CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

116 matches found

Linux Distros Unpatched Vulnerability : CVE-2026-45876

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: arm64/gcs: Fix error handling in archsetshadowstackstatus allocgcs returns an error-encoded...

5.7AI score0.00022EPSS

Exploits0References2

EUVD•added 2026/05/27 3:33 p.m.•2 views

EUVD-2026-32342

In the Linux kernel, the following vulnerability has been resolved: arm64/gcs: Fix error handling in archsetshadowstackstatus allocgcs returns an error-encoded pointer on failure, which comes from dommap, not NULL. The current NULL check fails to detect errors, which could lead to using an invali...

5.8AI score0.00022EPSS

Exploits0References4

OSV•added 2026/05/27 2:17 p.m.•1 views

UBUNTU-CVE-2026-45876

5.7AI score0.00022EPSS

Exploits0References3

Cvelist•added 2026/05/27 12:16 p.m.•32 views

CVE-2026-45876 arm64/gcs: Fix error handling in arch_set_shadow_stack_status()

0.00022EPSS

Exploits0References3

Positive Technologies•added 2026/05/27 12:0 a.m.•6 views

PT-2026-43743

In the Linux kernel, the following vulnerability has been resolved: arm64/gcs: Fix error handling in arch set shadow stack status alloc gcs returns an error-encoded pointer on failure, which comes from do mmap, not NULL. The current NULL check fails to detect errors, which could lead to using an...

5.8AI score0.00022EPSS

Exploits0References4

CNNVD•added 2026/05/27 12:0 a.m.•6 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of NULL pointer checks in the archsetshadowstackstatus function within the arm64 GCS...

5.8AI score0.00022EPSS

Exploits0References3

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: arm64: gcs: Do not set PTESHARED on GCS mappings if FEATLPA2 is enabled When FEATLPA2 is enabled, bits 8-9 of the PTE replace the shareability attribute with bits 50-51 of the output address. The PAGEGCS,RO definitions include th...

5.5CVSS5.7AI score0.00017EPSS

Exploits0References1

OSV•added 2026/05/12 8:38 a.m.•3 views

BIT-ARGO-WORKFLOWS-2026-42295 Argo Workflows: Exposure of artifact repository credentials

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From version 4.0.0 to before version 4.0.5, the workflow executor logs all artifact repository credentials S3 access keys, secret keys, GCS service account keys, Azure account keys, Gi...

8.5CVSS5.7AI score0.00042EPSS

Exploits1References3

Cvelist•added 2026/05/04 4:37 p.m.•24 views

CVE-2026-42811 Apache Polaris: could broaden vended GCS credentials through unescaped identifier content in access-boundary CEL conditions

In plain terms, Apache Polaris is supposed to issue short-lived GCS credentials that only work for one table's files, but a crafted namespace or table name can cause those credentials to work across the configured bucket instead. Apache Polaris builds Google Cloud Storage downscoped credentials b...

9.9CVSS0.00114EPSS

Exploits0References1

EUVD•added 2026/05/04 4:37 p.m.•1 views

EUVD-2026-27038

9.9CVSS5.7AI score0.00114EPSS

Exploits0References1

Positive Technologies•added 2026/05/04 12:0 a.m.•3 views

PT-2026-37193

Name of the Vulnerable Software and Affected Versions Argo Workflows versions 4.0.0 through 4.0.4 Description The workflow executor logs artifact repository credentials in plaintext during artifact operations. This occurs because the logging driver passes the entire ArtifactDriver struct to the...

8.5CVSS5.8AI score0.00042EPSS

Exploits1References13

SUSE CVE•added 2026/03/25 4:55 p.m.•1 views

SUSE CVE-2026-23345

5.5CVSS5.8AI score0.00017EPSS

Exploits0References3

NVD•added 2026/03/25 11:16 a.m.•0 views

CVE-2026-23345

5.5CVSS0.00017EPSS

Exploits0References3

UbuntuCve•added 2026/03/25 11:16 a.m.•3 views

CVE-2026-23345

5.5CVSS5.8AI score0.00017EPSS

Exploits0References5

OSV•added 2026/03/25 11:16 a.m.•0 views

UBUNTU-CVE-2026-23345

5.5CVSS5.7AI score0.00017EPSS

Exploits0References6

OSV•added 2026/03/25 10:27 a.m.•1 views

CVE-2026-23345 arm64: gcs: Do not set PTE_SHARED on GCS mappings if FEAT_LPA2 is enabled

5.5CVSS5.8AI score0.00017EPSS

Exploits0References6

Cvelist•added 2026/03/25 10:27 a.m.•15 views

CVE-2026-23345 arm64: gcs: Do not set PTE_SHARED on GCS mappings if FEAT_LPA2 is enabled

0.00017EPSS

Exploits0References3

CVE•added 2026/03/25 10:27 a.m.•5 views

CVE-2026-23345

The CVE-2026-23345 issue affects the Linux kernel on ARM64 with Graphics Control System (GCS) mappings when FEAT_LPA2 is enabled. The root cause is incorrect handling of PTE_SHARED bits in GCS memory mappings, which can trigger a kernel panic (DoS) due to a bad page table translation. The recomme...

5.5CVSS5.7AI score0.00017EPSS

Exploits0References3Affected Software1

Debian CVE•added 2026/03/25 10:27 a.m.•1 views

CVE-2026-23345

5.5CVSS5.2AI score0.00017EPSS

Exploits0

Positive Technologies•added 2026/03/25 12:0 a.m.•2 views

PT-2026-27710

In the Linux kernel, the following vulnerability has been resolved: arm64: gcs: Do not set PTE SHARED on GCS mappings if FEAT LPA2 is enabled When FEAT LPA2 is enabled, bits 8-9 of the PTE replace the shareability attribute with bits 50-51 of the output address. The PAGE GCS, RO definitions inclu...

5.7AI score0.00017EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by