Lucene search
K

1653 matches found

NVD
NVD
added 2026/06/03 6:16 p.m.15 views

CVE-2026-46259

In the Linux kernel, the following vulnerability has been resolved: procfs: fix missing RCU protection when reading realparent in dotaskstat When reading /proc/pid/stat, dotaskstat accesses task-realparent without proper RCU protection, which leads to: cpu 0 cpu 1 ----- ----- dotaskstat var =...

7.8CVSS0.0012EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/06/03 3:49 p.m.11 views

CVE-2026-46259

In the Linux kernel, the following vulnerability has been resolved: procfs: fix missing RCU protection when reading realparent in dotaskstat When reading /proc/pid/stat, dotaskstat accesses task-realparent without proper RCU protection, which leads to: cpu 0 cpu 1 ----- ----- dotaskstat var =...

5.7AI score0.0012EPSS
Exploits0References9Affected Software1
EUVD
EUVD
added 2026/06/03 3:49 p.m.10 views

EUVD-2026-34121

In the Linux kernel, the following vulnerability has been resolved: procfs: fix missing RCU protection when reading realparent in dotaskstat When reading /proc/pid/stat, dotaskstat accesses task-realparent without proper RCU protection, which leads to: cpu 0 cpu 1 ----- ----- dotaskstat var =...

5.8AI score0.0012EPSS
Exploits0References8
OSV
OSV
added 2026/06/03 3:49 p.m.2 views

CVE-2026-46259 procfs: fix missing RCU protection when reading real_parent in do_task_stat()

In the Linux kernel, the following vulnerability has been resolved: procfs: fix missing RCU protection when reading realparent in dotaskstat When reading /proc/pid/stat, dotaskstat accesses task-realparent without proper RCU protection, which leads to: cpu 0 cpu 1 ----- ----- dotaskstat var =...

7.8CVSS6.3AI score0.0012EPSS
Exploits0References11
CVE
CVE
added 2026/06/03 3:49 p.m.72 views

CVE-2026-46259

In the Linux kernel procfs path do_task_stat() reading /proc/[pid]/stat, task->real_parent is accessed without proper RCU protection, enabling a potential Use-After-Free when another task is released. The fix switches from task_tgid_nr_ns() to task_ppid_nr_ns() to add proper RCU protection for...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/06/03 3:49 p.m.41 views

CVE-2026-46259 procfs: fix missing RCU protection when reading real_parent in do_task_stat()

In the Linux kernel, the following vulnerability has been resolved: procfs: fix missing RCU protection when reading realparent in dotaskstat When reading /proc/pid/stat, dotaskstat accesses task-realparent without proper RCU protection, which leads to: cpu 0 cpu 1 ----- ----- dotaskstat var =...

7.8CVSS0.0012EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the procfs module’s lack of RCU protection when reading task-realparent in the dotaskstat functio...

7.8CVSS5.3AI score0.0012EPSS
Exploits0References8
NVD
NVD
added 2026/06/01 3:16 p.m.18 views

CVE-2025-60481

A NULL pointer dereference in the gfodfac4cfgdsiv1 function /odf/descriptors.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted AC4 file...

5.5CVSS0.00143EPSS
Exploits0References5
Snyk
Snyk
added 2026/05/29 11:52 p.m.14 views

Malicious Package

Overview @t-in-one/applicationidstoragekeytoken is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization...

9.8CVSS5.8AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/29 4:35 p.m.6 views

CVE-2026-9194

REJECT DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage...

5.8AI score
Exploits0References1
NVD
NVD
added 2026/05/29 2:16 p.m.16 views

CVE-2026-40528

OpenSC before 0.27.0, fixed in commit 0358817, contains a stack and heap buffer overrun vulnerability in the dokeyvalue function in src/pkcs15init/profile.c that allows attackers to corrupt memory by supplying a crafted profile configuration file. During pkcs15-init invocation, a key value entry...

7.8CVSS0.00146EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/29 1:38 p.m.11 views

CVE-2026-40528 OpenSC < 0.27.0 Buffer Overrun in do_key_value() via profile.c

OpenSC before 0.27.0, fixed in commit 0358817, contains a stack and heap buffer overrun vulnerability in the dokeyvalue function in src/pkcs15init/profile.c that allows attackers to corrupt memory by supplying a crafted profile configuration file. During pkcs15-init invocation, a key value entry...

3.8CVSS5.9AI score0.00146EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/29 1:38 p.m.38 views

CVE-2026-40528 OpenSC < 0.27.0 Buffer Overrun in do_key_value() via profile.c

OpenSC before 0.27.0, fixed in commit 0358817, contains a stack and heap buffer overrun vulnerability in the dokeyvalue function in src/pkcs15init/profile.c that allows attackers to corrupt memory by supplying a crafted profile configuration file. During pkcs15-init invocation, a key value entry...

3.8CVSS0.00146EPSS
Exploits0References2
NVD
NVD
added 2026/05/28 10:16 a.m.27 views

CVE-2026-46173

In the Linux kernel, the following vulnerability has been resolved: exit: prevent preemption of oopsing TASKDEAD task When an already-exiting task oopses, maketaskdead currently calls dotaskdead with preemption enabled. That is forbidden: dotaskdead calls schedule, which has a comment saying...

7.8CVSS0.00126EPSS
Exploits0References7
EUVD
EUVD
added 2026/05/28 8:25 a.m.11 views

EUVD-2024-55603

Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run arbitrary client-side code via the site parameter of handleloginform.do...

5.1CVSS6AI score0.00319EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/28 8:25 a.m.10 views

CVE-2024-47097

Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run arbitrary client-side code via the site parameter of handleloginform.do...

5.1CVSS6AI score0.00319EPSS
Exploits0References2
OSV
OSV
added 2026/05/27 11:16 a.m.8 views

UBUNTU-CVE-2026-45837

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in arenavmclose on fork arenavmopen only bumps vml-mmapcount but never registers the child VMA in arena-vmalist. The vml-vma always points at the parent VMA, so after parent munmap the pointer dangles. If...

7.8CVSS5.7AI score0.00116EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/27 9:24 a.m.9 views

CVE-2026-45837

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in arenavmclose on fork arenavmopen only bumps vml-mmapcount but never registers the child VMA in arena-vmalist. The vml-vma always points at the parent VMA, so after parent munmap the pointer dangles. If...

5.7AI score0.00116EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/05/27 9:24 a.m.14 views

EUVD-2026-32163

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in arenavmclose on fork arenavmopen only bumps vml-mmapcount but never registers the child VMA in arena-vmalist. The vml-vma always points at the parent VMA, so after parent munmap the pointer dangles. If...

5.8AI score0.00116EPSS
Exploits0References4
Snyk
Snyk
added 2026/05/26 11:56 a.m.8 views

Malicious Package

Overview license-checker-plus is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Rows per page
Query Builder