Lucene search
K

40 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Fixing the deletion race condition A system crash occurs when using the debug kernel due to corruption of the link list. The cause of the link list corruption is that session deletion was allowed to occur twice...

4.7CVSS6.3AI score0.001EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fixed a use-after-free race condition for maps It is possible that before fastrpcfreemap is called, another thread may call fastrpcmaplookup and obtain a reference to a map that is about to be deleted. The function...

7CVSS6.1AI score0.00242EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.4 views

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007044)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007044 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix deletion race condition System crash when using debug kernel due to link list...

4.7CVSS6.3AI score0.001EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.3 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006750)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006750 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix deletion race condition System crash when using debug kernel due to link list...

4.7CVSS6.3AI score0.001EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/25 12:47 p.m.5 views

CVE-2026-23393

A flaw was found in the Linux kernel's bridge Connectivity Fault Management CFM component. A race condition can occur during the deletion of a peer Maintenance Entity Group End Point MEP. This allows the brcfmframerx function to re-schedule a delayed work on a MEP object after it has been marked...

5.9AI score0.001EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/03/25 10:33 a.m.4 views

CVE-2026-23393

In the Linux kernel, the following vulnerability has been resolved: bridge: cfm: Fix race condition in peermep deletion When a peer MEP is being deleted, canceldelayedworksync is called on ccmrxdwork before freeing. However, brcfmframerx runs in softirq context under rcureadlock without RTNL and...

7.8CVSS5.2AI score0.001EPSS
Exploits0
CVE
CVE
added 2026/02/25 8:30 p.m.27 views

CVE-2026-25954

CVE-2026-25954 affects FreeRDP. The vulnerability arises in the RAIL path where xf_rail_get_window returns a pointer from the railWindows hash table that is freed by the main thread while the RAIL channel thread is still using it, allowing dereferencing of a freed xfAppWindow pointer. This race c...

7.5CVSS5.4AI score0.00486EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2026/02/25 8:27 p.m.23 views

CVE-2026-25953 FreeRDP has heap-use-after-free in xf_AppUpdateWindowFromSurface (freed appWindow)

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfAppUpdateWindowFromSurface reads from a freed xfAppWindow because the RDPGFX DVC thread obtains a bare pointer via xfrailgetwindow without any lifetime protection, while the main thread can concurrently...

6.9CVSS0.00587EPSS
Exploits1References10
ATTACKERKB
ATTACKERKB
added 2026/02/25 8:24 p.m.10 views

CVE-2026-25952

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfSetWindowMinMaxInfo dereferences a freed xfAppWindow pointer because xfrailgetwindow in xfrailserverminmaxinfo returns an unprotected pointer from the railWindows hash table, and the main thread can...

9.8CVSS5.5AI score0.00599EPSS
Exploits1References12Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/26 12:0 a.m.5 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004957)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004957 advisory. In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel If an exiting...

7.4CVSS6.6AI score0.01345EPSS
Exploits8References4
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.11 views

PT-2026-22009

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.23.0 Description FreeRDP is a free implementation of the Remote Desktop Protocol. Versions before 3.23.0 contain a flaw where the xf SetWindowMinMaxInfo function improperly dereferences a freed xfAppWindow pointer...

10CVSS5.3AI score0.00756EPSS
Exploits18References140
RedhatCVE
RedhatCVE
added 2025/11/26 4:56 p.m.5 views

CVE-2025-12472

An attacker with a Looker Developer role could manipulate a LookML project to exploit a race condition during Git directory deletion, leading to arbitrary command execution on the Looker instance. Looker-hosted and Self-hosted were found to be vulnerable. This issue has already been mitigated for...

7.1CVSS7.1AI score0.00226EPSS
Exploits0References1
NVD
NVD
added 2025/11/19 11:15 a.m.6 views

CVE-2025-12472

An attacker with a Looker Developer role could manipulate a LookML project to exploit a race condition during Git directory deletion, leading to arbitrary command execution on the Looker instance. Looker-hosted and Self-hosted were found to be vulnerable. This issue has already been mitigated for...

7.1CVSS0.00226EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/19 10:27 a.m.8 views

CVE-2025-12472 Remote Code Execution in Looker due to Improperly Validated Directory Deletion

An attacker with a Looker Developer role could manipulate a LookML project to exploit a race condition during Git directory deletion, leading to arbitrary command execution on the Looker instance. Looker-hosted and Self-hosted were found to be vulnerable. This issue has already been mitigated for...

7.1CVSS0.00226EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/19 12:0 a.m.3 views

Google Cloud Looker 安全漏洞

Google Cloud Looker is an online tool from Google USA for transforming data into customizable and informative reports and dashboards. A security vulnerability exists in Google Cloud Looker that stems from the Looker Developer role that can manipulate LookML projects to take advantage of competing...

7.1CVSS7.1AI score0.00226EPSS
Exploits0References2
OSV
OSV
added 2025/10/31 2:12 p.m.8 views

OESA-2025-2554 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential out of bound read in ext4fcreplayscan For scan loop must ensure that at least EXT4FCTAGBASELEN space. If remain space less than...

7.8CVSS6.5AI score0.0025EPSS
Exploits0References31
Tenable Nessus
Tenable Nessus
added 2025/10/08 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-53615

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: qla2xxx: Fix deletion race condition System crash when using debug kernel due to link list corruption. The cause of the link list corruption is due to...

4.7CVSS6.6AI score0.001EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/10/05 2:55 a.m.5 views

SUSE CVE-2023-53615

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix deletion race condition System crash when using debug kernel due to link list corruption. The cause of the link list corruption is due to session deletion was allowed to queue up twice. Here's the internal trac...

5.5CVSS6.5AI score0.001EPSS
Exploits0References20
NVD
NVD
added 2025/10/04 4:15 p.m.7 views

CVE-2023-53615

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix deletion race condition System crash when using debug kernel due to link list corruption. The cause of the link list corruption is due to session deletion was allowed to queue up twice. Here's the internal trac...

4.7CVSS0.001EPSS
Exploits0References6
OSV
OSV
added 2025/10/04 4:15 p.m.4 views

UBUNTU-CVE-2023-53615

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix deletion race condition System crash when using debug kernel due to link list corruption. The cause of the link list corruption is due to session deletion was allowed to queue up twice. Here's the internal trac...

4.7CVSS6AI score0.001EPSS
Exploits0References9
Rows per page
Query Builder