Lucene search
K

19 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: qcom: q6apm: moved component registration to unmanaged version The q6apm component registers DAIS dynamically from ASoC toplology. These resources are allocated using device-managed API methods. Assigning both components...

7.8CVSS5.7AI score0.00126EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007279)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007279 advisory. In the Linux kernel, the following vulnerability has been resolved: iavf: free qvectors before queues in iavfdisablevf iavffreequeues clears adapter-numactivequeues,...

5.5CVSS6AI score0.00235EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.3 views

PT-2026-30124

In the Linux kernel, the following vulnerability has been resolved: iommu/sva: Fix crash in iommu sva unbind device domain-mm-iommu mm can be freed by iommu domain free: iommu domain free mmdrop mmdrop mm pasid drop After iommu domain free returns, accessing domain-mm-iommu mm may dereference a...

5.8AI score0.00127EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/16 12:0 a.m.7 views

PT-2025-51595

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the iwlwifi module, specifically in the iwl mld remove link function. The code frees a memory location referred to as "link" using kfree rcu, and...

5.5AI score0.00544EPSS
Exploits4References385
Tenable Nessus
Tenable Nessus
added 2025/10/20 12:0 a.m.6 views

Oracle Linux 10 : kernel (ELSA-2025-18318)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-18318 advisory. - scsi: lpfc: Fix buffer free/clear order in deferred receive path CKI Backport Bot RHEL-119125 CVE-2025-39841 - efivarfs: Fix slab-out-of-bounds in...

7.8CVSS7.2AI score0.0018EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/10/19 6:43 a.m.13 views

CVE-2025-11517

The Event Tickets and Registration plugin for WordPress is vulnerable to payment bypass in all versions up to, and including, 5.26.5. This is due to the /wp-json/tribe/tickets/v1/commerce/free/order endpoint not verifying that a ticket type should be free allowing the user to bypass the payment...

7.5CVSS6AI score0.0037EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/18 9:30 a.m.6 views

EUVD-2025-34982

The Event Tickets and Registration plugin for WordPress is vulnerable to payment bypass in all versions up to, and including, 5.26.5. This is due to the /wp-json/tribe/tickets/v1/commerce/free/order endpoint not verifying that a ticket type should be free allowing the user to bypass the payment...

7.5CVSS5.5AI score0.0037EPSS
Exploits0References3
NVD
NVD
added 2025/10/18 7:15 a.m.8 views

CVE-2025-11517

The Event Tickets and Registration plugin for WordPress is vulnerable to payment bypass in all versions up to, and including, 5.26.5. This is due to the /wp-json/tribe/tickets/v1/commerce/free/order endpoint not verifying that a ticket type should be free allowing the user to bypass the payment...

7.5CVSS0.0037EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/18 6:42 a.m.4 views

CVE-2025-11517 Event Tickets and Registration <= 5.26.5 - Unauthenticated Ticket Payment Bypass

The Event Tickets and Registration plugin for WordPress is vulnerable to payment bypass in all versions up to, and including, 5.26.5. This is due to the /wp-json/tribe/tickets/v1/commerce/free/order endpoint not verifying that a ticket type should be free allowing the user to bypass the payment...

7.5CVSS5.6AI score0.0037EPSS
Exploits0References2
CVE
CVE
added 2025/10/18 6:42 a.m.30 views

CVE-2025-11517

CVE-2025-11517 affects the WordPress plugin “Event Tickets and Registration” (

7.5CVSS5.6AI score0.0037EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2025/09/21 8:2 a.m.5 views

scsi: lpfc: Fix buffer free/clear order in deferred receive path

...

7.8CVSS6.8AI score0.00167EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/09/17 5:34 p.m.4 views

CVE-2022-50355

In the Linux kernel, the following vulnerability has been resolved: staging: vt6655: fix some erroneous memory clean-up loops In some initialization functions of this driver, memory is allocated with 'i' acting as an index variable and increasing from 0. The commit in "Fixes" introduces some...

5.5CVSS5.9AI score0.0019EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/09/17 2:56 p.m.4 views

CVE-2022-50355

In the Linux kernel, the following vulnerability has been resolved: staging: vt6655: fix some erroneous memory clean-up loops In some initialization functions of this driver, memory is allocated with 'i' acting as an index variable and increasing from 0. The commit in "Fixes" introduces some...

5.5CVSS5.4AI score0.0019EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/09/16 8:6 a.m.3 views

CVE-2023-53263 drm/nouveau/disp: fix use-after-free in error handling of nouveau_connector_create

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/disp: fix use-after-free in error handling of nouveauconnectorcreate We can't simply free the connector after calling drmconnectorinit on it. We need to clean up the drm side first. It might not fix all regressions fr...

8.2AI score0.00147EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/08/27 3:33 p.m.2 views

kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove()

In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fix use-after-free issue in ishtphidremove The system can experience a random crash a few minutes after the driver is removed. This issue occurs due to improper handling of memory freeing in the ishtphidremove...

7.8CVSS6.8AI score0.00203EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/08/05 6:1 p.m.3 views

kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove()

In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fix use-after-free issue in ishtphidremove The system can experience a random crash a few minutes after the driver is removed. This issue occurs due to improper handling of memory freeing in the ishtphidremove...

7.8CVSS6.8AI score0.00203EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/06/12 12:0 a.m.5 views

PT-2025-49373

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s handling of page faults within secret memory files created using memfd secret2. Concurrent page faults in the same page by multiple tasks can lead to ...

4.6CVSS6.2AI score0.00179EPSS
Exploits0
OSV
OSV
added 2024/08/17 10:15 a.m.2 views

DEBIAN-CVE-2024-43856

In the Linux kernel, the following vulnerability has been resolved: dma: fix call order in dmamfreecoherent dmamfreecoherent frees a DMA allocation, which makes the freed vaddr available for reuse, then calls devresdestroy to remove and free the data structure used to track the DMA allocation...

5.5CVSS5.5AI score0.00398EPSS
Exploits0References1
OSV
OSV
added 2024/02/29 3:52 p.m.9 views

CVE-2024-26619 riscv: Fix module loading free order

In the Linux kernel, the following vulnerability has been resolved: riscv: Fix module loading free order Reverse order of kfree calls to resolve use-after-free error...

7.8CVSS6.6AI score0.00275EPSS
Exploits0References5
Rows per page
Query Builder