scoping that lookup to the project that owned the uploaded metadata. An authenticated user with access to one project could cause event processing in that project to use sourcemap/debug-file metadata uploaded for...

4.3CVSS5.1AI score0.00178EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/06/05 9:44 p.m.14 views

Bugsink: Project scoping missing in sourcemap and debug-file lookup

Summary Bugsink before 2.2.0 resolved sourcemaps and debug files by debug ID without scoping that lookup to the project that owned the uploaded metadata. An authenticated user with access to one project could cause event processing in that project to use sourcemap/debug-file metadata uploaded for...

4.3CVSS5.1AI score0.00178EPSS
Exploits0References4Affected Software1
SUSE CVE
SUSE CVE
added 2026/06/02 1:44 a.m.11 views

SUSE CVE-2026-10267

A security flaw has been discovered in janet-lang janet up to 1.41.0. This affects the function doframe of the file src/core/debug.c. Performing a manipulation results in out-of-bounds read. Attacking locally is a requirement. The exploit has been released to the public and may be used for attack...

4.8CVSS5.4AI score0.00121EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/01 2:45 p.m.32 views

CVE-2026-10267 janet-lang janet debug.c doframe out-of-bounds

A security flaw has been discovered in janet-lang janet up to 1.41.0. This affects the function doframe of the file src/core/debug.c. Performing a manipulation results in out-of-bounds read. Attacking locally is a requirement. The exploit has been released to the public and may be used for attack...

4.8CVSS0.00121EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2026/06/01 2:45 p.m.12 views

CVE-2026-10267 janet-lang janet debug.c doframe out-of-bounds

A security flaw has been discovered in janet-lang janet up to 1.41.0. This affects the function doframe of the file src/core/debug.c. Performing a manipulation results in out-of-bounds read. Attacking locally is a requirement. The exploit has been released to the public and may be used for attack...

4.8CVSS5.4AI score0.00121EPSS
Exploits0References9
CVE
CVE
added 2026/06/01 2:45 p.m.24 views

CVE-2026-10267

The CVE concerns janet-lang Janet up to 1.41.0. The vulnerability is in the function doframe within src/core/debug.c, where a manipulation leads to an out-of-bounds read. Exploitation requires local access, and a public exploit has been released. A patch is identified by the commit/patch name ed1...

4.8CVSS5.4AI score0.00121EPSS
Exploits0References9
Microsoft CVE
Microsoft CVE
added 2026/05/29 8:6 a.m.9 views

mtd: spi-nor: debugfs: fix out-of-bounds read in spi_nor_params_show()

...

7.1CVSS5.4AI score0.00131EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/26 4:16 p.m.9 views

CVE-2026-47728 Bugsink: Project scoping missing in sourcemap and debug-file lookup

Bugsink is a self-hosted error tracking tool. Prior to 2.2.0, Bugsink resolved sourcemaps and debug files by debug ID without scoping that lookup to the project that owned the uploaded metadata. An authenticated user with access to one project could cause event processing in that project to use...

4.3CVSS5.8AI score0.00178EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/26 4:16 p.m.8 views

CVE-2026-47728

Bugsink is a self-hosted error tracking tool. Prior to 2.2.0, Bugsink resolved sourcemaps and debug files by debug ID without scoping that lookup to the project that owned the uploaded metadata. An authenticated user with access to one project could cause event processing in that project to use...

4.3CVSS5.8AI score0.00178EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/05/26 4:16 p.m.23 views

CVE-2026-47728

Bugsink (self-hosted error tracking) prior to 2.2.0 stores and looks up sourcemaps and debug files by debug ID without scoping to the owning project. An authenticated user with access to one project could cause event processing in that project to use sourcemap/debug-file metadata uploaded for ano...

4.3CVSS5.8AI score0.00178EPSS
Exploits0References2
OSV
OSV
added 2026/05/26 4:16 p.m.3 views

CVE-2026-47728 Bugsink: Project scoping missing in sourcemap and debug-file lookup

Bugsink is a self-hosted error tracking tool. Prior to 2.2.0, Bugsink resolved sourcemaps and debug files by debug ID without scoping that lookup to the project that owned the uploaded metadata. An authenticated user with access to one project could cause event processing in that project to use...

4.3CVSS6AI score0.00178EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/26 4:16 p.m.39 views

CVE-2026-47728 Bugsink: Project scoping missing in sourcemap and debug-file lookup

Bugsink is a self-hosted error tracking tool. Prior to 2.2.0, Bugsink resolved sourcemaps and debug files by debug ID without scoping that lookup to the project that owned the uploaded metadata. An authenticated user with access to one project could cause event processing in that project to use...

4.3CVSS0.00178EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/24 5:16 p.m.8 views

CVE-2026-31551

A flaw was found in the mac80211 Wi-Fi subsystem of the Linux kernel. A local user could exploit a race condition in the aqlenablewrite function, which does not properly handle concurrent write operations to the debug file system. This could lead to a staticbranchdec underflow, resulting in a...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.4 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013432)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013432 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/damon/dbgfs: protect targets destructions with kdamondlock DAMON debugfs interface iterates...

7CVSS5.7AI score0.00214EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/30 12:34 p.m.24 views

CVE-2023-54320 platform/x86/amd: pmc: Fix memory leak in amd_pmc_stb_debugfs_open_v2()

In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: pmc: Fix memory leak in amdpmcstbdebugfsopenv2 Function amdpmcstbdebugfsopenv2 may be called when the STB debug mechanism enabled. When amdpmcsendcmd fails, the 'buf' needs to be released...

0.00159EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/30 12:0 a.m.8 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the presence of a debug file system entry leak at the block level...

5.8AI score0.00168EPSS
Exploits0References5
Rows per page
Query Builder