Lucene search
+L

2586 matches found

cve
cve
added 3 days ago7 views

CVE-2026-47478

CVE-2026-47478 affects NVIDIA Triton Inference Server for Linux. The issue allows an attacker to cause the use of an expired file descriptor, with the documented impact being denial of service. NVIDIA’s security bulletin recommends updating to Triton Server 26.05 or later (Linux) to address the v...

7.5CVSS6.1AI score0.00301EPSS
Exploits0References2
cvelist
cvelist
added 3 days ago38 views

CVE-2026-47478

NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause the use of an expired file descriptor. A successful exploit of this vulnerability might lead to denial of service...

7.5CVSS0.00301EPSS
Exploits0References2
nvd
nvd
added 2026/07/06 9:16 p.m.8 views

CVE-2025-59617

Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input...

7.3CVSS0.00065EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/07/06 8:9 p.m.8 views

CVE-2025-59617

Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input...

6.6CVSS6.1AI score0.00065EPSS
Exploits0References2
euvd
euvd
added 2026/07/06 8:9 p.m.5 views

EUVD-2025-210438

Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input...

6.6CVSS6.1AI score0.00065EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/07/06 12:0 a.m.16 views

PT-2026-55986

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Memory corruption occurs when processing multiple IOCTL Input/Output Control calls that use the same buffer file descriptor input. This issue is caused by a...

7.8CVSS6.1AI score0.00064EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/07/06 12:0 a.m.10 views

PT-2026-55987

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon CCW affected versions not specified Description Memory corruption occurs when processing multiple IOCTL Input/Output Control calls that utilize the same buffer file descriptor input. IOCTL is a system call used by...

7.3CVSS6.2AI score0.00065EPSS
Exploits0References4
osv
osv
added 2026/07/01 9:17 p.m.6 views

DEBIAN-CVE-2026-54786

Wasmtime is a runtime for WebAssembly. All versions prior to 24.0.10; versions 25.0.0 through those before 36.0.11; versions 37.0.0 through those before 44.0.3; and versions 45.0.0 and 45.0.1 contain a native implementation of WASIp1 which suffers from a leak in the fdrenumber function where the...

5CVSS5.7AI score0.00217EPSS
Exploits0References1
osv
osv
added 2026/07/01 9:17 p.m.6 views

UBUNTU-CVE-2026-54786

Wasmtime is a runtime for WebAssembly. All versions prior to 24.0.10; versions 25.0.0 through those before 36.0.11; versions 37.0.0 through those before 44.0.3; and versions 45.0.0 and 45.0.1 contain a native implementation of WASIp1 which suffers from a leak in the fdrenumber function where the...

5CVSS5.7AI score0.00217EPSS
Exploits0References3
cvelist
cvelist
added 2026/07/01 8:12 p.m.39 views

CVE-2026-54786 Wasmtime: Leak in WASIp1 `fd_renumber` implementation

Wasmtime is a runtime for WebAssembly. All versions prior to 24.0.10; versions 25.0.0 through those before 36.0.11; versions 37.0.0 through those before 44.0.3; and versions 45.0.0 and 45.0.1 contain a native implementation of WASIp1 which suffers from a leak in the fdrenumber function where the...

2.3CVSS0.00217EPSS
Exploits0References1
nessus
nessus
added 2026/06/28 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-52996

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: fix durable fd leak on ClientGUID mismatch in durable v2 open ksmbdlookupfdcguid returns a ksmbdfile with its refcount incremented via ksmbdfpget...

5.5CVSS6.2AI score0.00135EPSS
Exploits0References2
susecve
susecve
added 2026/06/26 2:25 a.m.13 views

SUSE CVE-2026-13201

A flaw was found in KubeVirt's safepath package used by virt-handler. The OpenAtNoFollow function uses OPATH|ONOFOLLOW to obtain a file descriptor to a path leaf, but downstream operations resolve the path via /proc/self/fd/N using link-following syscalls. When the leaf is a symlink, the kernel...

7.3CVSS6AI score0.00122EPSS
Exploits0References3
redhatcve
redhatcve
added 2026/06/25 11:24 p.m.9 views

CVE-2026-53005

A flaw was found in the Linux kernel's afunix component, specifically within its SOCKMAP feature. This vulnerability stems from the kernel's improper handling of Socket Control Message SCM attributes when data is passed to the SOCKMAP layer. This can lead to a use-after-free condition, which may...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References4
euvd
euvd
added 2026/06/25 12:23 p.m.5 views

EUVD-2026-39348

An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by sending IXFR queries. This could be used to cause a denial of service if there is a limit to the number of concurrent connections to this backend, or...

5.3CVSS5.8AI score0.00404EPSS
Exploits0References1
nvd
nvd
added 2026/06/24 9:16 p.m.9 views

CVE-2026-52814

Gogs is an open source self-hosted Git service. Prior to 0.14.3, the Gogs built-in Go SSH server is vulnerable to an unauthenticated, asymmetric Denial of Service DoS attack. The application accepts inbound TCP connections and passes them to golang.org/x/crypto/ssh.NewServerConn inside a new...

6.9CVSS0.00547EPSS
Exploits0References4
nvd
nvd
added 2026/06/24 9:16 p.m.10 views

CVE-2026-13201

A flaw was found in KubeVirt's safepath package used by virt-handler. The OpenAtNoFollow function uses OPATH|ONOFOLLOW to obtain a file descriptor to a path leaf, but downstream operations resolve the path via /proc/self/fd/N using link-following syscalls. When the leaf is a symlink, the kernel...

7.3CVSS0.00122EPSS
Exploits0References2
cve
cve
added 2026/06/24 8:39 p.m.12 views

CVE-2026-13201

CVE-2026-13201 concerns KubeVirt’s safepath package, where OpenAtNoFollow uses O_PATH|O_NOFOLLOW to obtain a descriptor for a path leaf, but downstream helpers access paths via /proc/self/fd/N. If the leaf is a symlink, the kernel dereferences it, bypassing intended no-follow protection. An attac...

7.3CVSS6AI score0.00122EPSS
Exploits0References2Affected Software2
cve
cve
added 2026/06/24 8:15 p.m.27 views

CVE-2026-52814

CVE-2026-52814 affects Gogs’ built-in Go SSH server, where unauthenticated clients can stall the SSH handshake to exhaust file descriptors, spawning unbounded goroutines and causing FD exhaustion that disrupts SSH access. Connected advisories (GHSA-XP79-5MX3-JX52) confirm the vulnerability detail...

6.9CVSS5.9AI score0.00547EPSS
Exploits0References4
cvelist
cvelist
added 2026/06/24 8:15 p.m.25 views

CVE-2026-52814 Gogs: Unauthenticated Asymmetric Denial of Service (DoS) via SSH Handshake Stall (File Descriptor Exhaustion)

Gogs is an open source self-hosted Git service. Prior to 0.14.3, the Gogs built-in Go SSH server is vulnerable to an unauthenticated, asymmetric Denial of Service DoS attack. The application accepts inbound TCP connections and passes them to golang.org/x/crypto/ssh.NewServerConn inside a new...

6.9CVSS0.00547EPSS
Exploits0References4
osv
osv
added 2026/06/24 8:15 p.m.4 views

CVE-2026-52814 Gogs: Unauthenticated Asymmetric Denial of Service (DoS) via SSH Handshake Stall (File Descriptor Exhaustion)

Gogs is an open source self-hosted Git service. Prior to 0.14.3, the Gogs built-in Go SSH server is vulnerable to an unauthenticated, asymmetric Denial of Service DoS attack. The application accepts inbound TCP connections and passes them to golang.org/x/crypto/ssh.NewServerConn inside a new...

6.9CVSS5.9AI score0.00547EPSS
Exploits0References6
Rows per page
Query Builder