Lucene search
K

1791 matches found

Tenable Nessus
Tenable Nessus
added 2 days ago8 views

Linux Distros Unpatched Vulnerability : CVE-2026-45740

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 7.5.8 and 8.2.0, protobufjs could recurse without a depth limit while expanding...

7.5CVSS6AI score0.00263EPSS
Exploits0References2
NVD
NVD
added last week7 views

CVE-2026-54786

Wasmtime is a runtime for WebAssembly. All versions prior to 24.0.10; versions 25.0.0 through those before 36.0.11; versions 37.0.0 through those before 44.0.3; and versions 45.0.0 and 45.0.1 contain a native implementation of WASIp1 which suffers from a leak in the fdrenumber function where the...

5CVSS0.00217EPSS
Exploits0References1
Cvelist
Cvelist
added last week35 views

CVE-2026-54786 Wasmtime: Leak in WASIp1 `fd_renumber` implementation

Wasmtime is a runtime for WebAssembly. All versions prior to 24.0.10; versions 25.0.0 through those before 36.0.11; versions 37.0.0 through those before 44.0.3; and versions 45.0.0 and 45.0.1 contain a native implementation of WASIp1 which suffers from a leak in the fdrenumber function where the...

2.3CVSS0.00217EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added last week4 views

CVE-2026-54786

Wasmtime is a runtime for WebAssembly. All versions prior to 24.0.10; versions 25.0.0 through those before 36.0.11; versions 37.0.0 through those before 44.0.3; and versions 45.0.0 and 45.0.1 contain a native implementation of WASIp1 which suffers from a leak in the fdrenumber function where the...

2.3CVSS5.7AI score0.00217EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.4 views

PT-2026-54848

Name of the Vulnerable Software and Affected Versions Wasmtime versions prior to 24.0.10 Wasmtime versions 25.0.0 through 36.0.10 Wasmtime versions 37.0.0 through 44.0.2 Wasmtime versions 45.0.0 through 45.1 Description A resource leak exists in the native implementation of WASIp1 within the fd...

5CVSS5.8AI score0.00217EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-53087

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: bcmgenet: fix leaking freebds While reclaiming the tx queue we fast forward the write pointer to drop any data in flight. These dropped frames are not adde...

7.5CVSS6AI score0.00376EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/26 2:14 a.m.6 views

SUSE CVE-2026-52964

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Bound MIDI 2.0 endpoint descriptor scans The USB MIDI 2.0 endpoint parser has the same descriptor walking pattern as the legacy MIDI parser. It validates bLength against bNumGrpTrmBlock before reading...

5.8AI score0.00175EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/26 12:3 a.m.7 views

CVE-2026-53087

A flaw was found in the Linux kernel's bcmgenet network driver. When the transmit tx queue is reclaimed, the driver incorrectly drops data frames without returning them to the pool of free buffer descriptors bds. This oversight results in a resource leak, which can lead to resource exhaustion and...

7.5CVSS6AI score0.00376EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/25 12:23 p.m.30 views

CVE-2026-40209 Denial of service via IXFR queries

An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by sending IXFR queries. This could be used to cause a denial of service if there is a limit to the number of concurrent connections to this backend, or...

5.3CVSS0.00404EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-53005

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - afunix: Drop all SCM attributes for SOCKMAP. SOCKMAP can hide inflight fd from AFUNIX GC. When a socket in SOCKMAP receives skb with inflight fd,...

7.8CVSS6AI score0.00129EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/24 8:15 p.m.5 views

CVE-2026-52814

Gogs is an open source self-hosted Git service. Prior to 0.14.3, the Gogs built-in Go SSH server is vulnerable to an unauthenticated, asymmetric Denial of Service DoS attack. The application accepts inbound TCP connections and passes them to golang.org/x/crypto/ssh.NewServerConn inside a new...

6.9CVSS5.9AI score0.00547EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/06/24 6:32 p.m.3 views

EUVD-2026-38832

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Bound MIDI 2.0 endpoint descriptor scans The USB MIDI 2.0 endpoint parser has the same descriptor walking pattern as the legacy MIDI parser. It validates bLength against bNumGrpTrmBlock before reading...

5.7AI score0.00175EPSS
Exploits0References6
NVD
NVD
added 2026/06/24 5:17 p.m.6 views

CVE-2026-53005

In the Linux kernel, the following vulnerability has been resolved: afunix: Drop all SCM attributes for SOCKMAP. SOCKMAP can hide inflight fd from AFUNIX GC. When a socket in SOCKMAP receives skb with inflight fd, skpsockverdictdataready looks up the mapped socket and enqueue skb to its...

7.8CVSS0.00129EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 4:29 p.m.27 views

CVE-2026-53005 af_unix: Drop all SCM attributes for SOCKMAP.

In the Linux kernel, the following vulnerability has been resolved: afunix: Drop all SCM attributes for SOCKMAP. SOCKMAP can hide inflight fd from AFUNIX GC. When a socket in SOCKMAP receives skb with inflight fd, skpsockverdictdataready looks up the mapped socket and enqueue skb to its...

7.8CVSS0.00129EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 4:29 p.m.10 views

CVE-2026-53005

CVE-2026-53005 affects the Linux kernel af_unix SOCKMAP feature. The issue arises from improper handling of SCM attributes when data is passed to SOCKMAP, enabling a use-after-free and inflight-file-descriptor leaks due to inability of GC paths to inspect psock queues after skb redirection. Multi...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 7:14 a.m.12 views

CVE-2026-52915

CVE-2026-52915 concerns the Linux kernel netfilter ip6t_hbh module, where ip6t_opts may store at most IP6T_OPTS_OPTSNR (16) option descriptors but hbh_mt6_check() did not reject larger optsnr values from userspace. This allowed a potential out-of-bounds condition (UBSAN: array-index-out-of-bounds...

7.1CVSS5.7AI score0.00126EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-51981

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the bcmgenet network driver where free bds buffer descriptors are leaked. During the reclamation of the tx queue, the write pointer is fast-forwarded to drop data in...

7.5CVSS5.9AI score0.00376EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.13 views

PT-2026-51899

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.0-rc7 Description An issue exists in the af unix component where SOCKMAP can hide inflight file descriptors from the AF UNIX Garbage Collector GC. When a socket in SOCKMAP receives a socket buffer skb with an...

7.8CVSS5.9AI score0.00129EPSS
Exploits0References4
NVD
NVD
added 2026/06/22 6:16 p.m.15 views

CVE-2026-54271

protobufjs-cli is the command line add-on for protobuf.js. Prior to 1.3.2 and 2.5.0, a previous fix for unsafe name handling in pbjs static / static-module code generation was incomplete. Affected versions of protobufjs-cli could still emit unsafe JavaScript references when generating static outp...

8.2CVSS0.00228EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/22 4:16 p.m.5 views

CVE-2026-54271

protobufjs-cli is the command line add-on for protobuf.js. Prior to 1.3.2 and 2.5.0, a previous fix for unsafe name handling in pbjs static / static-module code generation was incomplete. Affected versions of protobufjs-cli could still emit unsafe JavaScript references when generating static outp...

8.2CVSS5.9AI score0.00228EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder