Lucene search
K

4038 matches found

Cvelist
Cvelist
added 5 days ago32 views

CVE-2026-55865 Python Liquid: Infinite loop when parsing malformed `{% case %}` tags

Python Liquid is a Python engine for the Liquid template language. Prior to 2.2.1, given a malformed % case % tag without an associated % when % or % else % block and no terminating % endcase % tag, Python Liquid hangs in an infinite loop at parse time because liquid.TokenStream.eof did not give...

7.1CVSS0.00451EPSS
Exploits0References3
NVD
NVD
added 5 days ago7 views

CVE-2026-54695

Pipecat is an open-source Python framework for building real-time voice and multimodal conversational agents. Prior to 1.4.0, the pipecat development runner registers a /ws WebSocket endpoint for telephony testing that accepts connections without authentication, reads an attacker-supplied callSid...

7.5CVSS0.00327EPSS
Exploits1References5
Cvelist
Cvelist
added 5 days ago32 views

CVE-2026-54695 Pipecat: Telephony WebSocket `/ws` Unauthenticated Call-Control Abuse via Attacker-Supplied Call SID

Pipecat is an open-source Python framework for building real-time voice and multimodal conversational agents. Prior to 1.4.0, the pipecat development runner registers a /ws WebSocket endpoint for telephony testing that accepts connections without authentication, reads an attacker-supplied callSid...

7.5CVSS0.00327EPSS
Exploits1References5
OSV
OSV
added 2026/07/01 2:16 p.m.4 views

UBUNTU-CVE-2026-53336

In the Linux kernel, the following vulnerability has been resolved: nvmem: layouts: onie-tlv: fix hang on unknown types The EEPROM on my board has a vendor specific entry of type 0x41. When stumbling upon that, this driver hangs in an endless loop. Fix it by keep incrementing the offset on unknow...

5.7AI score0.00156EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/06/29 7:48 a.m.5 views

CVE-2026-53279

A flaw was found in the Linux kernel's drm/gma500/oaktraillvds component. This issue occurs during the initialization of the Low-Voltage Differential Signaling LVDS display interface. Due to improper error handling, the system may attempt to deregister an I2C adapter that is still in use, causing...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53279

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/gma500/oaktraillvds: fix hang on init failure The LVDS init code looks up an I2C adapter using i2cgetadapter and tries to read the EDID before falling back ...

5.5CVSS6AI score0.00122EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/26 7:40 p.m.6 views

CVE-2026-53279

In the Linux kernel, the following vulnerability has been resolved: drm/gma500/oaktraillvds: fix hang on init failure The LVDS init code looks up an I2C adapter using i2cgetadapter and tries to read the EDID before falling back to allocating and registering its own adapter. The error handling doe...

5.8AI score0.00122EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2026/06/26 7:40 p.m.1 views

CVE-2026-53279 drm/gma500/oaktrail_lvds: fix hang on init failure

In the Linux kernel, the following vulnerability has been resolved: drm/gma500/oaktraillvds: fix hang on init failure The LVDS init code looks up an I2C adapter using i2cgetadapter and tries to read the EDID before falling back to allocating and registering its own adapter. The error handling doe...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/06/26 4:31 p.m.10 views

CVE-2026-53063

A flaw was found in the Linux kernel's device-mapper dm cache component. Incomplete logic within the invalidateremove function, which handles write operations after cache invalidation, can lead to a system hang. This occurs because the function sets up remapping for write operations but fails to...

5.5CVSS5.7AI score0.0018EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53063

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm cache: fix write hang in passthrough mode The invalidateremove function has incomplete logic for handling write hit bios after cache invalidation. It sets up...

6AI score0.0018EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 4:30 p.m.6 views

EUVD-2026-38931

In the Linux kernel, the following vulnerability has been resolved: dm cache: fix write hang in passthrough mode The invalidateremove function has incomplete logic for handling write hit bios after cache invalidation. It sets up the remapping for the overwritebio but then drops it immediately...

5.7AI score0.0018EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: PCI/P2PDMA: Release the per-CPU pgmap reference when vminsertpage fails. When vminsertpage fails in p2pmemallocmmap, p2pmemallocmmap does not invoke percpurefput to free the per-CPU reference to pgmap acquired after...

5.5CVSS6AI score0.00155EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: libceph: The calctarget function should set t-paused, rather than simply clearing it. Currently, calctarget clears t-paused if the request should no longer be paused. However, it never sets t-paused, even though it can determine...

5.7AI score0.00161EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Viawdt: fixed a critical boot hang caused by unnamed resource allocation. The VIA watchdog driver uses allocateresource to reserve a MMIO region for the watchdog control register. However, the allocated resource was not given a...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: vhost-scsi: Fixed the handling of multiple calls to vhostscsisetendpoint. If vhostscsisetendpoint is called multiple times without a vhostscsiclearendpoint between them, we may encounter several bugs identified by Haoran Zhang...

7.8CVSS6.5AI score0.00183EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: nilfs2: A potential block overflow issue that could cause system hangs has been fixed. When a user executes the FITRIM command, a underflow can occur when calculating nblocks, if the endblock is too small. Since nblocks is of the...

5.5CVSS5.8AI score0.00118EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: uacce: Fixed the handling of cdev in the cleanup path. When cdevdeviceadd fails, it internally releases the cdev memory. If cdevdevicedel is then executed, it will cause a hang error. To fix this issue, we check the return value ...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-51957

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the dm cache passthrough mode where the invalidate remove function contains incomplete logic for handling write hit bios following cache invalidation. The system sets ...

5.9AI score0.0018EPSS
Exploits0References15
OSV
OSV
added 2026/06/22 9:16 p.m.4 views

UBUNTU-CVE-2026-47241

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to 0.6.5 and 0.5.15, several Net::IMAP commands accept a raw string argument which is only validated to prevent CRLF injection and then sent verbatim. If this string is derived from user-controlled inpu...

2.1CVSS5.8AI score0.00239EPSS
Exploits0References3
OSV
OSV
added 2026/06/22 12:34 p.m.2 views

SUSE-SU-2026:2490-1 Security update for libarchive

This update for libarchive fixes the following issues - CVE-2025-60753: bsdtar hangs and OOMs with zero-length pattern matches bsc1253088. - CVE-2026-4111: logical deadlock the RAR5 filter subsystem and the half-window output limiter leads to infinite loop and DoS bsc1259635. - CVE-2026-4424:...

9.8CVSS7.2AI score0.01073EPSS
Exploits1References11
Rows per page
Query Builder