Lucene search
K

950 matches found

NVD
NVD
added 2026/07/01 9:17 p.m.7 views

CVE-2026-54786

Wasmtime is a runtime for WebAssembly. All versions prior to 24.0.10; versions 25.0.0 through those before 36.0.11; versions 37.0.0 through those before 44.0.3; and versions 45.0.0 and 45.0.1 contain a native implementation of WASIp1 which suffers from a leak in the fdrenumber function where the...

5CVSS0.00217EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/01 8:12 p.m.4 views

CVE-2026-54786

Wasmtime is a runtime for WebAssembly. All versions prior to 24.0.10; versions 25.0.0 through those before 36.0.11; versions 37.0.0 through those before 44.0.3; and versions 45.0.0 and 45.0.1 contain a native implementation of WASIp1 which suffers from a leak in the fdrenumber function where the...

2.3CVSS5.7AI score0.00217EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/25 12:23 p.m.31 views

CVE-2026-40209 Denial of service via IXFR queries

An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by sending IXFR queries. This could be used to cause a denial of service if there is a limit to the number of concurrent connections to this backend, or...

5.3CVSS0.00404EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53005

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - afunix: Drop all SCM attributes for SOCKMAP. SOCKMAP can hide inflight fd from AFUNIX GC. When a socket in SOCKMAP receives skb with inflight fd,...

7.8CVSS6AI score0.00129EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/24 8:15 p.m.5 views

CVE-2026-52814

Gogs is an open source self-hosted Git service. Prior to 0.14.3, the Gogs built-in Go SSH server is vulnerable to an unauthenticated, asymmetric Denial of Service DoS attack. The application accepts inbound TCP connections and passes them to golang.org/x/crypto/ssh.NewServerConn inside a new...

6.9CVSS5.9AI score0.00547EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2026/06/24 5:17 p.m.6 views

CVE-2026-53005

In the Linux kernel, the following vulnerability has been resolved: afunix: Drop all SCM attributes for SOCKMAP. SOCKMAP can hide inflight fd from AFUNIX GC. When a socket in SOCKMAP receives skb with inflight fd, skpsockverdictdataready looks up the mapped socket and enqueue skb to its...

7.8CVSS0.00129EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 4:29 p.m.11 views

CVE-2026-53005

CVE-2026-53005 affects the Linux kernel af_unix SOCKMAP feature. The issue arises from improper handling of SCM attributes when data is passed to SOCKMAP, enabling a use-after-free and inflight-file-descriptor leaks due to inability of GC paths to inspect psock queues after skb redirection. Multi...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.13 views

PT-2026-51899

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.0-rc7 Description An issue exists in the af unix component where SOCKMAP can hide inflight file descriptors from the AF UNIX Garbage Collector GC. When a socket in SOCKMAP receives a socket buffer skb with an...

7.8CVSS5.9AI score0.00129EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fixed stale file descriptors when a usercopy fails. A failed usercopy of the fencerep object will result in a stale entry in the file descriptor table, as putunusedfd will not release that entry. This allows userland ...

7.8CVSS6.2AI score0.00213EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/16 2:20 a.m.11 views

SUSE CVE-2026-45536

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 - 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has...

4CVSS5.3AI score0.00136EPSS
Exploits0References3
NVD
NVD
added 2026/06/12 3:16 p.m.14 views

CVE-2026-45536

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 — 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has...

4CVSS0.00136EPSS
Exploits0References3
OSV
OSV
added 2026/06/12 3:16 p.m.5 views

UBUNTU-CVE-2026-45536

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 — 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has...

4CVSS5.3AI score0.00136EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/12 2:12 p.m.12 views

EUVD-2026-36439

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 — 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has...

4CVSS5.2AI score0.00136EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/12 2:12 p.m.10 views

CVE-2026-45536 Netty: Unix-socket fd receive leaks descriptors when peer sends two at once

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 — 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has...

4CVSS5.2AI score0.00136EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/12 2:12 p.m.33 views

CVE-2026-45536 Netty: Unix-socket fd receive leaks descriptors when peer sends two at once

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 — 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has...

4CVSS0.00136EPSS
Exploits0References3
CVE
CVE
added 2026/06/12 2:12 p.m.54 views

CVE-2026-45536

CVE-2026-45536 affects Netty, specifically Unix-domain socket fd reception in netty_unix_socket_recvFd. Prior to versions 4.1.135.Final and 4.2.15.Final, a peer-sent SCM_RIGHTS message containing two fds can cause both descriptors to leak due to a mismatch between cmsg_len checks and the actual f...

4CVSS5.2AI score0.00136EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-45536

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, nettyunixsocketrecvF...

4CVSS5.4AI score0.00136EPSS
Exploits0References3
CVE
CVE
added 2026/06/10 9:47 p.m.41 views

CVE-2026-46693

Summary : CVE-2026-46693 affects ImageMagick’s distributed pixel cache server. A race condition can allow a privileged attacker who can connect to a magick -distribute-cache service to hijack a file descriptor in the server process. The issue is specifically tied to the distributed cache mechanis...

4.1CVSS5.3AI score0.00077EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/06/08 11:1 p.m.9 views

GHSA-W573-9FFJ-6FF9 Netty: Unix-socket fd receive leaks descriptors when peer sends two at once

nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 — 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has cmsglen = CMSGLEN8 = 24, which fits exactly with no MSGCTRUNC, so the kernel installs both fds in the receiving process. The subsequent che...

4CVSS5.5AI score0.00136EPSS
Exploits0References5
Snyk
Snyk
added 2026/06/08 11:1 p.m.8 views

Missing Release of Resource after Effective Lifetime

Overview Affected versions of this package are vulnerable to Missing Release of Resource after Effective Lifetime in the nettyunixsocketrecvFd function. An attacker can cause file descriptor leaks by sending two file descriptors at once via a Unix domain socket, leading to resource exhaustion and...

5.1CVSS5.5AI score0.00136EPSS
Exploits0References2
Rows per page
Query Builder