Lucene search
K

275 matches found

NVD
NVD
added 2026/07/08 10:17 p.m.6 views

CVE-2026-54777

CoreWCF is a port of the service side of Windows Communication Foundation WCF to .NET Core. Prior to 1.8.1 and 1.9.1, CoreWCF NetNamedPipe transport accepts attachment to a pre-existing named pipe instance, allowing local interception of NetNamedPipe traffic when an attacker races NamedPipeListen...

6.5CVSS0.00088EPSS
Exploits0References5
NVD
NVD
added 2026/07/01 3:17 p.m.10 views

CVE-2026-6684

FatFs prior to R0.16 that use GPT scanning with 'FFLBA64 = 1' contains an issue where an unbounded loop count derived from GPT header field GPTHPtNum, enabling extremely long or effectively infinite mount-time scans. This maps to CWE-835 Loop with Unreachable Exit Condition. Estimated CVSS v3.1...

4.6CVSS0.00205EPSS
Exploits2References4
EUVD
EUVD
added 2026/07/01 1:45 p.m.7 views

EUVD-2026-40994

FatFs prior to R0.16 that use GPT scanning with 'FFLBA64 = 1' contains an issue where an unbounded loop count derived from GPT header field GPTHPtNum, enabling extremely long or effectively infinite mount-time scans. This maps to CWE-835 Loop with Unreachable Exit Condition. Estimated CVSS v3.1...

4.6CVSS5.8AI score0.00205EPSS
Exploits2References4
ATTACKERKB
ATTACKERKB
added 2026/07/01 1:45 p.m.7 views

CVE-2026-6684

FatFs prior to R0.16 that use GPT scanning with 'FFLBA64 = 1' contains an issue where an unbounded loop count derived from GPT header field GPTHPtNum, enabling extremely long or effectively infinite mount-time scans. This maps to CWE-835 Loop with Unreachable Exit Condition. Estimated CVSS v3.1...

4.6CVSS5.8AI score0.00205EPSS
Exploits2References5
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.7 views

PT-2026-54926

Name of the Vulnerable Software and Affected Versions FatFs versions prior to R0.16 Description An issue exists when using GPT scanning with FF LBA64 = 1 where an unbounded loop count is derived from the GPT header field GPTH PtNum. This can lead to extremely long or effectively infinite scans...

4.6CVSS6.1AI score0.00205EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-52996

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: fix durable fd leak on ClientGUID mismatch in durable v2 open ksmbdlookupfdcguid returns a ksmbdfile with its refcount incremented via ksmbdfpget...

5.5CVSS6.2AI score0.00188EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/26 12:3 a.m.5 views

CVE-2026-52996

A flaw was found in the ksmbd component of the Linux kernel. This vulnerability occurs when handling durable v2 open requests where a ClientGUID mismatch happens. An attacker can repeatedly send requests that trigger this mismatch, leading to a resource leak by preventing file descriptor referenc...

5.5CVSS5.8AI score0.00188EPSS
Exploits0References4
NVD
NVD
added 2026/06/24 5:17 p.m.6 views

CVE-2026-52996

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix durable fd leak on ClientGUID mismatch in durable v2 open ksmbdlookupfdcguid returns a ksmbdfile with its refcount incremented via ksmbdfpget. parsedurablehandlecontext in the DURABLEREQV2 case properly releases this...

5.5CVSS0.00188EPSS
Exploits0References5
CVE
CVE
added 2026/06/24 4:29 p.m.8 views

CVE-2026-52996

Technical details are not publicly available in the provided documents. Monitor for updates.

5.5CVSS6AI score0.00188EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/06/24 4:29 p.m.4 views

CVE-2026-52996 ksmbd: fix durable fd leak on ClientGUID mismatch in durable v2 open

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix durable fd leak on ClientGUID mismatch in durable v2 open ksmbdlookupfdcguid returns a ksmbdfile with its refcount incremented via ksmbdfpget. parsedurablehandlecontext in the DURABLEREQV2 case properly releases this...

5.5CVSS6AI score0.00188EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-51890

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A resource leak exists in the ksmbd component of the Linux kernel during the durable v2 open process. When the parse durable handle context function handles a DURABLE REQ V2 request, it...

5.5CVSS5.9AI score0.00188EPSS
Exploits0References18
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Support for specifying the srptserviceguid parameter. The current behavior is that setting this parameter while loading the ibsrpt kernel module triggers a kernel crash. BUG: Kernel NULL pointer dereferencing, address:...

5.5CVSS6.2AI score0.00255EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.11 views

SUSE SLED15 / SLES15 Security Update : python-Pygments (SUSE-SU-2026:1667-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:1667-1 advisory. - CVE-2026-4539: inefficient regex for GUID and ID pattern matching can lead to archetype lexer ReDoS bsc1260796. Tenab...

4.8CVSS5.8AI score0.00156EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.3 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-Pygments (SUSE-SU-2026:1666-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:1666-1 advisory. - CVE-2026-4539: inefficient regex for GUID and ID pattern matching can lead to archetype lexer ReDoS...

4.8CVSS5.8AI score0.00156EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2026/04/30 5:22 p.m.3 views

Security update for python-Pygments

This update for python-Pygments fixes the following issues: CVE-2026-4539: inefficient regex for GUID and ID pattern matching can lead to archetype lexer ReDoS bsc1260796. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypp...

3.3CVSS5.8AI score0.00156EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2026/04/30 5:22 p.m.3 views

Security update for python-Pygments

This update for python-Pygments fixes the following issues: CVE-2026-4539: inefficient regex for GUID and ID pattern matching can lead to archetype lexer ReDoS bsc1260796. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypp...

3.3CVSS5.8AI score0.00156EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.6 views

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007029)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007029 advisory. In the Linux kernel, the following vulnerability has been resolved: efivarfs: Fix slab-out-of-bounds in efivarfsdcompare Observed on kernel 6.6 present on master as...

7.1CVSS5.6AI score0.00152EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/20 7:22 p.m.12 views

CVE-2026-40306

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. All new installations of DNN 10.x.x - 10.2.1 have the same Host GUID. This does not affect upgrades from 9.x.x. Version 10.2.2 patches the issue...

6.9CVSS5.8AI score0.00175EPSS
Exploits0References1
NVD
NVD
added 2026/04/17 10:16 p.m.8 views

CVE-2026-40306

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. All new installations of DNN 10.x.x - 10.2.1 have the same Host GUID. This does not affect upgrades from 9.x.x. Version 10.2.2 patches the issue...

6.9CVSS0.00175EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/17 9:9 p.m.3 views

CVE-2026-40306

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. All new installations of DNN 10.x.x - 10.2.1 have the same Host GUID. This does not affect upgrades from 9.x.x. Version 10.2.2 patches the issue...

6.9CVSS5.8AI score0.00175EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder