Lucene search
K

1677 matches found

CVE
CVE
added 2 days ago9 views

CVE-2026-53357

CVE-2026-53357 triggers a use-after-free in the Linux kernel Bluetooth stack (l2cap) when closing a listening socket: bt_accept_dequeue() temporarily holds the child, then cleanup_listen() may operate on a sk that has already been freed by l2cap_conn_del() during an HCI disconnect. The race occur...

5.8AI score0.00165EPSS
Exploits0References8
EUVD
EUVD
added 2 days ago4 views

EUVD-2026-41372

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix UAF in l2capsockcleanuplisten vs l2capconndel btacceptdequeue unlinks a not-yet-accepted child from the parent accept queue and releasesocks it before returning, so the returned sk has no caller reference and is...

7.8CVSS5.8AI score0.00165EPSS
Exploits0References8
NVD
NVD
added 2 days ago4 views

CVE-2026-57269

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.3CVSS0.0024EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2 days ago7 views

PT-2026-55234

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the Bluetooth L2CAP socket cleanup process. The problem occurs during a race condition between l2cap sock cleanup listen and l2cap conn del. Specifically...

6AI score0.00165EPSS
Exploits0References11
CVE
CVE
added 4 days ago11 views

CVE-2026-10654

The CVE-2026-10654 issue is a race in Zephyr’s Bluetooth Classic RFCOMM host stack (subsys/bluetooth/host/classic/rfcomm.c): when one side initiates a session teardown and the peer simultaneously sends a DISC for DLCI 0, rfcomm_handle_disc() forces the session to DISCONNECTED without calling bt_l...

3.1CVSS5.8AI score0.00124EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/26 2:25 p.m.11 views

CVE-2026-53025

A flaw was found in the Linux kernel's Greybus raw subsystem. A local user application could trigger a use-after-free vulnerability by disconnecting a Greybus raw bundle while its associated character device was still open. When the application subsequently attempts to release the character devic...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.10 views

PT-2026-53019

Name of the Vulnerable Software and Affected Versions python-socketio versions prior to 5.16.2 Description The server stores binary EVENT and ACK messages in memory while awaiting their binary attachments. An attacker can trigger a memory exhaustion issue by submitting a binary message and...

7.5CVSS5.8AI score
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-53024

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - greybus: raw: fix use-after-free if write is called after disconnect If a user writes to the chardev after disconnect has been called, the kernel panics with th...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 6:32 p.m.4 views

EUVD-2026-38892

In the Linux kernel, the following vulnerability has been resolved: greybus: raw: fix use-after-free if write is called after disconnect If a user writes to the chardev after disconnect has been called, the kernel panics with the following trace with CONFIGINITONFREEDEFAULTON=y: BUG: kernel NULL...

5.7AI score0.00129EPSS
Exploits0References3
NVD
NVD
added 2026/06/24 5:17 p.m.6 views

CVE-2026-53024

In the Linux kernel, the following vulnerability has been resolved: greybus: raw: fix use-after-free if write is called after disconnect If a user writes to the chardev after disconnect has been called, the kernel panics with the following trace with CONFIGINITONFREEDEFAULTON=y: BUG: kernel NULL...

7.8CVSS0.00129EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 4:29 p.m.27 views

CVE-2026-53024 greybus: raw: fix use-after-free if write is called after disconnect

In the Linux kernel, the following vulnerability has been resolved: greybus: raw: fix use-after-free if write is called after disconnect If a user writes to the chardev after disconnect has been called, the kernel panics with the following trace with CONFIGINITONFREEDEFAULTON=y: BUG: kernel NULL...

7.8CVSS0.00129EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 4:29 p.m.7 views

CVE-2026-53024

Summary: CVE-2026-53024 affects the Linux kernel Greybus raw subsystem. A use-after-free can occur when a user writes to a chardev after disconnect, because gb_connection_destroy frees the connection object during disconnect and a subsequent write may access that freed object, potentially trigger...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure context reset on disconnect After the committed code below, if the MPC subflow is already in the TCPCLOSE status or has fallen back to TCP at the mptcpdisconnect time, mptcpdofastclose skips setting the sendfastclos...

5.5CVSS5.8AI score0.00116EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.12 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: smb: Server: Fixed a leak of activenumconn in ksmbdtcpnewconnection. When ksmbdtcpnewconnection fails due to a kthreadrun failure, the transport is freed using freetransport, which does not decrement activenumconn, resulting in a...

5.5CVSS5.7AI score0.00118EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 5:33 a.m.6 views

EUVD-2026-38667

The SecuforOAuth plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 1.0.7. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to disconnect the WordPress...

5.3CVSS5.8AI score0.00295EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-51918

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the greybus raw component. If a user performs a write operation to the chardev after a disconnect has been initiated, the kernel may panic due to a NULL...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-51679

Name of the Vulnerable Software and Affected Versions Secufor OAuth versions prior to 1.0.8 Description The Secufor OAuth plugin for WordPress contains an unauthorized access flaw resulting from improper verification of user authorization. This allows unauthenticated attackers to disconnect a...

5.3CVSS5.6AI score0.00295EPSS
Exploits0References10
Cvelist
Cvelist
added 2026/06/22 9:4 p.m.23 views

CVE-2026-56280 Cap-go - Privilege Inversion in Build Log Stream via SSE Disconnect

Cap-go before 12.128.2 contains a privilege inversion vulnerability in GET /build/logs/:jobId that allows read-only API key holders to cancel running native builds. The endpoint registers an abort listener on the SSE stream that unconditionally invokes cancelBuildOnDisconnect using the privileged...

7.1CVSS0.00262EPSS
Exploits0References2
NVD
NVD
added 2026/06/22 6:16 p.m.12 views

CVE-2026-54280

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, payload resources are not closed correctly when a client disconnects in the middle of a write. If a payload is using an open file or similar limited resource, then an attacker may be able to cause...

7.5CVSS0.00281EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/22 4:40 p.m.5 views

CVE-2026-54280

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, payload resources are not closed correctly when a client disconnects in the middle of a write. If a payload is using an open file or similar limited resource, then an attacker may be able to cause...

6.3CVSS5.8AI score0.00281EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder