Lucene search
K

907 matches found

NVD
NVD
added 2026/05/01 3:16 p.m.5 views

CVE-2026-31733

In the Linux kernel, the following vulnerability has been resolved: schedext: Fix stale direct dispatch state in ddspdsqid @p-scx.ddspdsqid can be left set non-SCXDSQINVALID triggering a spurious warning in markdirectdispatch when the next wakeup's ops.selectcpu calls scxbpfdsqinsert, such as:...

5.5CVSS0.0013EPSS
Exploits0References4
NVD
NVD
added 2026/05/01 2:16 p.m.6 views

CVE-2026-31707

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate response sizes in ipcvalidatemsg ipcvalidatemsg computes the expected message size for each response type by adding or multiplying attacker-controlled fields from the daemon response to a fixed struct size in...

7.1CVSS0.00125EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/01 2:14 p.m.5 views

CVE-2026-31734

In the Linux kernel, the following vulnerability has been resolved: schedext: Fix isbpfmigrationdisabled false negative on non-PREEMPTRCU Since commit 8e4f0b1ebcf2 "bpf: use rcureadlockdontmigrate for trampoline.c", the BPF prolog bpfprogenter calls migratedisable only when CONFIGPREEMPTRCU is...

5.8AI score0.00121EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/05/01 2:14 p.m.31 views

CVE-2026-31734 sched_ext: Fix is_bpf_migration_disabled() false negative on non-PREEMPT_RCU

In the Linux kernel, the following vulnerability has been resolved: schedext: Fix isbpfmigrationdisabled false negative on non-PREEMPTRCU Since commit 8e4f0b1ebcf2 "bpf: use rcureadlockdontmigrate for trampoline.c", the BPF prolog bpfprogenter calls migratedisable only when CONFIGPREEMPTRCU is...

0.00121EPSS
Exploits0References3
CVE
CVE
added 2026/05/01 1:56 p.m.25 views

CVE-2026-31707

The CVE-2026-31707 issue affects the Linux kernel ksmbd component. The overflow vulnerability in ipc_validate_msg() arises from arithmetic on attacker-controlled fields when computing per-response message sizes, allowing wraparound in three cases (RPC_REQUEST, SHARE_CONFIG_REQUEST, LOGIN_REQUEST_...

7.1CVSS5.8AI score0.00125EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/05/01 1:56 p.m.35 views

CVE-2026-31707 ksmbd: validate response sizes in ipc_validate_msg()

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate response sizes in ipcvalidatemsg ipcvalidatemsg computes the expected message size for each response type by adding or multiplying attacker-controlled fields from the daemon response to a fixed struct size in...

7.1CVSS0.00125EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.5 views

PT-2026-36368

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the sched ext component where the ddsp dsq id state can remain set non-SCX DSQ INVALID, leading to a spurious warning in the mark direct dispatch function. This occurs...

5.5CVSS5.8AI score0.0013EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/04/28 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-31460

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: check if extcaps is valid in BL setup LVDS connectors don't have extended...

5.5CVSS5.9AI score0.00107EPSS
Exploits0References2
OSV
OSV
added 2026/04/25 6:30 a.m.5 views

GHSA-HFFM-XVC3-VPRC simple-git is vulnerable to Remote Code Execution

Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution RCE due to an incomplete fix for CVE-2022-25912 that blocks the -c option but not the equivalent --config form. If untrusted input can reach the options argument passed to simple-git, an attacker may still...

9.8CVSS6.5AI score0.00877EPSS
Exploits1References5
NVD
NVD
added 2026/04/25 6:16 a.m.14 views

CVE-2026-6951

Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution RCE due to an incomplete fix for CVE-2022-25912 that blocks the -c option but not the equivalent --config form. If untrusted input can reach the options argument passed to simple-git, an attacker may still...

9.8CVSS0.00877EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2026/04/25 5:0 a.m.4 views

CVE-2026-6951

Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution RCE due to an incomplete fix for CVE-2022-25912 that blocks the -c option but not the equivalent --config form. If untrusted input can reach the options argument passed to simple-git, an attacker may still...

9.8CVSS6.5AI score0.00877EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/04/25 5:0 a.m.6 views

CVE-2026-6951

Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution RCE due to an incomplete fix for CVE-2022-25912 that blocks the -c option but not the equivalent --config form. If untrusted input can reach the options argument passed to simple-git, an attacker may still...

9.8CVSS6.5AI score0.00877EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/04/25 5:0 a.m.46 views

CVE-2026-6951

Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution RCE due to an incomplete fix for CVE-2022-25912 that blocks the -c option but not the equivalent --config form. If untrusted input can reach the options argument passed to simple-git, an attacker may still...

9.8CVSS0.00877EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/04/25 12:0 a.m.7 views

PT-2026-35132

Name of the Vulnerable Software and Affected Versions simple-git versions prior to 3.36.0 Description A Remote Code Execution RCE issue exists in the simple-git Node.js library due to improper code generation management and an incomplete fix for a previous flaw. The issue occurs because the...

10CVSS7.5AI score0.00877EPSS
Exploits2References141
vulnersOsv
vulnersOsv
added 2026/04/24 2:1 a.m.7 views

ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.46.0.1), ai.h2o:h2o-algos (>=3.0.0.5 <=3.46.0.1) +44 more potentially affected by CVE-2026-3960 via ai.h2o:h2o-core (>=3.0.0.12 <=3.46.0.1)

ai.h2o:h2o-core MAVEN version =3.0.0.12, =3.34.0.1, =3.0.0.5, =3.0.0.5, =3.12.0.1, =3.10.0.1, =3.14.0.7, =3.16.0.1, =3.14.0.1, =3.24.0.1, =3.30.1.1, =3.26.0.4, =3.10.5.1, =3.24.0.1, =3.30.0.1, =3.34.0.3, =3.46.0.1 and more Source cves: CVE-2026-3960 Source advisory: SNYK:JAVA-AIH2O-16417170...

9.8CVSS6.5AI score0.00938EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2026/04/23 1:26 a.m.10 views

SUSE CVE-2026-31447

In the Linux kernel, the following vulnerability has been resolved: ext4: reject mount if bigalloc with sfirstdatablock != 0 bigalloc with sfirstdatablock != 0 is not supported, reject mounting it...

5.6AI score0.00135EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.16 views

PT-2026-34356

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ext4 read inline folio function where the use of BUG ON when inline data size exceeds PAGE SIZE can lead to a kernel panic. The fix replaces this with proper error...

7.1CVSS5.7AI score0.00126EPSS
Exploits0References118
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.8 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013166)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013166 advisory. In the Linux kernel, the following vulnerability has been resolved: staging: ks7010: potential buffer overflow in kswlansetencodeext The exc-keylen is a u16 that com...

7.8CVSS6.1AI score0.00169EPSS
Exploits0References4
Fedora
Fedora
added 2026/04/02 1:6 a.m.8 views

[SECURITY] Fedora 43 Update: rust-scx_rusty-0.5.4-8.fc43

A multi-domain, BPF / user space hybrid scheduler used within schedext, which is a Linux kernel feature which enables implementing kernel thread schedulers in BPF and dynamically loading them. https://github.com/sched-ext/scx/tree/main...

6.5CVSS5.9AI score0.00379EPSS
Exploits1
Fedora
Fedora
added 2026/04/02 1:6 a.m.9 views

[SECURITY] Fedora 43 Update: rust-scx_rustland-0.0.3-8.fc43

A BPF component dispatcher that implements the low level sched-ext functionalities and a user-space counterpart scheduler, written in Rust, that implements the actual scheduling policy. This is used within schedext, which is a Linux kernel feature which enables implementing kernel thread schedule...

6.5CVSS5.9AI score0.00379EPSS
Exploits1
Rows per page
Query Builder