Lucene search
K

1263 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.11 views

EulerOS 2.0 SP15 : kernel (EulerOS-SA-2026-2444)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : crypto: algifaead - Revert to operating out-of-placeCVE-2026-31431 bpf: Fix undefined behavior in interpreter sdiv/smod for INTMINCVE-2026-31525...

9.8CVSS7AI score0.96267EPSS
Exploits232References84
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecishtp: Fixed a UAF issue after unbinding the driver. After unbinding the driver, another kthread named crosecconsolelogwork still accesses the device, resulting in a UAF and system crash. The driver does no...

5.9AI score0.00173EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: leds: led-class: Only add the LED to ledslist when it is fully ready. Before this change, the LED was added to ledslist before the ledinitcore function was called—that is, before ledclassdev.setbrightnesswork was initialized. Thi...

4.7CVSS6AI score0.0012EPSS
Exploits0References2
CVE
CVE
added 2026/06/18 10:21 a.m.30 views

CVE-2026-54419

PIAF-HMS (PBX-In-A-Flash Hotel Management System) contains multiple unauthenticated SQL injection vulnerabilities. The app has no authentication and passes user-supplied HTTP parameters directly into deprecated mysql_query() calls via string concatenation, without sanitization, escaping, or param...

9.8CVSS5.8AI score0.00587EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.8 views

Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2025-40263)

In the Linux kernel, the following vulnerability has been resolved: Input: croseckeyb - fix an invalid memory access If croseckeybregistermatrix isn't called due to buttonsswitchesonly in croseckeybprobe, ckdev-idev remains NULL. An invalid memory access is observed in croseckeybprocess when...

5.9AI score0.00167EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/02 12:0 a.m.9 views

Security update for libjxl (important)

openSUSE Security Update: Security update for libjxl Announcement ID: openSUSE-SU-2026:0182-1 Rating: important References: 1266460 Cross-References: CVE-2025-70103 CVSS scores: CVE-2025-70103 SUSE: 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Affected Products: openSUSE...

9.2CVSS5.8AI score0.00367EPSS
Exploits0References1
CVE
CVE
added 2026/06/01 9:22 p.m.68 views

CVE-2026-40965

Cloud Foundry UAA versions v76.12.0–v78.12.0 expose EC private keys via the public /token_keys endpoint, enabling private key disclosure for EC-based JWT signing. Affected components: uaa_release (v76.12.0–v78.12.0) and CF Deployment (v30.0.0–v56.0.0). Root cause: misexposure of EC private key ma...

10CVSS5.8AI score0.00346EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/29 5:54 a.m.14 views

CVE-2026-9493

Service Center developed by BankPro E-Service Technology has an Insecure Direct Object Reference vulnerability, allowing authenticated remote attackers to modify the parameter of a specific query function to access other users' EC order details...

7.1CVSS5.8AI score0.00259EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/28 9:11 p.m.12 views

CVE-2026-46134

A flaw was found in the Linux kernel's crosectypec component. This vulnerability occurs because a mutex, a mechanism used to prevent simultaneous access to shared resources, was not properly initialized during Thunderbolt registration. This oversight can lead to a NULL dereference, potentially...

5.5CVSS5.8AI score0.00126EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the data-lock mutex is not initialized during Thunderbolt registration using...

5.8AI score0.00126EPSS
Exploits0References3
Amazon
Amazon
added 2026/05/26 12:0 a.m.23 views

Important: kernel6.18

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE CVE-2026-23401 In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Only WARN in direct MMUs when overwriti...

9.8CVSS6.2AI score0.00533EPSS
Exploits4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in krb5

In kdc/kdcpreauthec.c of the Key Distribution Center KDC in MIT Kerberos 5 also known as krb5, before versions 1.18.4 and 1.19.x, and before version 1.19.2, remote attackers could exploit a vulnerability that led to a NULL pointer dereferencing and a crash of the daemon. This occurs because the...

7.5CVSS6.9AI score0.10276EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ACPI: EC: Fixed an oops error when removing custom query handlers. When removing custom query handlers, the handler may still be used within the EC query workqueue. This could lead to a kernel oops if the module that holds the...

5.6AI score0.00177EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecuart: properly fixed the race condition The crosecuartprobe function calls devmserdevdeviceopen before calling serdevdevicesetclientops. This can lead to a NULL pointer dereference: BUG: NULL pointer...

4.7CVSS5.9AI score0.00172EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: croseccodec: Fixed a refcount leak in croseccodecplatformprobe. The ofparsephandle function returns a node pointer with a refcount incremented; we should use ofnodeput on it when there is no longer a need for it. Add the...

5.5CVSS6AI score0.00159EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.10 views

Amazon Linux 2023 : editorconfig, editorconfig-devel, editorconfig-libs (ALAS2023-2026-1642)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1642 advisory. editorconfig-core-c is an EditorConfig core library for use by plugins supporting EditorConfig parsing. Versions up to and including 0.12.10 have a stack-based buffer overflow in ecglob that allows an...

8.6CVSS6.1AI score0.00965EPSS
Exploits1References4
OSV
OSV
added 2026/05/09 12:33 p.m.8 views

OESA-2026-2258 editorconfig security update

EditorConfig makes it easy to maintain the correct coding style when switching between different text editors and between different projects. The EditorConfig project maintains a file format and plugins for various text editors which allow this file format to be read and used by those editors...

8.6CVSS6.1AI score0.00151EPSS
Exploits1References2
GithubExploit
GithubExploit
added 2026/05/06 11:11 p.m.141 views

Exploit for Incorrect Implementation of Authentication Algorithm in Google Android

╔═════════════════════════════════════════════════════════...

8.8CVSS5.9AI score0.00541EPSS
Exploits12
GithubExploit
GithubExploit
added 2026/05/06 5:44 p.m.152 views

Exploit for Incorrect Implementation of Authentication Algorithm in Google Android

CVE-2026-0073 PoC Wireless ADB TLS Auth Bypass This directo...

8.8CVSS6AI score0.00541EPSS
Exploits12
NVD
NVD
added 2026/05/06 12:16 p.m.48 views

CVE-2026-43283

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ecbhf: Fix dmafreecoherent dma handle dmafreecoherent in error path takes priv-rxbuf.alloclen as the dma handle. This would lead to improper unmapping of the buffer. Change the dma handle to priv-rxbuf.allocphys...

8.8CVSS0.0012EPSS
Exploits0References8
Rows per page
Query Builder