Lucene search
+L

5343 matches found

Positive Technologies
Positive Technologies
added 4 days ago6 views

PT-2026-58505

Name of the Vulnerable Software and Affected Versions Windows DHCP Server affected versions not specified Description A double free issue exists in the Windows DHCP Server, which could allow an authorized attacker to execute arbitrary code over a network. A double free occurs when the program...

7.5CVSS6.3AI score0.00618EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 5 days ago6 views

kernel: nvmet-tcp: fix race between ICReq handling and queue teardown

A flaw was found in the Linux kernel's NVMe over TCP nvmet-tcp implementation. A race condition exists between the handling of an Initialization Connection Request ICReq and the teardown of a queue. A remote attacker, by sending an ICReq and immediately closing the connection, could trigger a...

9.8CVSS6.1AI score0.00353EPSS
Exploits0References5
OSV
OSV
added 2026/07/07 12:5 p.m.6 views

RLSA-2026:34355 Moderate: mod_http2 security, bug fix, and enhancement update

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: httpd: modhttp2: Apache HTTP Server modhttp2: Use After Free vulnerability allows arbitrary code execution or denial of service. CVE-2026-48913 httpd: Apache HTTP Server:...

7.3CVSS6.6AI score0.00525EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/07/07 12:38 a.m.6 views

CVE-2026-14604

A flaw was found in Open Asset Import Library Assimp. This vulnerability, a double free, exists within the PLY Model Handler component. A remote attacker could exploit this flaw by manipulating PLY model files, leading to a denial of service and making the application unavailable. Mitigation To...

6.5CVSS6AI score0.00233EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/07/06 11:15 a.m.40 views

CVE-2025-15667 GPAC MP4Box avc_ext.c gf_isom_nalu_sample_rewrite double free

A vulnerability was determined in GPAC up to 2.5-DEV. This vulnerability affects the function gfisomnalusamplerewrite of the file src/isomedia/avcext.c of the component MP4Box. This manipulation of the argument naluoutbs causes double free. It is possible to launch the attack on the local host. T...

4.8CVSS0.00112EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/07/06 11:15 a.m.6 views

CVE-2025-15667

A vulnerability was determined in GPAC up to 2.5-DEV. This vulnerability affects the function gfisomnalusamplerewrite of the file src/isomedia/avcext.c of the component MP4Box. This manipulation of the argument naluoutbs causes double free. It is possible to launch the attack on the local host. T...

4.8CVSS5.4AI score0.00112EPSS
Exploits0References8
OSV
OSV
added 2026/07/06 6:27 a.m.6 views

OESA-2026-2848 alsa-lib security update

The alsa-lib is a library to interface with ALSA in the Linux kernel and virtual devices using a plugin system. More detail: https://alsa.opensrc.org/Alsa-lib Security Fixes: The Advanced Linux Sound Architecture ALSA library before 1.2.16.1 contains a double-free vulnerability in parsedef in...

7CVSS6AI score0.00138EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-58381

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in GIMP's PSP file format parser. A double-free condition occurs in the readlayerblock function when processing a specially crafted PSP file...

6.1CVSS6.2AI score0.00118EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/07/01 4:54 p.m.7 views

Moderate: Red Hat Security Advisory: mod_http2 security, bug fix, and enhancement update

An update for modhttp2 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.3CVSS6.4AI score0.00525EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-14102

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS6.2AI score0.00253EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:16 p.m.6 views

DEBIAN-CVE-2026-13775

Use after free in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.8CVSS5.8AI score0.00314EPSS
Exploits0References1
OSV
OSV
added 2026/06/28 8:50 a.m.3 views

SUSE-SU-2026:22291-1 Security update for alsa

This update for alsa fixes the following issue - CVE-2026-56109: double-free vulnerability in parsedef in src/conf.c that allows attackers to corrupt memory bsc1268853...

7CVSS5.8AI score0.00138EPSS
Exploits0References3
NVD
NVD
added 2026/06/23 4:17 a.m.14 views

CVE-2026-55653

A flaw was found in OpenSSH. A malicious SSH server can exploit a double free vulnerability in the Diffie-Hellman Group Exchange DH-GEX client path. This occurs during FIPS Federal Information Processing Standards mode known-group validation when the client processes attacker-controlled DH-GEX...

6.5CVSS0.00242EPSS
Exploits1References3
OSV
OSV
added 2026/06/11 12:0 a.m.14 views

ALSA-2026:25217 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: scsi: target: iscsi: Fix use-after-free in iscsitdecconnusagecount CVE-2026-23216 kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service CVE-2026-31419 kernel:...

9.8CVSS5.5AI score0.00563EPSS
Exploits0References24
EUVD
EUVD
added 2026/06/10 9:22 p.m.10 views

EUVD-2026-36155

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, a crafted MSL image can trigger a heap-use-after-free. Versions 7.1.2.23 and 6.9.13-48 fix the issue...

6.2CVSS5.4AI score0.00301EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:38 p.m.12 views

CVE-2026-34867

Double free vulnerability in the multi-mode input system. Impact: Successful exploitation of this vulnerability may affect availability...

5.6CVSS5.4AI score0.00088EPSS
Exploits0References1
OSV
OSV
added 2026/05/29 4:3 p.m.13 views

RLSA-2026:19154 Important: giflib security update

giflib is a library for reading and writing gif images. Security Fixes: giflib: Giflib: Double-free vulnerability leading to memory corruption CVE-2026-23868 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to th...

7CVSS7.1AI score0.00144EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2026/05/29 4:3 p.m.18 views

giflib security update

An update is available for giflib. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list giflib is a library for reading and writing gif images. Security Fixes: gifli...

7CVSS5.8AI score0.00144EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.53 views

Amazon Linux 2023 : mod_http2 (ALAS2023-2026-1724)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1724 advisory. Double Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol. This issue affects Apache HTTP Server: 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes...

8.8CVSS5.8AI score0.4581EPSS
Exploits16References4
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.23 views

RHEL 9 : kernel (RHSA-2026:20593)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:20593 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: proc: fix UAF in procgetinode...

8.1CVSS7.3AI score0.03663EPSS
Exploits17References16
Rows per page
Query Builder