Lucene search
K

960 matches found

OSV
OSV
added last week3 views

PYSEC-2026-1008 `CHECK` fail via inputs in `SparseFillEmptyRowsGrad`

Impact If SparseFillEmptyRowsGrad is given empty inputs, TensorFlow will crash. python import tensorflow as tf tf.rawops.SparseFillEmptyRowsGrad reverseindexmap=, gradvalues=, name=None Patches We have patched the issue in GitHub commit af4a6a3c8b95022c351edae94560acc61253a1b8. The fix will be...

4.8CVSS6.9AI score0.0044EPSS
Exploits1References7
Fedora
Fedora
added 2026/07/04 12:51 a.m.7 views

[SECURITY] Fedora 44 Update: leptonica-1.87.0-4.fc44

The library supports many operations that are useful on Document images Natural images Fundamental image processing and image analysis operations Rasterop aka bitblt Affine transforms scaling, translation, rotation, shear on images of arbitrary pixel depth Projective and bi-linear transforms Bina...

9.8CVSS6.8AI score0.01735EPSS
Exploits0
OSV
OSV
added 2026/07/02 2:13 p.m.2 views

PYSEC-2026-704 Out-of-bounds Write in OpenCV

OpenCV Open Source Computer Vision Library through 3.3 corresponding to opencv-python and opencv-contrib-python through 3.3.0.9 has an out-of-bounds write error in the function FillColorRow1 in utils.cpp when reading an image file by using cv::imread...

8.8CVSS6.8AI score0.0197EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2026/07/01 4:54 p.m.7 views

CVE-2026-53327

A flaw was found in the Linux kernel's debugobjects functionality. On systems with Real-Time RT enabled kernels, the fillpool function can lead to a system assertion if a task is already blocked on a lock, causing corruption of the priority inheritance chain. This issue can result in a Denial of...

5.5CVSS5.8AI score0.00172EPSS
Exploits0References4
NVD
NVD
added 2026/07/01 2:16 p.m.6 views

CVE-2026-53327

In the Linux kernel, the following vulnerability has been resolved: debugobjects: Do not fillpool if piblockedon On RT enabled kernels, fillpool ends up calling rtlocklock, which asserts if current::piblockedon is set, because a task can obviously only block on one lock as otherwise the priority...

0.00172EPSS
Exploits0References6
OSV
OSV
added 2026/07/01 2:16 p.m.4 views

UBUNTU-CVE-2026-53326

In the Linux kernel, the following vulnerability has been resolved: debugobjects: Don't call fillpool in early boot hardirq context When booting a debug PREEMPTRT kernel on an ARM64 system, a "inconsistent HARDIRQ-ON-W - IN-HARDIRQ-W usage" lockdep warning message was reported to the console...

5.7AI score0.00172EPSS
Exploits0References6
OSV
OSV
added 2026/07/01 2:16 p.m.4 views

UBUNTU-CVE-2026-53327

In the Linux kernel, the following vulnerability has been resolved: debugobjects: Do not fillpool if piblockedon On RT enabled kernels, fillpool ends up calling rtlocklock, which asserts if current::piblockedon is set, because a task can obviously only block on one lock as otherwise the priority...

5.7AI score0.00172EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/07/01 1:32 p.m.38 views

CVE-2026-53327 debugobjects: Do not fill_pool() if pi_blocked_on

In the Linux kernel, the following vulnerability has been resolved: debugobjects: Do not fillpool if piblockedon On RT enabled kernels, fillpool ends up calling rtlocklock, which asserts if current::piblockedon is set, because a task can obviously only block on one lock as otherwise the priority...

0.00172EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/07/01 1:32 p.m.5 views

CVE-2026-53327

In the Linux kernel, the following vulnerability has been resolved: debugobjects: Do not fillpool if piblockedon On RT enabled kernels, fillpool ends up calling rtlocklock, which asserts if current::piblockedon is set, because a task can obviously only block on one lock as otherwise the priority...

5.7AI score0.00172EPSS
Exploits0
CVE
CVE
added 2026/07/01 1:32 p.m.20 views

CVE-2026-53327

CVE-2026-53327 affects the Linux kernel, specifically the debugobjects path related to fill_pool() on RT-enabled kernels. The root cause is that fill_pool() may invoke rtlock_lock() while current::pi_blocked_on is set, which can trigger an assertion because a task should block on only one lock to...

5.8AI score0.00172EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/07/01 1:32 p.m.6 views

CVE-2026-53326

In the Linux kernel, the following vulnerability has been resolved: debugobjects: Don't call fillpool in early boot hardirq context When booting a debug PREEMPTRT kernel on an ARM64 system, a "inconsistent HARDIRQ-ON-W - IN-HARDIRQ-W usage" lockdep warning message was reported to the console...

5.7AI score0.00172EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/07/01 1:32 p.m.6 views

CVE-2026-53326

In the Linux kernel, the following vulnerability has been resolved: debugobjects: Don't call fillpool in early boot hardirq context When booting a debug PREEMPTRT kernel on an ARM64 system, a "inconsistent HARDIRQ-ON-W - IN-HARDIRQ-W usage" lockdep warning message was reported to the console...

5.7AI score0.00172EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.12 views

RHEL 7 : poppler (RHSA-2026:30044)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:30044 advisory. Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: Integer overflow in Poppl...

7.8CVSS7.3AI score0.00252EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.11 views

RHEL 7 : compat-poppler022 (RHSA-2026:29952)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:29952 advisory. Compatibility package with poppler 0.22 libraries. Security Fixes: poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to...

7.8CVSS7.3AI score0.00252EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/25 5:24 p.m.6 views

poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

7.8CVSS7.3AI score0.00252EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/25 5:24 p.m.9 views

Important: Red Hat Security Advisory: poppler security update

An update for poppler is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

7.8CVSS7.2AI score0.00252EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/25 3:5 p.m.4 views

poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

7.8CVSS6.1AI score0.00252EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/25 3:5 p.m.6 views

Important: Red Hat Security Advisory: compat-poppler022 security update

An update for compat-poppler022 is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.8CVSS6.1AI score0.00252EPSS
Exploits0References2
NVD
NVD
added 2026/06/24 9:16 p.m.8 views

CVE-2026-33235

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. In versions prior to 0.6.52, the Fill Text Template block is vulnerable to a Denial of Service DoS attack. While the backend implements a SandboxedEnvironment to prevent...

7.7CVSS0.0031EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 8:52 p.m.24 views

CVE-2026-33235

AutoGPT is vulnerable to Denial of Service in the Fill Text Template block prior to v0.6.52. Although a SandboxedEnvironment blocks certain attributes (e.g., class ), it does not cap the computational complexity or execution time of Python/Jinja2 expressions, allowing crafted inputs to exhaust CP...

7.7CVSS5.8AI score0.0031EPSS
Exploits0References2
Rows per page
Query Builder