CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

25 matches found

GHSA-GHMH-JHMJ-WCMF nebula-mesh's stores enrollment tokens unhashed in SQLite

internal/store/sqlite.go:1177,1192,1221,1245 — the enrollmenttokens.token column holds the raw UUID token. ConsumeToken does WHERE token = ? against the raw string. Compare with operatorapikeys.keyhash, which is SHA-256 hex constructed in internal/api/middleware.go:51-53. Affected All released...

7.1CVSS5.8AI score

Exploits0References2

RedHat Linux•added last week•7 views

kernel: ALSA: aloop: Fix peer runtime UAF during format-change stop

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture aloop driver. This Use-After-Free UAF vulnerability occurs when loopbackcheckformat stops the capture side during a format change, while a concurrent close operation detaches or frees the runtime. An attacker could...

7.8CVSS6.1AI score0.00129EPSS

Exploits0References5

RedHat Linux•added last week•6 views

kernel: ALSA: aloop: Fix peer runtime UAF during format-change stop

7.8CVSS6.1AI score0.00129EPSS

Exploits0References5

SUSE CVE•added 2026/05/28 3:52 a.m.•6 views

SUSE CVE-2026-46090

In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix peer runtime UAF during format-change stop loopbackcheckformat may stop the capture side when playback starts with parameters that no longer match a running capture stream. Commit 826af7fa62e3 "ALSA: aloop: Fix...

7CVSS5.7AI score0.00129EPSS

Exploits0References16

RedhatCVE•added 2026/05/27 5:7 p.m.•9 views

CVE-2026-46090

7.8CVSS6AI score0.00129EPSS

Exploits0References4

NVD•added 2026/05/27 2:17 p.m.•13 views

CVE-2026-46090

7.8CVSS0.00129EPSS

Exploits0References6

OSV•added 2026/05/27 2:17 p.m.•4 views

UBUNTU-CVE-2026-46090

7.8CVSS5.7AI score0.00129EPSS

Exploits0References3

Debian CVE•added 2026/05/27 12:58 p.m.•8 views

CVE-2026-46090

7.8CVSS5.7AI score0.00129EPSS

Exploits0

Cvelist•added 2026/05/27 12:58 p.m.•41 views

CVE-2026-46090 ALSA: aloop: Fix peer runtime UAF during format-change stop

7.8CVSS0.00129EPSS

Exploits0References6

ATTACKERKB•added 2026/05/27 12:58 p.m.•7 views

CVE-2026-46090

7.8CVSS5.7AI score0.00129EPSS

Exploits0References7Affected Software1

EUVD•added 2026/05/27 12:58 p.m.•10 views

EUVD-2026-32473

5.8AI score0.00129EPSS

Exploits0References4

CVE•added 2026/05/27 12:58 p.m.•26 views

CVE-2026-46090

CVE-2026-46090 affects the Linux kernel ALSA aloop driver. A use-after-free in loopback_check_format() can occur when playback starts with parameters that no longer match a running capture stream, while a concurrent close may detach or free the runtime. The issue arises after a patch that moved t...

7.8CVSS5.8AI score0.00129EPSS

Exploits0References6Affected Software1

UbuntuCve•added 2026/05/27 12:0 a.m.•6 views

CVE-2026-46090

ALSA: aloop: Fix peer runtime UAF during format-change stop...

7.8CVSS5.8AI score0.00129EPSS

Exploits0References2

Positive Technologies•added 2026/05/27 12:0 a.m.•10 views

PT-2026-43958

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the ALSA loopback driver. The loopback check format function may stop the capture side when playback starts with parameters that do not match a runni...

7.8CVSS5.9AI score0.00129EPSS

Exploits0

Tenable Nessus•added 2026/05/27 12:0 a.m.•10 views

Linux Distros Unpatched Vulnerability : CVE-2026-46090

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: aloop: Fix peer runtime UAF during format-change stop loopbackcheckformat may stop the capture side when playback starts with parameters that no longer...

7.8CVSS6.6AI score0.00129EPSS

Exploits0References4

OSV•added 2026/05/18 1:27 p.m.•7 views

GHSA-QW48-84F6-28GV Graphite Has a Pickle Deserialization Vulnerability

Impact Type of vulnerability: Insecure Deserialization via Python's pickle module. Who is impacted: Users of Graphite graph database engine versions before 0.2 who load database files from untrusted or third-party sources. An attacker could craft a malicious database file that executes arbitrary...

7.8CVSS6AI score

Exploits0References3

Positive Technologies•added 2026/05/14 12:0 a.m.•12 views

PT-2026-41139

Impact A Python operator precedence bug in pyzipper/zipfile aes.py caused the AE-2 format to never be automatically selected during encryption, regardless of file size or compression type. As a result, all encrypted entries are written in AE-1 format unless AE-2 is explicitly forced by the caller...

6.2CVSS5.8AI score0.00009EPSS

Exploits0References4

AstraLinux•added 2025/02/11 7:35 a.m.•2 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: rcu: Buffer overflow in printcpustallinfo The output from printcpustallinfo may cause a buffer overflow if there is a significant difference in “jiffies”. This might seem unlikely, but computers sometimes get time calculations...

7.1CVSS6.5AI score0.00252EPSS

Exploits0References3

Citrix•added 2024/07/03 12:0 a.m.•12 views

New Support Website - July 15th 2024

New Support Website - July 15th 2024 Support.Citrix.com is migrating to a new platform. This is the main website for hosting public CTX knowledge articles and for customers to create and view their support cases. This new platform will launch on July 15th 2024 Callback and LiveChat are dependent ...

6.9AI score

Exploits0

OSV•added 2024/04/10 7:15 p.m.•1 views

UBUNTU-CVE-2021-47216

In the Linux kernel, the following vulnerability has been resolved: scsi: advansys: Fix kernel pointer leak Pointers should be printed with %p or %px rather than cast to 'unsigned long' and printed with %lx. Change %lx to %p to print the hashed pointer...

5.5CVSS6.2AI score0.00226EPSS

Exploits0References11

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by