Lucene search
+L

187 matches found

euvd
euvd
added 2026/07/01 1:32 p.m.7 views

EUVD-2026-40983

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrack: destroy stale expectfn expectations on unregister NAT helpers such as nfnath323 store a raw pointer to module text in exp-expectfn e.g. ipnatq931expect. nfcthelperexpectfnunregister only unlinks the callba...

5.9AI score0.00161EPSS
Exploits0References6
osv
osv
added 2026/06/30 11:9 p.m.6 views

SUSE-SU-2026:22436-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. - CVE-2025-68822: Input: alps - fix use-after-free bugs caused by...

9.8CVSS7AI score0.0053EPSS
Exploits1References145
osv
osv
added 2026/06/30 5:41 p.m.2 views

SUSE-SU-2026:22433-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. - CVE-2025-38549: efivarfs: Fix memory leak of efivarfsfsinfo in...

9.8CVSS7.4AI score0.93235EPSS
Exploits59References350
osv
osv
added 2026/06/30 11:7 a.m.2 views

SUSE-SU-2026:22458-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. - CVE-2025-38549: efivarfs: Fix memory leak of efivarfsfsinfo in...

9.8CVSS6.6AI score0.93235EPSS
Exploits59References350
mscve
mscve
added 2026/06/27 8:15 a.m.2 views

netfilter: nft_ct: fix missing expect put in obj eval

...

5.5CVSS6.1AI score0.00128EPSS
Exploits0
redhatcve
redhatcve
added 2026/06/26 11:41 a.m.8 views

CVE-2026-52970

A flaw was found in the netfilter: nftct component of the Linux kernel. The nftctexpectobjeval function allocates an expectation but fails to release its local reference. This oversight leads to a resource leak, which could potentially allow a local attacker to cause a denial of service by...

7CVSS5.7AI score0.00128EPSS
Exploits0References4
nvd
nvd
added 2026/06/24 5:17 p.m.7 views

CVE-2026-52970

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: fix missing expect put in obj eval nftctexpectobjeval allocates an expectation and may call nfctexpectrelated, but never drops its local reference. Add nfctexpectputexp before return to balance allocation...

5.5CVSS0.00128EPSS
Exploits0References8
osv
osv
added 2026/06/24 4:28 p.m.1 views

CVE-2026-52970 netfilter: nft_ct: fix missing expect put in obj eval

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: fix missing expect put in obj eval nftctexpectobjeval allocates an expectation and may call nfctexpectrelated, but never drops its local reference. Add nfctexpectputexp before return to balance allocation...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References11
attackerkb
attackerkb
added 2026/06/24 4:28 p.m.7 views

CVE-2026-52970

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: fix missing expect put in obj eval nftctexpectobjeval allocates an expectation and may call nfctexpectrelated, but never drops its local reference. Add nfctexpectputexp before return to balance allocation...

5.7AI score0.00128EPSS
Exploits0References9Affected Software1
osv
osv
added 2026/05/28 12:0 a.m.17 views

ALSA-2026:21557 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: j1939: j1939sessionnew: fix skb reference counting CVE-2024-56645 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183 kernel: mm: thp: deny...

9.4CVSS6.8AI score0.00591EPSS
Exploits0References38
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux - Vulnerability in Golang-1.19

The net/http HTTP/1.1 client mishandled the situation where a server responds to a request with an “Expect: 100-continue” header with a non-informational 200 or higher status. This mishandling could leave a client connection in an invalid state, causing the next request sent on that connection to...

7.5CVSS6.7AI score0.01414EPSS
Exploits0References2
ossf
ossf
added 2026/05/19 12:0 a.m.17 views

Malicious code in jest-expect (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References5
vulnersosv
vulnersosv
added 2026/05/18 9:0 p.m.7 views

@join-com/jest-matchers (>=1.0.0 <=1.0.1), jest-expect (=0.0.1) +1 more potentially affected by unknown CVE via fixed-round (=1.0.2)

fixed-round NPM version =1.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on fixed-round and may be impacted: - @join-com/jest-matchers =1.0.0, =0.0.1, =0.0.2 Source cves: unknown CVE Source advisory: SNYK:JS-FIXEDROUND-16754972...

5.5AI score
Exploits0
vulnersosv
vulnersosv
added 2026/05/18 9:0 p.m.8 views

@join-com/jest-matchers (>=1.0.0 <=1.0.1), jest-expect (=0.0.1) +1 more potentially affected by unknown CVE via fixed-round (=1.0.2)

fixed-round NPM version =1.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on fixed-round and may be impacted: - @join-com/jest-matchers =1.0.0, =0.0.1, =0.0.2 Source cves: unknown CVE Source advisory: SNYK:JS-FIXEDROUND-16754804...

5.5AI score
Exploits0
vulnersosv
vulnersosv
added 2026/05/18 9:0 p.m.6 views

@join-com/jest-matchers (>=1.0.0 <=1.0.1) potentially affected by unknown CVE via jest-expect (=0.0.1)

jest-expect NPM version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on jest-expect and may be impacted: - @join-com/jest-matchers =1.0.0, =1.0.1 Source cves: unknown CVE Source advisory: SNYK:JS-JESTEXPECT-16755085...

5.5AI score
Exploits0
vulnersosv
vulnersosv
added 2026/05/18 9:0 p.m.5 views

@join-com/jest-matchers (>=1.0.0 <=1.0.1) potentially affected by unknown CVE via jest-expect (=0.0.1)

jest-expect NPM version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on jest-expect and may be impacted: - @join-com/jest-matchers =1.0.0, =1.0.1 Source cves: unknown CVE Source advisory: SNYK:JS-JESTEXPECT-16754916...

5.5AI score
Exploits0
susecve
susecve
added 2026/05/07 2:18 a.m.12 views

SUSE CVE-2026-43116

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: ensure safe access to master conntrack Holding reference on the expectation is not sufficient, the master conntrack object can just go away, making exp-master invalid. To access exp-master safely: - Grab the...

5.5CVSS5.5AI score0.00096EPSS
Exploits0References5
euvd
euvd
added 2026/05/06 12:30 p.m.8 views

EUVD-2026-27641

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: ensure safe access to master conntrack Holding reference on the expectation is not sufficient, the master conntrack object can just go away, making exp-master invalid. To access exp-master safely: - Grab the...

5.5AI score0.00096EPSS
Exploits0References4
nvd
nvd
added 2026/05/06 10:16 a.m.26 views

CVE-2026-43116

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: ensure safe access to master conntrack Holding reference on the expectation is not sufficient, the master conntrack object can just go away, making exp-master invalid. To access exp-master safely: - Grab the...

7.8CVSS0.00096EPSS
Exploits0References6
cvelist
cvelist
added 2026/05/06 7:40 a.m.37 views

CVE-2026-43116 netfilter: ctnetlink: ensure safe access to master conntrack

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: ensure safe access to master conntrack Holding reference on the expectation is not sufficient, the master conntrack object can just go away, making exp-master invalid. To access exp-master safely: - Grab the...

7.8CVSS0.00096EPSS
Exploits0References6
Rows per page
Query Builder