CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Snyk•added 2026/05/04 7:46 p.m.•2 views

Allocation of Resources Without Limits or Throttling

5.3CVSS5.8AI score0.00333EPSS

Snyk•added 2026/05/04 7:46 p.m.•18 views

Allocation of Resources Without Limits or Throttling

5.3CVSS5.8AI score0.00333EPSS

OSV•added 2026/05/04 7:46 p.m.•3 views

GHSA-98VH-X9CX-9CFP Incus is affected by unbounded binary import disk exhaustion

Summary Uploads of large amount of data by authenticated users can run the Incus server out of disk space, potentially taking down the host system. The impact here is limited for anyone using storage.imagesvolume and storage.backupsvolume as those users will have large uploads be stored on those...

4.3CVSS5.8AI score0.00333EPSS

Exploits1References4

Github Security Blog•added 2026/05/04 7:46 p.m.•5 views

Incus is affected by unbounded binary import disk exhaustion

4.3CVSS5.8AI score0.00333EPSS

Exploits1References4Affected Software1

AstraLinux•added 2026/05/03 11:59 p.m.•6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: The maximum minor value is set to blkallocextminor. The idaallocrange... min, max,... function returns values ranging from min to max, including both ends. Therefore, NREXTDEVT is a valid index returned by blkallocextminor. This ...

5.5CVSS5.5AI score0.0024EPSS

Exploits0References1

7.1CVSS5.7AI score0.00152EPSS

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: nilfs2: Fixed a shift-out-of-bounds/overflow issue in nilfssb2badoffset. The patch series “nilfs2: Fix UBSAN shift-out-of-bounds warnings during mount time” addresses this issue. The first patch fixes a bug reported by syzbot,...

Exploits0References1

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: blk-iocost: Do not issue a warning if iocg was already offline. In iocgpaydebt, a warning is triggered if ‘activelist’ is empty. This is intended to confirm that iocg is active when it has debts. However, a warning can still be...

7.1CVSS5.7AI score0.00234EPSS

5.5CVSS5.9AI score0.00219EPSS

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: jfs: Rejects inodes of an unsupported type on the disk Syzbot has reported the following bug: Kernel bug at fs/inode.c:668! Oops: Invalid opcode: 0000 1 PREEMPT SMP KASAN PTI CPU: 3 UID: 0 PID: 139 Comm: jfsCommit Not tainted...

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux – Vulnerability in zziplib

A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service through the zzipFetchDiskTrailer function located in the /zzip/zip.c file...

7.5CVSS6.4AI score0.00604EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Block layer: Fixed a deadlock between bdlinkdiskholder and partitionscan. The openmutex of gendisk is used to protect the opening and closing of block devices. However, in bdlinkdiskholder, it is used to protect the creation of...

5.5CVSS5.9AI score0.0021EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: brd: Automatic disk creation is deferred until module initialization succeeds. My colleague Wupeng identified the following issues during fault injection: BUG: Unable to handle page faults for address: fffffbfff809d073 PGD:...

7.8CVSS6.5AI score0.00239EPSS

4.3CVSS5.5AI score0.0081EPSS

Astra Linux – Vulnerability in Thunderbird

OpenPGP secret keys that were imported using Thunderbird versions 78.8.1 up to 78.10.1 were stored unencrypted on the user’s local disk. The master password protection was inactive for those keys. Version 78.10.2 will restore the protection mechanism for newly imported keys, and will automaticall...

Exploits1References1

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: jfs: Verify the inode mode when loading from disk. The inode mode loaded from a corrupted disk may be invalid. Do as described in the commit 0a9e74051313 “isofs: Verify the inode mode when loading from disk”...

5.1AI score0.00165EPSS

Exploits0References1

6.5CVSS7AI score0.05919EPSS

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to obtain potentially sensitive information from the disk via a crafted HTML page...

Exploits1References1

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nilfs2: A infinite loop has been fixed in nilfsmdtgetblock. If the disk image that nilfs2 mounts is corrupted, and the virtual block address obtained through block lookup for a metadata file is invalid, nilfsbmaplookupatlevel may...

5.3AI score0.00217EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: md/raid0, raid10: Do not set discard sectors for the request queue. It should use diskstacklimits to determine the appropriate maxdiscardsectors instead of setting the value using stack drivers. There is also a bug. If all...

5.4AI score0.00166EPSS