Lucene search
K

194 matches found

NVD
NVD
added 2026/07/01 2:16 p.m.5 views

CVE-2026-53341

In the Linux kernel, the following vulnerability has been resolved: fhandle: fix UAF due to unlocked -mntns read in maydecodefh maydecodefh accesses mount::mntns without holding any locks; that means the mount can concurrently be unmounted, and the mntnamespace can concurrently be freed after an...

0.00156EPSS
Exploits0References4
OSV
OSV
added 2026/06/30 10:57 a.m.2 views

SUSE-SU-2026:2710-1 Security update for perl-Config-IniFiles

This update for perl-Config-IniFiles fixes the following issue - CVE-2026-11527: OS command injection and file overwrite via a 2-arg open of the -file argument in makefilehandle bsc1268236...

8.6CVSS5.8AI score0.00618EPSS
Exploits0References3
OSV
OSV
added 2026/06/30 9:6 a.m.3 views

SUSE-SU-2026:2695-1 Security update for nodejs22

This update for nodejs22 fixes the following issues: - CVE-2026-48618: tls: normalize hostname for server identity checks bsc1268593. - CVE-2026-48933: crypto: guard WebCrypto cipher output length bsc1268592. - CVE-2026-48615: lib,test: redact proxy credentials in tunnel errors bsc1268598. -...

9.8CVSS6.1AI score0.02806EPSS
Exploits3References39
ATTACKERKB
ATTACKERKB
added 2026/06/19 8:27 a.m.6 views

CVE-2026-11576

The security fix for CVE-2025-0728 in eclipse-threadx NetX Duo refactors error handling in the HTTP server PUT process to use a shared cleanup label, but this unified cleanup path unconditionally calls fxfileclose even when the file was never successfully opened. Multiple error branches jump to t...

7.5CVSS5.8AI score0.00263EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/19 8:27 a.m.32 views

CVE-2026-11576

The security fix for CVE-2025-0728 in eclipse-threadx NetX Duo refactors error handling in the HTTP server PUT process to use a shared cleanup label, but this unified cleanup path unconditionally calls fxfileclose even when the file was never successfully opened. Multiple error branches jump to t...

7.5CVSS0.00263EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/19 8:27 a.m.5 views

CVE-2026-11576

The security fix for CVE-2025-0728 in eclipse-threadx NetX Duo refactors error handling in the HTTP server PUT process to use a shared cleanup label, but this unified cleanup path unconditionally calls fxfileclose even when the file was never successfully opened. Multiple error branches jump to t...

7.5CVSS5.8AI score0.00263EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/14 11:40 a.m.11 views

CVE-2026-11527

Config::IniFiles versions before 3.001000 for Perl allow OS command injection and file overwrite via a 2-arg open of the -file argument in makefilehandle. Config::IniFiles::makefilehandle opens a filename argument with Perl's 2-arg open, so a filename that begins or ends with a pipe "| cmd", "cmd...

8.6CVSS5.5AI score0.00618EPSS
Exploits0
OSV
OSV
added 2026/06/08 4:16 p.m.11 views

UBUNTU-CVE-2026-48913

Use After Free vulnerability in Apache HTTP Server module modhttp2 when file handles are already exhausted. This issue affects Apache HTTP Server: from 2.4.55 through 2.4.67...

7.3CVSS5.4AI score0.00479EPSS
Exploits0References6
CVE
CVE
added 2026/06/08 3:24 p.m.86 views

CVE-2026-48913

This CVE (CVE-2026-48913) concerns Apache HTTP Server’s mod_http2 component. The reported issue is a Use After Free vulnerability when file handles are exhausted, affecting Apache HTTP Server versions 2.4.55–2.4.67. The description and connected sources consistently cite memory- or resource-relat...

7.3CVSS5.5AI score0.00479EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2026/06/08 3:24 p.m.9 views

CVE-2026-48913

Use After Free vulnerability in Apache HTTP Server module modhttp2 when file handles are already exhausted. This issue affects Apache HTTP Server: from 2.4.55 through 2.4.67...

7.3CVSS5.4AI score0.00479EPSS
Exploits0
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.10 views

Apache HTTP Server 资源管理错误漏洞

The Apache HTTP Server is an open-source web server developed by the Apache Foundation in the United States. This server is known for its speed, reliability, and ability to be expanded through simple APIs. The Apache HTTP Server has a memory corruption vulnerability. Attackers can exploit this...

7.3CVSS6.2AI score0.00479EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/05/29 8:9 a.m.10 views

isofs: validate block number from NFS file handle in isofs_export_iget

...

7.5CVSS5.4AI score0.00425EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/29 1:16 a.m.16 views

SUSE CVE-2026-46124

In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in isofsexportiget isofsfhtodentry and isofsfhtoparent pass an attacker- controlled block number ifid-block or ifid-parentblock from the NFS file handle to isofsexportiget, which...

5.5CVSS5.8AI score0.00425EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.23 views

Linux Distros Unpatched Vulnerability : CVE-2026-46124

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - isofs: validate block number from NFS file handle in isofsexportiget isofsfhtodentry and isofsfhtoparent pass an attacker- controlled block number ifid-block or...

7.5CVSS6.8AI score0.00425EPSS
Exploits0References2
NVD
NVD
added 2026/05/28 10:16 a.m.13 views

CVE-2026-46124

In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in isofsexportiget isofsfhtodentry and isofsfhtoparent pass an attacker- controlled block number ifid-block or ifid-parentblock from the NFS file handle to isofsexportiget, which...

7.5CVSS0.00425EPSS
Exploits0References8
OSV
OSV
added 2026/05/28 10:16 a.m.7 views

UBUNTU-CVE-2026-46124

In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in isofsexportiget isofsfhtodentry and isofsfhtoparent pass an attacker- controlled block number ifid-block or ifid-parentblock from the NFS file handle to isofsexportiget, which...

7.5CVSS5.7AI score0.00425EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/28 9:35 a.m.16 views

EUVD-2026-32883

In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in isofsexportiget isofsfhtodentry and isofsfhtoparent pass an attacker- controlled block number ifid-block or ifid-parentblock from the NFS file handle to isofsexportiget, which...

7.1CVSS6.4AI score0.00425EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/05/28 9:35 a.m.9 views

CVE-2026-46124

In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in isofsexportiget isofsfhtodentry and isofsfhtoparent pass an attacker- controlled block number ifid-block or ifid-parentblock from the NFS file handle to isofsexportiget, which...

7.5CVSS5.7AI score0.00425EPSS
Exploits0
OSV
OSV
added 2026/05/28 9:35 a.m.2 views

CVE-2026-46124 isofs: validate block number from NFS file handle in isofs_export_iget

In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in isofsexportiget isofsfhtodentry and isofsfhtoparent pass an attacker- controlled block number ifid-block or ifid-parentblock from the NFS file handle to isofsexportiget, which...

7.5CVSS5.8AI score0.00425EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.19 views

PT-2026-44247

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description The issue exists in the isofs module where isofs fh to dentry and isofs fh to parent pass an attacker-controlled block numbe...

7.5CVSS5.9AI score0.00425EPSS
Exploits0
Rows per page
Query Builder