Lucene search
K

622 matches found

EUVD
EUVD
added 6 days ago8 views

EUVD-2026-25012

mv: symlinks expanded during cross-device move resource exhaustion / data duplication...

6.6CVSS5.9AI score0.00161EPSS
Exploits0References5
OSV
OSV
added 2026/07/01 4:51 p.m.6 views

USN-8490-1 linux, linux-aws, linux-aws-6.17, linux-gcp, linux-gcp-6.17, linux-oracle, linux-oracle-6.17, linux-realtime, linux-realtime-6.17 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - InfiniBand drivers; -...

9.8CVSS7AI score0.00817EPSS
Exploits8References62
NVD
NVD
added 2026/07/01 3:17 p.m.11 views

CVE-2026-6685

FatFs R0.16 and earlier exhibits a stale dirty-cache skip via unsigned-subtraction wrap in fread / fwrite fp-sect - sect cc during interleaved read/write on fragmented filesystems. This maps to CWE-191 Integer Underflow. Estimated CVSS v3.1 vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H 6.1...

6.1CVSS0.00205EPSS
Exploits2References4
CVE
CVE
added 2026/07/01 1:47 p.m.37 views

CVE-2026-6685

FatFs CVE-2026-6685 affects FatFs R0.16 and earlier, where a stale dirty-cache skip can occur due to an unsigned-subtraction wrap in f_read() and f_write() during interleaved reads/writes on fragmented filesystems (fp->sect - sect < cc). The root cause is an integer underflow (CWE-191) in t...

6.1CVSS5.8AI score0.00205EPSS
Exploits2References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/01 1:47 p.m.5 views

CVE-2026-6685

FatFs R0.16 and earlier exhibits a stale dirty-cache skip via unsigned-subtraction wrap in fread / fwrite fp-sect - sect cc during interleaved read/write on fragmented filesystems. This maps to CWE-191 Integer Underflow. Estimated CVSS v3.1 vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H 6.1...

6.1CVSS5.8AI score0.00205EPSS
Exploits2References5
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.8 views

PT-2026-54927

Name of the Vulnerable Software and Affected Versions FatFs versions R0.16 and earlier Description An integer underflow occurs during interleaved read and write operations on fragmented filesystems. This issue is caused by an unsigned-subtraction wrap in the f read and f write functions when...

6.1CVSS6.1AI score0.00205EPSS
Exploits2References7
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: jfs: Fixed an issue where uninitialized waitqueues were present in the transaction manager. The initialization of the transaction manager in txInit did not properly initialize the TxBlock0.waitor waitqueue. This caused a crash wh...

5.9AI score0.00177EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: NFS: Automounted file systems should inherit the “ro”, “noexec”, “nodev”, and “sync” flags. When a file system is automatically mounted, it needs to preserve the user-set superblock mount options, such as the “ro” flag...

6AI score0.00165EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 9:46 a.m.5 views

SUSE-SU-2026:22468-1 Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-32.1 fixes various security issues The following security issues were fixed: - CVE-2026-23278: netfilter: nftables: always walk all pending catchall elements bsc1260907. - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache...

9.8CVSS6.7AI score0.0049EPSS
Exploits8References14
OSV
OSV
added 2026/06/23 2:31 p.m.2 views

SUSE-SU-2026:2591-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-38549: efivarfs: Fix memory leak of efivarfsfsinfo in fscontext error paths bsc1248235. - CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinish...

9.8CVSS7.3AI score0.93235EPSS
Exploits37References221
Github Security Blog
Github Security Blog
added 2026/06/19 7:36 p.m.9 views

jupyterlab-git excluded_paths Case-Sensitivity Bypass Allows Reading Excluded Directories

Summary jupyterlab-git 0.53.0 latest, 2026-04-30 uses fnmatch.fnmatchcase in GitHandler.prepare jupyterlabgit/handlers.py:91 to enforce the admin-configured excludedpaths security control. Because fnmatchcase is unconditionally case-sensitive, an authenticated user on a case-insensitive filesyste...

7.1CVSS6AI score0.00285EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/15 1:6 p.m.2 views

SUSE-SU-2026:22112-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2026-23254: net: gro: fix outer network offset bsc1259884. - CVE-2026-23303: smb: client: Don't log plaintext credentials in cifssetcifscreds bsc1260502. -...

9.8CVSS7.1AI score0.00514EPSS
Exploits0References125
OSV
OSV
added 2026/06/15 10:50 a.m.4 views

SUSE-SU-2026:22099-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2026-23254: net: gro: fix outer network offset bsc1259884. - CVE-2026-23303: smb: client: Don't log plaintext credentials in cifssetcifscreds bsc1260502. -...

9.8CVSS7.1AI score0.00514EPSS
Exploits0References125
OSV
OSV
added 2026/05/22 1:39 p.m.12 views

USN-8296-1 linux-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Drivers core; - Null block device drive...

9.8CVSS6.8AI score0.0071EPSS
Exploits0References190
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: ext2: Added more validation checks for inode counts. Checks were added to ensure that the number of inodes stored in the superblock matches the number calculated based on the number of inodes per group. It was also verified th...

5.5CVSS6AI score0.00208EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: Do not erase the value of ret in btrfsvalidatesuper. Commit 2a9bb78cfd36 “btrfs: validate the system chunk array in btrfsvalidatesuper” introduces a call to validatesyschunkarray in btrfsvalidatesuper, which erases the val...

5.5CVSS5.9AI score0.00148EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/19 1:54 p.m.11 views

node-tar: tar: node-tar: Arbitrary file overwrite via Unicode path collision race condition

A flaw was found in node-tar, a library for Node.js. This race condition vulnerability occurs due to incomplete handling of Unicode path collisions within the path-reservations system on case-insensitive filesystems, such as macOS APFS. A remote attacker can exploit this by providing a specially...

8.8CVSS6.3AI score0.00233EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.12 views

Unity Linux 20.1060e / 20.1070e Security Update: git (UTSA-2026-017630)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017630 advisory. Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files...

8CVSS7AI score0.88644EPSS
Exploits5References4
ATTACKERKB
ATTACKERKB
added 2026/05/08 2:21 p.m.7 views

CVE-2026-43365

In the Linux kernel, the following vulnerability has been resolved: xfs: fix undersized liclogroundoff values If the superblock doesn't list a log stripe unit, we set the incore log roundoff value to 512. This leads to corrupt logs and unmountable filesystems in generic/617 on a disk with 4k...

5.7AI score0.00414EPSS
Exploits0References8Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.23 views

PT-2026-39026

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the XFS file system where the l iclog roundoff value is set to 512 if the superblock does not list a log stripe unit. On disks with 4k physical sectors, this results i...

9.8CVSS5.7AI score0.03663EPSS
Exploits28References472
Rows per page
Query Builder