Lucene search
+L

222 matches found

Positive Technologies
Positive Technologies
added 2026/07/09 12:0 a.m.5 views

PT-2026-57027

Name of the Vulnerable Software and Affected Versions YesWiki versions prior to 4.6.6 Description An issue exists in the erasespamedcomments wiki action, located in actions/EraseSpamedCommentsAction.php, which allows unauthenticated users to permanently delete arbitrary wiki pages. The action...

9.1CVSS6.2AI score0.00052EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/24 6:32 p.m.6 views

EUVD-2026-38815

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: fix refcount saturation and potential UAF in qrtrportremove In qrtrportremove, the socket reference count is decremented via sockput before the port is removed from the qrtrports XArray and before the RCU grace period...

5.7AI score0.00135EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/06/24 4:26 p.m.36 views

CVE-2026-52947 net: qrtr: fix refcount saturation and potential UAF in qrtr_port_remove

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: fix refcount saturation and potential UAF in qrtrportremove In qrtrportremove, the socket reference count is decremented via sockput before the port is removed from the qrtrports XArray and before the RCU grace period...

7.8CVSS0.00135EPSS
Exploits0References8
CVE
CVE
added 2026/06/24 4:26 p.m.18 views

CVE-2026-52947

The CVE-2026-52947 issue affects the Linux kernel qrtr subsystem, specifically in qrtr_port_remove(), where the socket reference count is decremented via __sock_put() before the port is removed from the qrtr_ports XArray and before the RCU grace period elapses. This creates a race window where a ...

7.8CVSS5.7AI score0.00135EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2026/06/24 4:26 p.m.2 views

CVE-2026-52947 net: qrtr: fix refcount saturation and potential UAF in qrtr_port_remove

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: fix refcount saturation and potential UAF in qrtrportremove In qrtrportremove, the socket reference count is decremented via sockput before the port is removed from the qrtrports XArray and before the RCU grace period...

7.8CVSS5.8AI score0.00135EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-51841

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the qrtr port remove function where the socket reference count is decremented using sock put before the port is removed from the qrtr ports XArray and before the RCU...

7.8CVSS5.7AI score0.00135EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2026/06/10 2:25 a.m.20 views

SUSE CVE-2026-46316

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry vgicitsinvalidatecache walks the per-ITS translation cache with xaforeach and drops the cache's reference on each entry with vgicputirq. It puts...

7.8CVSS5.4AI score0.00202EPSS
Exploits1References11
NVD
NVD
added 2026/06/09 1:16 p.m.22 views

CVE-2026-46316

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry vgicitsinvalidatecache walks the per-ITS translation cache with xaforeach and drops the cache's reference on each entry with vgicputirq. It puts...

9.3CVSS0.00202EPSS
Exploits1References11
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mtd: spi-nor: The issue of out-of-bounds shift during spinorseterasetype has been fixed. spinorseterasetype was used either to set or to mask an erase type. When it was used to mask an erase type, an out-of-bounds condition...

5.9AI score0.00168EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Vim

A heap-based buffer overflow vulnerability exists in the cmdlineerasechars function in the GitHub repository for Vim/Vim, prior to version 8.2.4899. These vulnerabilities could cause software to crash, modify memory, and potentially allow for remote execution...

7.8CVSS7.2AI score0.02481EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.5 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013564)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013564 advisory. In the Linux kernel, the following vulnerability has been resolved: mtd: spi-nor: Fix shift-out-of-bounds in spinorseterasetype spinorseterasetype was used either to...

5.6AI score0.00168EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.7 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011073)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011073 advisory. In the Linux kernel, the following vulnerability has been resolved: ubi: Fix UAF wear-leveling entry in eraseblkcountseqshow Wear-leveling entry could be freed in...

5.8AI score0.00219EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.6 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011155)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011155 advisory. In the Linux kernel, the following vulnerability has been resolved: mtd: spi-nor: Fix shift-out-of-bounds in spinorseterasetype spinorseterasetype was used either to...

5.7AI score0.00168EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/04/03 11:27 p.m.7 views

SUSE CVE-2026-23434

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: serialize lock/unlock against other NAND operations nandlock and nandunlock call into chip-ops.lockarea/unlockarea without holding the NAND device lock. On controllers that implement SETFEATURES via multiple low-lev...

6.1CVSS5.7AI score0.00132EPSS
Exploits0References16
NVD
NVD
added 2026/04/03 4:16 p.m.5 views

CVE-2026-23434

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: serialize lock/unlock against other NAND operations nandlock and nandunlock call into chip-ops.lockarea/unlockarea without holding the NAND device lock. On controllers that implement SETFEATURES via multiple low-lev...

7.1CVSS0.00132EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2026/04/03 4:16 p.m.4 views

CVE-2026-23434

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: serialize lock/unlock against other NAND operations nandlock and nandunlock call into chip-ops.lockarea/unlockarea without holding the NAND device lock. On controllers that implement SETFEATURES via multiple low-lev...

7.1CVSS5.8AI score0.00132EPSS
Exploits0References8
CVE
CVE
added 2026/04/03 3:15 p.m.15 views

CVE-2026-23434

CVE-2026-23434 affects the Linux kernel MTD NAND driver (mtd: rawnand) where nand_lock()/nand_unlock() call into chip->ops.lock_area/unlock_area without holding the NAND device lock. The fix introduces serialisation by wrapping those lock/unlock calls with nand_get_device()/nand_release_device...

7.1CVSS5.8AI score0.00132EPSS
Exploits0References10Affected Software1
OSV
OSV
added 2026/04/03 3:15 p.m.2 views

CVE-2026-23434 mtd: rawnand: serialize lock/unlock against other NAND operations

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: serialize lock/unlock against other NAND operations nandlock and nandunlock call into chip-ops.lockarea/unlockarea without holding the NAND device lock. On controllers that implement SETFEATURES via multiple low-lev...

7.1CVSS5.8AI score0.00132EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.12 views

PT-2026-30129

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained a flaw where nand lock and nand unlock functions did not hold the NAND device lock when calling chip-ops.lock area/unlock area. This could lead to race...

7.1CVSS5.4AI score0.00132EPSS
Exploits0References470
RedhatCVE
RedhatCVE
added 2026/03/05 1:57 a.m.7 views

CVE-2025-70342

erase-install prior to v40.4 commit 2c31239 writes swiftDialog credential output to a hardcoded path /var/tmp/dialog.json. This allows an unauthenticated attacker to intercept admin credentials entered during reinstall/erase operations via creating a named pipe...

6.6CVSS5.9AI score0.00241EPSS
Exploits2References1
Rows per page
Query Builder