Lucene search
K

979 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/06 11:28 a.m.7 views

CVE-2026-43260

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix RSS context delete logic We need to free the corresponding RSS context VNIC in FW everytime an RSS context is deleted in driver. Commit 667ac333dbb7 added a check to delete the VNIC in FW only when netifrunning is tru...

5.8AI score0.00138EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/05/06 11:28 a.m.51 views

CVE-2026-43229

The CVE-2026-43229 issue affects the Linux kernel via the chips-media wave5 driver. The root cause is an incorrect device cleanup order: video device unregistration was performed after power/runtime disable and hardware power-down, allowing a kthread worker to read hardware registers after autosu...

5.5CVSS5.7AI score0.00127EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/06 11:28 a.m.5 views

CVE-2026-43229

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix device cleanup order to prevent kernel panic Move video device unregistration to the beginning of the remove function to ensure all video operations are stopped before cleaning up the worker thread...

5.7AI score0.00127EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/06 11:27 a.m.7 views

CVE-2026-43127

In the Linux kernel, the following vulnerability has been resolved: ntfs3: fix circular locking dependency in rununpackex Syzbot reported a circular locking dependency between wnd-rwlock sbi-used.bitmap and ni-file.runlock. The deadlock scenario: 1. ntfsextendmft takes ni-file.runlock then...

5.5CVSS5.7AI score0.00093EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-43141

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ntb: ntbhwswitchtec: Fix shift-out-of-bounds for 0 mw lut Number of MW LUTs depends on NTB configuration and can be set to zero, in such scenario...

7.1CVSS7AI score0.00131EPSS
Exploits0References2
CVE
CVE
added 2026/05/01 2:14 p.m.22 views

CVE-2026-31758

The CVE-2026-31758 entry affects the Linux kernel usbtmc implementation. The vulnerability arises when releasing USB Test & Measurement Channels: pending anchored URBs are not flushed or killed during usbtmc_release, allowing use-after-free conditions (notably in the Host Controller Driver giveba...

7.8CVSS5.7AI score0.00126EPSS
Exploits0References8Affected Software1
EUVD
EUVD
added 2026/05/01 2:14 p.m.14 views

EUVD-2026-26571

In the Linux kernel, the following vulnerability has been resolved: usb: usbtmc: Flush anchored URBs in usbtmcrelease When calling usbtmcrelease, pending anchored URBs must be flushed or killed to prevent use-after-free errors e.g. in the HCD giveback path. Call usbtmcdrawdown to allow anchored...

5.7AI score0.00126EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.20 views

PT-2026-36393

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free error exists in the usbtmc release function. This occurs because pending anchored URBs USB Request Blocks are not properly flushed or killed, which can lead to memory...

8.1CVSS5.9AI score0.00205EPSS
Exploits0References420
Tenable Nessus
Tenable Nessus
added 2026/04/28 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-31691

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - igb: remove napisynchronize in igbdown When an AFXDP zero-copy application terminates abruptly e.g., kill -9, the XSK buffer pool is destroyed but NAPI polling...

5.5CVSS6.2AI score0.00112EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/27 5:34 p.m.5 views

CVE-2026-31691

In the Linux kernel, the following vulnerability has been resolved: igb: remove napisynchronize in igbdown When an AFXDP zero-copy application terminates abruptly e.g., kill -9, the XSK buffer pool is destroyed but NAPI polling continues. igbcleanrxirqzc repeatedly returns the full budget,...

5.7AI score0.00112EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/04/27 5:34 p.m.17 views

CVE-2026-31691

The CVE-2026-31691 vulnerability affects the Linux kernel igb driver. It describes a race where igb_down() calls napi_synchronize() before napi_disable(), causing a hang: napi_synchronize() waits on NAPI_STATE_SCHED that never clears, blocking TX and leaving the TX queue stalled. The fix removes ...

5.5CVSS5.7AI score0.00112EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.6 views

PT-2026-35497

In the Linux kernel, the following vulnerability has been resolved: igb: remove napi synchronize in igb down When an AF XDP zero-copy application terminates abruptly e.g., kill -9, the XSK buffer pool is destroyed but NAPI polling continues. igb clean rx irq zc repeatedly returns the full budget,...

5.6AI score0.00112EPSS
Exploits0References6
NVD
NVD
added 2026/04/26 3:16 a.m.9 views

CVE-2026-7014

A flaw has been found in MaxSite CMS up to 109.3. This vulnerability affects unknown code of the component downcount Plugin. This manipulation of the argument ffile/fprefix causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be used. Upgrading...

4.8CVSS0.00269EPSS
Exploits0References7
EUVD
EUVD
added 2026/04/26 2:30 a.m.8 views

EUVD-2026-25690

A flaw has been found in MaxSite CMS up to 109.3. This vulnerability affects unknown code of the component downcount Plugin. This manipulation of the argument ffile/fprefix causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be used. Upgrading...

4.8CVSS3.1AI score0.00269EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/04/26 2:30 a.m.4 views

CVE-2026-7014 MaxSite CMS down_count Plugin cross site scripting

A flaw has been found in MaxSite CMS up to 109.3. This vulnerability affects unknown code of the component downcount Plugin. This manipulation of the argument ffile/fprefix causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be used. Upgrading...

4.8CVSS3.3AI score0.00269EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/04/26 2:30 a.m.38 views

CVE-2026-7014 MaxSite CMS down_count Plugin cross site scripting

A flaw has been found in MaxSite CMS up to 109.3. This vulnerability affects unknown code of the component downcount Plugin. This manipulation of the argument ffile/fprefix causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be used. Upgrading...

4.8CVSS0.00269EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/04/26 12:0 a.m.6 views

PT-2026-35195

A flaw has been found in MaxSite CMS up to 109.3. This vulnerability affects unknown code of the component down count Plugin. This manipulation of the argument f file/f prefix causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be used...

4.8CVSS3.9AI score0.00269EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/04/24 2:45 p.m.7 views

CVE-2026-31655

In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: Keep the NOCHDCP clock enabled Keep the NOCHDCP clock always enabled to fix the potential hang caused by the NoC ADB400 port power down handshake...

5.5CVSS5.2AI score0.00114EPSS
Exploits0
CVE
CVE
added 2026/04/24 2:45 p.m.40 views

CVE-2026-31655

CVE-2026-31655 affects the Linux kernel’s pmdomain: imx8mp-blk-ctrl module, where the NOC_HDCP clock must be kept enabled. The underlying issue is an inconsistent clock state that can disrupt the NoC ADB400 port power‑down handshake, potentially causing a system hang. Reported impact is a DoS-lik...

5.5CVSS5.3AI score0.00114EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/04/24 2:45 p.m.33 views

CVE-2026-31655 pmdomain: imx8mp-blk-ctrl: Keep the NOC_HDCP clock enabled

In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: Keep the NOCHDCP clock enabled Keep the NOCHDCP clock always enabled to fix the potential hang caused by the NoC ADB400 port power down handshake...

0.00114EPSS
Exploits0References5
Rows per page
Query Builder