Lucene search
K

702 matches found

RedhatCVE
RedhatCVE
added 6 days ago8 views

CVE-2026-53228

A flaw was found in the Linux kernel's Simple Internet Transition SIT tunnel driver for IPv6. When processing network traffic with Generic Segmentation Offload GSO enabled, the driver may use a stale pointer to the inner IPv6 header after the socket buffer skb head has been reallocated. This can...

9.8CVSS5.8AI score0.00559EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added last week6 views

CVE-2026-53189

A flaw was found in the Linux kernel's memory management, specifically within the huge page mechanism. When a huge page is split, the system updates a counter after releasing a reference to the memory. This timing issue can lead to the system attempting to read from memory that has already been...

7.8CVSS5.7AI score0.00138EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/25 8:1 p.m.21 views

CVE-2026-7531 Use-after-free in PQC hybrid key-share handling

Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026-5460 released in 5.9.1: a malicious TLS 1.3 server sending a truncated PQC hybrid KeyShare can still trigger the error cleanup path to operate on freed memory...

2.3CVSS0.00346EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/25 5:1 p.m.5 views

CVE-2026-57236

A flaw was found in Nokogiri, an XML and HTML library for Ruby. When an attacker provides an invalid encoding to the Documentencoding= function, the library frees the document's current encoding string without replacing it. This leaves the document referencing freed memory, which can lead to a...

8.2CVSS5.7AI score0.00331EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/23 8:6 p.m.5 views

libpng: libpng: Arbitrary code execution due to use-after-free vulnerability

A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...

7.5CVSS7AI score0.01052EPSS
Exploits1References10
Redos
Redos
added 2026/06/23 12:0 a.m.5 views

ROS-20260623-73-0042

The vulnerability of the bytes.decode function in the CPython interpreter relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

9.1CVSS6.2AI score0.00579EPSS
Exploits0
Snyk
Snyk
added 2026/06/19 7:34 p.m.4 views

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free in the optsymbolkeysset. An attacker can cause the application to read from freed memory by toggling the symbolkeys option from true to false on a reused parser instance and then invoking the parse method. Remediation...

8.7CVSS5.9AI score0.00428EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Added NULL checks when resetting request and reply queues. The driver encountered a crash during resource cleanup when the reply and request queues were NULL due to freed memory. This issue occurred when the creatio...

5.5CVSS5.6AI score0.00114EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.33 views

PT-2026-50769

Name of the Vulnerable Software and Affected Versions pam usb versions 0.9.1 and earlier Description The xfree memory release helper calls free without zeroing buffer contents first. This results in heap-allocated buffers containing sensitive data, such as one-time pad bytes read from disk, being...

4.7CVSS6AI score0.00109EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/13 12:34 a.m.9 views

EUVD-2026-36630

Software installed and run as a non-privileged user may conduct GPU system calls to write to arbitrary freed physical pages. Physical memory allocated and freed, without the deferred free mechanism can lead to those resources being used for read/write by the GPU after the kernel module has freed...

5.3AI score0.00118EPSS
Exploits0References2
CVE
CVE
added 2026/06/12 9:57 p.m.17 views

CVE-2026-41158

Summary of CVE-2026-41158: The vulnerability concerns GPU DDK where backed sparse PMRs are not handled by the deferred free mechanism after shrink, allowing a non-privileged user to perform GPU system calls that write to arbitrarily freed physical pages. The root cause is that physical memory all...

7.8CVSS5.3AI score0.00118EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.15 views

PT-2026-49023

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Software installed and run as a non-privileged user may perform GPU system calls to write to arbitrary freed physical pages. This occurs because physical memory...

5.2AI score0.00118EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/08 4:28 p.m.9 views

CVE-2026-46274

A flaw was found in the Linux kernel's input/output work queue io-wq component. This vulnerability occurs because the system incorrectly handles work queue entries, leading to a stale pointer. A local attacker could exploit this issue by manipulating work queue operations. Successful exploitation...

7.8CVSS5.4AI score0.00138EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/04 2:3 a.m.7 views

CVE-2026-8829

HTML::Entities versions before 3.84 for Perl read freed heap memory in decodeentities. The XS routine backing HTML::Entities::decodeentities cached a pointer repl into the entity-value SV returned by hvfetch on the entity2char hash. When the input SV was identical to a value SV in that hash, and...

5.9AI score0.0031EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the accidental reuse of freed memory due to an unexpected GFN in KVM x86 shadow paging...

8.8CVSS5.8AI score0.00126EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/05/27 10:18 p.m.8 views

CVE-2026-45984

A flaw was found in the Linux kernel's GFS2 filesystem. This memory corruption vulnerability, a use-after-free, occurs in the iomap inline data write path. The issue arises because a data buffer is released prematurely while still being referenced, leading to a write to freed memory. This could...

7.8CVSS5.9AI score0.0031EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/21 3:29 p.m.14 views

CVE-2026-43497

A flaw was found in the Linux kernel's udlfb driver. This use-after-free vulnerability occurs because the dlfbopsmmap function does not properly track active memory mappings. When the framebuffer is reallocated, existing memory page table entries PTEs are not invalidated. This allows a local...

7.3CVSS6.3AI score0.00113EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/16 12:0 a.m.13 views

Amazon Linux 2023 : curl, curl-minimal, libcurl (ALAS2023-2026-1699)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1699 advisory. When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory. CVE-2026-3805 Tenable has extracted the preceding description block...

7.5CVSS7.1AI score0.00715EPSS
Exploits2References4
SUSE CVE
SUSE CVE
added 2026/05/11 2:13 p.m.13 views

SUSE CVE-2026-43473

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Add NULL checks when resetting request and reply queues The driver encountered a crash during resource cleanup when the reply and request queues were NULL due to freed memory. This issue occurred when the creation o...

5.8AI score0.00114EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the reuse of freed percpu statistics information during the removenhgrpentry function. This could...

7.8CVSS5.8AI score0.00125EPSS
Exploits0References1
Rows per page
Query Builder