Lucene search
+L

1403 matches found

Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.19 views

PT-2026-35500

A weakness has been identified in mettle sendportal up to 3.0.1. Affected is the function destroy of the file app/Http/Controllers/Workspaces/WorkspaceInvitationsController.php of the component Invitation Handler. This manipulation of the argument invitation causes authorization bypass. The attac...

5.5CVSS5.4AI score0.00235EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/04/25 8:46 a.m.6 views

CVE-2026-31678

In the Linux kernel, the following vulnerability has been resolved: openvswitch: defer tunnel netdevput to RCU release ovsnetdevtunneldestroy may run after NETDEVUNREGISTER already detached the device. Dropping the netdev reference in destroy can race with concurrent readers that still observe...

5.2AI score0.00096EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2026/04/25 8:46 a.m.2 views

CVE-2026-31678 openvswitch: defer tunnel netdev_put to RCU release

In the Linux kernel, the following vulnerability has been resolved: openvswitch: defer tunnel netdevput to RCU release ovsnetdevtunneldestroy may run after NETDEVUNREGISTER already detached the device. Dropping the netdev reference in destroy can race with concurrent readers that still observe...

7.8CVSS5.9AI score0.00096EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2026/04/25 1:37 a.m.9 views

SUSE CVE-2026-31642

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix call removal to use RCU safe deletion Fix rxrpc call removal from the rxnet-calls list to use listdelrcu rather than listdelinit to prevent stuffing up reading /proc/net/rxrpc/calls from potentially getting into an...

5.5CVSS5.5AI score0.00123EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/25 12:0 a.m.8 views

PT-2026-35138

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the Open vSwitch component of the Linux kernel. The ovs netdev tunnel destroy function may execute after the NETDEV UNREGISTER process has already detached the...

7.8CVSS5.5AI score0.00096EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/25 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-31645

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: lan966x: fix page pool leak in error paths lan966xfdmarxalloc creates a page pool but does not destroy it if the subsequent fdmaalloccoherent call fails,...

5.5CVSS6.2AI score0.00122EPSS
Exploits0References2
OSV
OSV
added 2026/04/24 3:16 p.m.4 views

DEBIAN-CVE-2026-31645

In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix page pool leak in error paths lan966xfdmarxalloc creates a page pool but does not destroy it if the subsequent fdmaalloccoherent call fails, leaking the pool. Similarly, lan966xfdmainit frees the coherent DMA...

5.5CVSS5.2AI score0.00122EPSS
Exploits0References1
NVD
NVD
added 2026/04/24 3:16 p.m.6 views

CVE-2026-31639

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix key reference count leak from call-key When creating a client call in rxrpcallocclientcall, the code obtains a reference to the key. This is never cleaned up and gets leaked when the call is destroyed. Fix this by...

5.5CVSS0.00122EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/24 2:44 p.m.4 views

CVE-2026-31645

In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix page pool leak in error paths lan966xfdmarxalloc creates a page pool but does not destroy it if the subsequent fdmaalloccoherent call fails, leaking the pool. Similarly, lan966xfdmainit frees the coherent DMA...

5.3AI score0.00122EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/04/24 2:44 p.m.6 views

EUVD-2026-25538

In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix page pool leak in error paths lan966xfdmarxalloc creates a page pool but does not destroy it if the subsequent fdmaalloccoherent call fails, leaking the pool. Similarly, lan966xfdmainit frees the coherent DMA...

5.3AI score0.00122EPSS
Exploits0References4
CVE
CVE
added 2026/04/24 2:44 p.m.17 views

CVE-2026-31645

CVE-2026-31645 pertains to the Linux kernel lan966x network driver. The issue is a memory/resource leak: in error paths of lan966x_fdma_rx_alloc() a created page pool is not destroyed if a subsequent fdma_alloc_coherent() fails, and in lan966x_fdma_init() the page pool created by lan966x_fdma_rx_...

5.5CVSS5.3AI score0.00122EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/04/24 2:44 p.m.34 views

CVE-2026-31645 net: lan966x: fix page pool leak in error paths

In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix page pool leak in error paths lan966xfdmarxalloc creates a page pool but does not destroy it if the subsequent fdmaalloccoherent call fails, leaking the pool. Similarly, lan966xfdmainit frees the coherent DMA...

0.00122EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/24 2:44 p.m.5 views

EUVD-2026-25535

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix call removal to use RCU safe deletion Fix rxrpc call removal from the rxnet-calls list to use listdelrcu rather than listdelinit to prevent stuffing up reading /proc/net/rxrpc/calls from potentially getting into an...

5.4AI score0.00123EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/24 2:44 p.m.33 views

CVE-2026-31642 rxrpc: Fix call removal to use RCU safe deletion

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix call removal to use RCU safe deletion Fix rxrpc call removal from the rxnet-calls list to use listdelrcu rather than listdelinit to prevent stuffing up reading /proc/net/rxrpc/calls from potentially getting into an...

0.00123EPSS
Exploits0References8
EUVD
EUVD
added 2026/04/24 2:44 p.m.5 views

EUVD-2026-25532

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix key reference count leak from call-key When creating a client call in rxrpcallocclientcall, the code obtains a reference to the key. This is never cleaned up and gets leaked when the call is destroyed. Fix this by...

5.4AI score0.00122EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/24 2:44 p.m.33 views

CVE-2026-31639 rxrpc: Fix key reference count leak from call->key

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix key reference count leak from call-key When creating a client call in rxrpcallocclientcall, the code obtains a reference to the key. This is never cleaned up and gets leaked when the call is destroyed. Fix this by...

0.00122EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/24 2:44 p.m.3 views

CVE-2026-31639

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix key reference count leak from call-key When creating a client call in rxrpcallocclientcall, the code obtains a reference to the key. This is never cleaned up and gets leaked when the call is destroyed. Fix this by...

5.3AI score0.00122EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/04/24 2:44 p.m.15 views

CVE-2026-31639

In the Linux kernel, CVE-2026-31639 affects the rxrpc subsystem. A client call acquires a reference to a key during rxrpc_alloc_client_call(), but this reference is not released when the call is destroyed, causing a key reference-count leak. The documented fix frees call->key in rxrpc_destroy_...

5.5CVSS5.4AI score0.00122EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/04/24 2:44 p.m.1 views

CVE-2026-31639 rxrpc: Fix key reference count leak from call->key

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix key reference count leak from call-key When creating a client call in rxrpcallocclientcall, the code obtains a reference to the key. This is never cleaned up and gets leaked when the call is destroyed. Fix this by...

5.5CVSS5.9AI score0.00122EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.6 views

PT-2026-34991

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix key reference count leak from call-key When creating a client call in rxrpc alloc client call, the code obtains a reference to the key. This is never cleaned up and gets leaked when the call is destroyed. Fix this by...

5.4AI score0.00122EPSS
Exploits0References6
Rows per page
Query Builder