Lucene search
K

11 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Sleepable kprobemulti programs are rejected during attachment. kprobe.multi programs run in atomic/RCU contexts and cannot sleep. However, bpfkprobemultilinkattach did not validate whether the program being attached had the...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 11:16 p.m.10 views

PYSEC-2026-215

Internationalized Domain Names in Applications IDNA for Python provides support for Internationalized Domain Names in Applications IDNA and Unicode IDNA Compatibility Processing. In versions prior to 3.15, payloads such as "\u0660" N or "\u30fb" N + "\u6f22" utilize the validcontexto function pri...

5.3CVSS6.1AI score0.00408EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 11:16 p.m.8 views

UBUNTU-CVE-2026-45409

Internationalized Domain Names in Applications IDNA for Python provides support for Internationalized Domain Names in Applications IDNA and Unicode IDNA Compatibility Processing. In versions prior to 3.15, payloads such as "\u0660" N or "\u30fb" N + "\u6f22" utilize the validcontexto function pri...

6.9CVSS5.4AI score0.00408EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/05 10:6 p.m.11 views

EUVD-2026-34921

Internationalized Domain Names in Applications IDNA for Python provides support for Internationalized Domain Names in Applications IDNA and Unicode IDNA Compatibility Processing. In versions prior to 3.15, payloads such as "\u0660" N or "\u30fb" N + "\u6f22" utilize the validcontexto function pri...

7.5CVSS5.4AI score0.01386EPSS
Exploits1References1
OSV
OSV
added 2026/05/19 2:34 p.m.13 views

GHSA-65PC-FJ4G-8RJX Internationalized Domain Names in Applications (IDNA): Specially crafted inputs to idna.encode() can bypass CVE-2024-3651 fix

This is the same issue as CVE-2024-3651, however the original remediation in 2024 was not a complete fix. Payloads such as "\u0660" N or "\u30fb" N + "\u6f22" utilize the validcontexto function prior to length rejection, and for high values of N will take a long time to process. Impact A speciall...

6.9CVSS6.4AI score0.00408EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.13 views

PT-2026-41956

Name of the Vulnerable Software and Affected Versions idna versions prior to 3.14 Description A specially crafted argument passed to the idna.encode function can consume significant system resources, potentially leading to a denial-of-service. This occurs because payloads containing specific...

6.9CVSS6.4AI score0.00408EPSS
Exploits0References306
CVE
CVE
added 2025/11/12 10:26 a.m.22 views

CVE-2025-40167

CVE-2025-40167 affects the Linux kernel ext4 filesystem. The issue occurs when an inode has both INLINE_DATA and EXTENTS flags set, causing ext4_es_cache_extent() to BUG_ON due to unvalidated out-of-order extents while opening a verity file on a corrupted ext4 FS mounted without a journal. Invest...

5.9AI score0.00175EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-25558

Malicious code in bioql PyPI...

7.5AI score0.00147EPSS
Exploits0References6
NVD
NVD
added 2025/08/22 4:15 p.m.5 views

CVE-2025-38644

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: reject TDLS operations when station is not associated syzbot triggered a WARN in ieee80211tdlsoper by sending NL80211TDLSENABLELINK immediately after NL80211CMDCONNECT, before association completed and without pri...

5.5CVSS0.00147EPSS
Exploits0References7
OSV
OSV
added 2025/08/22 4:0 p.m.5 views

CVE-2025-38644 wifi: mac80211: reject TDLS operations when station is not associated

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: reject TDLS operations when station is not associated syzbot triggered a WARN in ieee80211tdlsoper by sending NL80211TDLSENABLELINK immediately after NL80211CMDCONNECT, before association completed and without pri...

5.5CVSS6.4AI score0.00147EPSS
Exploits0References10
Github Security Blog
Github Security Blog
added 2021/06/01 9:18 p.m.46 views

Improper Verification of Cryptographic Signature in aws-encryption-sdk-cli

Impact This advisory addresses several LOW severity issues with streaming signed messages and restricting processing of certain types of invalid messages. This ESDK supports a streaming mode where callers may stream the plaintext of signed messages before the ECDSA signature is validated. In...

0.5AI score
Exploits0References2Affected Software1
Rows per page
Query Builder