Lucene search
K

150 matches found

Cvelist
Cvelist
added 2026/07/03 8:19 p.m.33 views

CVE-2026-22555 Gitea organization forks can expose organization secrets without create permission

Gitea versions before 1.26.0 allow API users to fork a repository into an organization without first passing the CanCreateOrgRepo check, which can expose organization secrets...

8.1CVSS0.00304EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/26 8:13 a.m.38 views

CVE-2026-11702 Bytes::Random::Secure::Tiny versions through 1.011 for Perl share internal state across forked processes

Bytes::Random::Secure::Tiny versions through 1.011 for Perl share internal state across forked processes. When an object is initialised before forking, then the internal state for the PRNG is shared across processes and identical random streams will be produced. Secrets generated in multiprocess...

0.00292EPSS
Exploits0References5
NVD
NVD
added 2026/06/24 5:17 p.m.7 views

CVE-2026-52980

In the Linux kernel, the following vulnerability has been resolved: sched/fair: Clear reldeadline when initializing forked entities A yield-triggered crash can happen when a newly forked schedentity enters the fair class with se-reldeadline unexpectedly set. The failing sequence is: 1. A task is...

5.5CVSS0.00168EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2026/06/08 8:14 a.m.85 views

Smart_Contract_Researcher_POC

Smart Contract Security Research Portfolio hailthelord...

5.6AI score
Exploits0
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.13 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from inconsistent inheritance of LOGSUBDOMAINSOFF in landlock. This vulnerability may cause subprocesses to...

5.8AI score0.00118EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.20 views

Amazon Linux 2023 : bpftool6.18, kernel6.18, kernel6.18-devel (ALAS2023-2026-1746)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1746 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE CVE-2026-23401 In the Linux kernel, the followi...

9.8CVSS6.4AI score0.00563EPSS
Exploits4References256
Amazon
Amazon
added 2026/05/26 12:0 a.m.23 views

Important: kernel6.18

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE CVE-2026-23401 In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Only WARN in direct MMUs when overwriti...

9.8CVSS6.2AI score0.00469EPSS
Exploits4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed an incorrect scalar handling in the maybeforkscalars function for BPFOR. The maybeforkscalars function is called for both BPFAND and BPFOR when the source operand is a constant. When dst has a signed range of -1, 0, it...

7.8CVSS5.3AI score0.00221EPSS
Exploits2References2
Amazon
Amazon
added 2026/05/05 12:0 a.m.19 views

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: landlock: Fix handling of disconnected directories CVE-2025-68736 In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: signal: Fix restoration of SVE context CVE-2026-23102 In the Linu...

9.4CVSS5.8AI score0.00433EPSS
Exploits2
Vulnrichment
Vulnrichment
added 2026/04/23 7:29 a.m.11 views

CVE-2026-41564 CryptX versions before 0.088 for Perl do not reseed the Crypt::PK PRNG state after forking

CryptX versions before 0.088 for Perl do not reseed the Crypt::PK PRNG state after forking. The Crypt::PK::RSA, Crypt::PK::DSA, Crypt::PK::DH, Crypt::PK::ECC, Crypt::PK::Ed25519 and Crypt::PK::X25519 modules seed a per-object PRNG state in their constructors and reuse it without fork detection. A...

5.7AI score0.00447EPSS
Exploits0References3
CVE
CVE
added 2026/04/23 7:29 a.m.31 views

CVE-2026-41564

CVE-2026-41564 concerns CryptX for Perl before 0.088, where per-object PRNG state seeded in Crypt::PK::* constructors is not reseeded after fork. A Crypt::PK::* object created before a fork can be inherited by multiple child processes with byte-identical PRNG state, enabling identical outputs in ...

7.5CVSS5.8AI score0.00447EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2026/04/17 11:15 p.m.2 views

ruby: Properly initialize the random number generator when forking new process

The SecureRandom.randombytes function in lib/securerandom.rb in Ruby before 1.8.7-p352 and 1.9.x before 1.9.2-p290 relies on PID values for initialization, which makes it easier for context-dependent attackers to predict the result string by leveraging knowledge of random strings obtained in an...

5CVSS7AI score0.0195EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/04/17 11:15 p.m.2 views

ruby: Properly initialize the random number generator when forking new process

Ruby before 1.8.6-p114 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2003-0900...

5CVSS7AI score0.02088EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/04/17 11:15 p.m.2 views

ruby: Properly initialize the random number generator when forking new process

Ruby before 1.8.7-p352 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2003-0900. NOTE: this issu...

5CVSS7AI score0.02582EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2026/04/12 11:24 p.m.5 views

SUSE CVE-2026-31413

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix unsound scalar forking in maybeforkscalars for BPFOR maybeforkscalars is called for both BPFAND and BPFOR when the source operand is a constant. When dst has signed range -1, 0, it forks the verifier state: the pushed pa...

5.7AI score0.00221EPSS
Exploits2References4
EUVD
EUVD
added 2026/04/12 6:30 a.m.9 views

EUVD-2026-21717

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix unsound scalar forking in maybeforkscalars for BPFOR maybeforkscalars is called for both BPFAND and BPFOR when the source operand is a constant. When dst has signed range -1, 0, it forks the verifier state: the pushed pa...

5.7AI score0.00221EPSS
Exploits2References5
NVD
NVD
added 2026/04/12 6:16 a.m.5 views

CVE-2026-31413

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix unsound scalar forking in maybeforkscalars for BPFOR maybeforkscalars is called for both BPFAND and BPFOR when the source operand is a constant. When dst has signed range -1, 0, it forks the verifier state: the pushed pa...

7.8CVSS0.00221EPSS
Exploits2References4
UbuntuCve
UbuntuCve
added 2026/04/12 6:16 a.m.7 views

CVE-2026-31413

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix unsound scalar forking in maybeforkscalars for BPFOR maybeforkscalars is called for both BPFAND and BPFOR when the source operand is a constant. When dst has signed range -1, 0, it forks the verifier state: the pushed pa...

7.8CVSS5.7AI score0.00221EPSS
Exploits2References6
OSV
OSV
added 2026/04/12 6:16 a.m.5 views

UBUNTU-CVE-2026-31413

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix unsound scalar forking in maybeforkscalars for BPFOR maybeforkscalars is called for both BPFAND and BPFOR when the source operand is a constant. When dst has signed range -1, 0, it forks the verifier state: the pushed pa...

7.8CVSS5.7AI score0.00221EPSS
Exploits2References7
CVE
CVE
added 2026/04/12 5:36 a.m.62 views

CVE-2026-31413

CVE-2026-31413 — Linux kernel BPF verifier flaw (CVE-joined info from multiple sources) The issue arises in maybe_fork_scalars() when handling ARSH plus AND/OR with a constant in the BPF verifier. The code forks the verifier state; the pushed path previously used env->insn_idx + 1, so it re-ex...

7.8CVSS5.7AI score0.00221EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder