Lucene search
K

2027 matches found

RedHat Linux
RedHat Linux
added 3 days ago6 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in SyncChangeCounter()

A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter. A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to crash the server, or f...

7.8CVSS6.8AI score0.0014EPSS
Exploits0References7
CVE
CVE
added last week33 views

CVE-2026-23556

CVE-2026-23556 affects Xen oxenstored: when tearing down a domain, node data is cleaned but quota usage counts are leaked. On domain ID reuse, a new domain can create fewer nodes before being over quota. Impact is locally exploitable high-severity (CVSS 4.0 base 9.4, HIGH confidentiality, integri...

9.4CVSS5.9AI score0.00137EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/07/08 4:16 p.m.4 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in miSyncDestroyFence()

A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence. A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence and await that fence, then a second X connection...

7.8CVSS6.9AI score0.00142EPSS
Exploits0References7
NVD
NVD
added 2026/07/08 9:16 a.m.9 views

CVE-2026-57245

When the application opens a PDF, traverses and builds the annotation elements related to hyperlinks, it fails to validate the abnormal annotation relationships and field combinations. This results in the internal objects entering an invalid state. Eventually, during the destruction phase, an...

7.8CVSS0.00116EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/08 7:36 a.m.6 views

CVE-2026-57245

When the application opens a PDF, traverses and builds the annotation elements related to hyperlinks, it fails to validate the abnormal annotation relationships and field combinations. This results in the internal objects entering an invalid state. Eventually, during the destruction phase, an...

7.8CVSS5.9AI score0.00116EPSS
Exploits0References2Affected Software2
RedHat Linux
RedHat Linux
added 2026/07/07 6:51 a.m.3 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in miSyncDestroyFence()

A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence. A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence and await that fence, then a second X connection...

7.8CVSS6.9AI score0.00142EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.11 views

PT-2026-56085

Name of the Vulnerable Software and Affected Versions Langroid versions prior to 0.65.5 Description Neo4jChatAgent passes LLM-generated Cypher queries directly to the Neo4j driver without validation, a statement-type allowlist, or an opt-out gate. Because the query text can be influenced by promp...

9.2CVSS6AI score0.00461EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2026/07/02 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53349

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: nfconntrack: destroy stale expectfn expectations on unregister NAT helpers such as nfnath323 store a raw pointer to module text in exp-expectfn e.g...

6AI score0.00161EPSS
Exploits0References4
OSV
OSV
added 2026/07/01 8:12 p.m.4 views

CVE-2026-54786 Wasmtime: Leak in WASIp1 `fd_renumber` implementation

Wasmtime is a runtime for WebAssembly. All versions prior to 24.0.10; versions 25.0.0 through those before 36.0.11; versions 37.0.0 through those before 44.0.3; and versions 45.0.0 and 45.0.1 contain a native implementation of WASIp1 which suffers from a leak in the fdrenumber function where the...

2.3CVSS5.8AI score0.00217EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 1:32 p.m.6 views

EUVD-2026-40986

In the Linux kernel, the following vulnerability has been resolved: signal: clear JOBCTLPENDINGMASK for caller in zapotherthreads When a multi-threaded process receives a stop signal e.g., SIGSTOP, dosignalstop sets JOBCTLSTOPPENDING and JOBCTLSTOPCONSUME on all threads and sets...

5.8AI score0.00164EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/06/28 1:9 a.m.8 views

SUSE CVE-2026-53279

In the Linux kernel, the following vulnerability has been resolved: drm/gma500/oaktraillvds: fix hang on init failure The LVDS init code looks up an I2C adapter using i2cgetadapter and tries to read the EDID before falling back to allocating and registering its own adapter. The error handling doe...

5.8AI score0.00122EPSS
Exploits0References3
OSV
OSV
added 2026/06/26 8:17 p.m.7 views

DEBIAN-CVE-2026-53308

In the Linux kernel, the following vulnerability has been resolved: power: supply: max77705: Free allocated workqueue and fix removal order Use devm interface for allocating workqueue to fix two bugs at the same time: 1. Driver leaks the memory on remove, because the workqueue is not destroyed. 2...

5.5CVSS5.8AI score0.001EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-53279

In the Linux kernel, the following vulnerability has been resolved: drm/gma500/oaktraillvds: fix hang on init failure The LVDS init code looks up an I2C adapter using i2cgetadapter and tries to read the EDID before falling back to allocating and registering its own adapter. The error handling doe...

5.5CVSS0.00122EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/26 7:40 p.m.7 views

EUVD-2026-39884

In the Linux kernel, the following vulnerability has been resolved: drm/gma500/oaktraillvds: fix hang on init failure The LVDS init code looks up an I2C adapter using i2cgetadapter and tries to read the EDID before falling back to allocating and registering its own adapter. The error handling doe...

5.8AI score0.00122EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/06/26 7:40 p.m.7 views

CVE-2026-53279

In the Linux kernel, the following vulnerability has been resolved: drm/gma500/oaktraillvds: fix hang on init failure The LVDS init code looks up an I2C adapter using i2cgetadapter and tries to read the EDID before falling back to allocating and registering its own adapter. The error handling doe...

5.5CVSS5.8AI score0.00122EPSS
Exploits0
CVE
CVE
added 2026/06/26 7:40 p.m.17 views

CVE-2026-53278

CVE-2026-53278 affects the Linux kernel arm_mpam component. The vulnerability arises when __destroy_component_cfg() is invoked from mpam_disable() before the configuration array has been allocated, causing a NULL pointer dereference. The function frees the configuration array and mbwu_state; sinc...

5.5CVSS5.8AI score0.00107EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/26 6:14 p.m.11 views

CVE-2026-53089

A flaw was found in the Linux kernel's BPF Berkeley Packet Filter subsystem. When querying information for an offloaded BPF map or program, a race condition can occur during network namespace destruction. This can lead to a use-after-free vulnerability, potentially causing a system crash or denia...

7CVSS5.8AI score0.00145EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/26 6:1 p.m.6 views

CVE-2026-47205

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.36.0 until 1.36.9, 1.37.5, and 1.38.3, a Use-After-Free UAF vulnerability leading to a sudden segmentation fault exists in Envoy's extauthz HTTP filter when processing per-route authorization overrides...

5.9CVSS5.8AI score0.00387EPSS
Exploits1References2Affected Software1
SUSE CVE
SUSE CVE
added 2026/06/26 2:14 a.m.8 views

SUSE CVE-2026-52955

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in crushdecode A message of type CEPHMSGOSDMAP containing a crush map with at least one bucket has two fields holding the bucket algorithm. If the values in these two fields differ, an...

7.5CVSS5.8AI score0.00385EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.5 views

CVE-2026-53197

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix ABBA deadlock in iptfsdestroystate iptfsdestroystate calls hrtimercancel while holding a spinlock that the timer callback also acquires, leading to an ABBA deadlock on SMP systems. For the output timer iptfstimer...

5.5CVSS5.7AI score0.00097EPSS
Exploits0
Rows per page
Query Builder