Lucene search
K

820 matches found

Positive Technologies
Positive Technologies
added 5 days ago9 views

PT-2026-52942

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the f2fs module, the f2fs sbi show function reads extension list, extension count, and hot ext count without holding the sb lock. If a concurrent sysfs store operation modifies the...

5.8AI score0.00172EPSS
Exploits0References9
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed the issue of not checking the atomicwrite status in f2fs ioctl interfaces. Some f2fs ioctl interfaces, such as f2fsiocsetpinfile, f2fsmovefilerange, and f2fsdefragmentrange, failed to check the atomicwrite status, whi...

4.7CVSS5.8AI score0.00157EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed the issue where preallocated blocks were truncated in f2fsfileopen. Chenyuwen has reported the following f2fs bugs: Unable to handle a NULL pointer dereferencing at the virtual address 0000000000000011...

5.5CVSS6.8AI score0.00237EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: f2fs: A fix was made to prevent race conditions during the fsyncentryslab access by multiple f2fs filesystem instances. As reported by syzbot, there is a use-after-free issue during f2fs recovery: A use-after-free occurs when...

5.5CVSS6.1AI score0.00232EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: f2fs: The issue of dereferencing a stale list iterator after the loop body has been executed has been fixed. The list iterator variable will become a bogus pointer if no break is executed. Dereferencing it in this case, cur-page...

5.5CVSS5.3AI score0.00241EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: We can avoid a panic if the extenttree is not created. This patch prevents the following panics: pc: lookupextenttree+0xd8/0x760 lr: f2fsdowritedatapage+0x104/0x87c sp: ffffffc010cbb3c0 x29: ffffffc010cbb3e0 x28:...

5.5CVSS5.4AI score0.0024EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/06/17 4:12 p.m.6 views

WordPress Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin <= 1.15.43 - Authenticated (Administrator+) SQL Injection vulnerability

Authenticated Administrator+ SQL Injection vulnerability discovered by Muhammad Arsalan Diponegoro tripoloski in WordPress Plugin Form Maker by 10Web versions = 1.15.43...

4.9CVSS5.9AI score0.00355EPSS
Exploits0References1Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/12 7:15 p.m.22 views

Malicious code in friendly-greeter-demo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab72d8364f58d27c6ba37063af62500b494b2fcb8961c1a2b40ed1d2feabdcfe friendly-greeter-demo ships two independent remote-code-execution channels that activate automatically. postinstall.js runs on npm install and...

5.8AI score
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-46194

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: fix nodecnt race between extent node destroy and writeback f2fsdestroyextentnode does not set FINOEXTENT before clearing extent nodes. When called from...

4.7CVSS5.7AI score0.00093EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/05/30 12:0 a.m.7 views

Optimal Routing and Link Configuration for Covert Heterogeneous Wireless Networks in the Presence of a Friendly Jammer

In modern radio networks, nodes frequently access multiple communication interfaces such as WiFi, cellular, LoRa, and Zigbee. Optimal utilization of such heterogeneous networks HetNets at link and network levels is essential for ensuring efficient and secure communication. Some applications requi...

5.8AI score
Exploits0
Debian CVE
Debian CVE
added 2026/05/28 9:36 a.m.8 views

CVE-2026-46175

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix fsck inconsistency caused by FGGC of node block During FGGC node block migration, fsck may incorrectly treat the migrated node block as fsync-written data. The reproduction scenario: root@vm:/mnt/f2fs seq 1 2048 | xargs...

7.1CVSS5.7AI score0.00124EPSS
Exploits0
GithubExploit
GithubExploit
added 2026/05/28 7:18 a.m.76 views

LazyAdmin-Writeup

LazyAdmin-Writeup Beginner-friendly TryHackMe LazyAdmin writeu...

5.9AI score
Exploits0
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the nodecnt competition between the destruction and write-back operations of extent nodes in f2fs...

5.8AI score0.00093EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/27 9:49 a.m.7 views

CVE-2026-42756 WordPress QuickWebP – Compress / Optimize Images & Convert WebP | SEO Friendly plugin <= 3.2.7 - Arbitrary File Deletion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Ludwig You QuickWebP Compress / Optimize Images & Convert WebP | SEO Friendly quickwebp allows Path Traversal.This issue affects QuickWebP Compress / Optimize Images & Convert WebP | SEO Friendly: from n...

9.9CVSS5.8AI score0.00336EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/14 9:38 a.m.12 views

WordPress Burst Statistics – Privacy-Friendly WordPress Analytics (Google Analytics Alternative) plugin 3.4.0-3.4.1.1 - 3.4.1.1 - Authentication Bypass to Admin Account Takeover vulnerability

Privacy-Friendly WordPress Analytics Google Analytics Alternative plugin 3.4.0-3.4.1.1 - 3.4.1.1 - Authentication Bypass to Admin Account Takeover vulnerability discovered by ? in WordPress Plugin Burst Statistics versions 3.4.0-3.4.1.1...

9.8CVSS5.8AI score0.14608EPSS
Exploits10References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/08 7:48 p.m.12 views

CVE-2026-43349

A flaw was found in the Linux kernel's Flash-Friendly File System f2fs. This vulnerability allows a local attacker to cause an uninitialized value access in the f2fssanitychecknodefooter function. This occurs when the system fails to read data from a device into a folio, potentially leading to...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References4
OSV
OSV
added 2026/05/08 2:16 p.m.9 views

UBUNTU-CVE-2026-43349

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid uninit-value access in f2fssanitychecknodefooter syzbot reported a f2fs bug as below: BUG: KMSAN: uninit-value in f2fssanitychecknodefooter+0x374/0xa20 fs/f2fs/node.c:1520 f2fssanitychecknodefooter+0x374/0xa20...

5.5CVSS5.7AI score0.00112EPSS
Exploits0References6
vulnersOsv
vulnersOsv
added 2026/05/07 5:35 p.m.4 views

friendly-frame (>=0.0.1 <=0.0.2) potentially affected by CVE-2025-63704 via query-string-parser (=0.2.4)

query-string-parser NPM version =0.2.4 is affected by a known vulnerability. The following packages have a transitive dependency on query-string-parser and may be impacted: - friendly-frame =0.0.1, =0.0.2 Source cves: CVE-2025-63704 Source advisory: SNYK:JS-QUERYSTRINGPARSER-17181191...

9.8CVSS5.4AI score0.00476EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/06 12:0 a.m.8 views

YARA-X 1.16.0

YARA-X is a re-incarnation of YARA, a pattern matching tool designed with malware researchers in mind. This new incarnation intends to be faster, safer and more user-friendly than its predecessor. The ultimate goal of YARA-X is replacing YARA as the default pattern matching tool for malware...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/01 8:33 p.m.7 views

CVE-2026-31715

A flaw was found in the Linux kernel's Flash-Friendly File System f2fs. A use-after-free vulnerability exists due to incorrect handling of page counts during concurrent write operations and unmounting. This can lead to a NULL pointer dereference, causing the system to panic and resulting in a...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References4
Rows per page
Query Builder