Lucene search
K

363 matches found

CNNVD
CNNVD
added 2026/02/14 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the overly strict threshold for dirty page requirements during metadata write operations,...

5.5CVSS5.8AI score0.00125EPSS
Exploits0References2
OSV
OSV
added 2026/02/04 4:16 p.m.7 views

UBUNTU-CVE-2026-23047

In the Linux kernel, the following vulnerability has been resolved: libceph: make calctarget set t-paused, not just clear it Currently calctarget clears t-paused if the request shouldn't be paused anymore, but doesn't ever set t-paused even though it's able to determine when the request should be...

5.7AI score0.00161EPSS
Exploits0References29
Snyk
Snyk
added 2026/02/02 10:3 p.m.4 views

Incorrect Control Flow Scoping

Overview Affected versions of this package are vulnerable to Incorrect Control Flow Scoping in promise resolving when AbortSignal option is used. The Promise remains in a permanently pending state after the signal is aborted, causing any await or .then usage to hang indefinitely. This can cause a...

4.8CVSS5.8AI score0.00112EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ATA: patavia: Force PIO for ATAPI devices on VT6415/VT6330. The controller has a hardware bug that can cause the system to hang unexpectedly when performing ATAPI DMA operations, with no clear indication of what happened. Dependi...

5.5CVSS6.3AI score0.00162EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.5 views

Azure Linux 3.0 Security Update: kernel (CVE-2024-40995)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-40995 advisory. - In the Linux kernel, the following vulnerability has been resolved: net/sched: actapi: fix possible infinite...

5.5CVSS6.7AI score0.00286EPSS
Exploits0References2
Snyk
Snyk
added 2026/01/20 10:47 p.m.2 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the Server: DDL component. An attacker can cause the application to hang or crash repeatedly by sending crafted requests over multiple protocols with high privileges. Remediation...

6.9CVSS5.5AI score0.00337EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/14 12:0 a.m.5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unnamed resource allocation that could cause critical boot hangs...

5.5CVSS6.3AI score0.00123EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.6 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition between wbtenabledefault and an IO commit, which could lead to counter inconsistencies and...

5.8AI score0.00155EPSS
Exploits0References2
OSV
OSV
added 2026/01/08 7:51 p.m.7 views

GHSA-87HC-H4R5-73F7 Werkzeug safe_join() allows Windows special device names with compound extensions

Werkzeug's safejoin function allows path segments with Windows device names that have file extensions or trailing spaces. On Windows, there are special device names such as CON, AUX, etc that are implicitly present and readable in every directory. Windows still accepts them with any file extensio...

6.3CVSS5.8AI score0.00424EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.6 views

PT-2026-6117

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description A flaw exists in the libceph component of the Linux kernel related to request pausing and watch re-establishment. Specifically, the calc target function does not consistently set the...

5.4AI score0.00161EPSS
Exploits0
CNNVD
CNNVD
added 2025/12/16 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not setting the AXI clock as critical, which could lead to bus timeouts and system hangs...

6.1AI score0.00158EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/12/13 12:0 a.m.9 views

FreeBSD : github-release-monitor -- multiple vulnerabilities (7a1bd1ca-cf40-41e2-9c5f-143a0d4b17af)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 7a1bd1ca-cf40-41e2-9c5f-143a0d4b17af advisory. https://nextjs.org/blog/security-update-2025-12-11 reports: A specifically crafted HTTP reques...

7.5CVSS6.5AI score0.65592EPSS
Exploits13References4
Snyk
Snyk
added 2025/12/11 10:36 p.m.12 views

Deserialization of Untrusted Data

Overview react-server-dom-turbopack is a React Server Components bindings for DOM using Turbopack. This is intended to be integrated into meta-frameworks. It is not intended to be imported directly. Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to unsaf...

8.7CVSS6.7AI score0.65592EPSS
Exploits13References2
EUVD
EUVD
added 2025/12/09 6:30 p.m.4 views

EUVD-2023-60151

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix infinite loop in nilfsmdtgetblock If the disk image that nilfs2 mounts is corrupted and a virtual block address obtained by block lookup for a metadata file is invalid, nilfsbmaplookupatlevel may return the same...

6.2AI score0.00225EPSS
Exploits0References10
OSV
OSV
added 2025/12/09 4:17 p.m.5 views

UBUNTU-CVE-2025-40332

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix mmap write lock not release If mmap write lock is taken while draining retry fault, mmap write lock is not released because svmrangerestorepages calls mmapreadunlock then returns. This causes deadlock and system...

5.7AI score0.00192EPSS
Exploits0References11
OSV
OSV
added 2025/12/09 12:0 a.m.5 views

CVE-2023-53797 HID: wacom: Use ktime_t rather than int when dealing with timestamps

In the Linux kernel, the following vulnerability has been resolved: HID: wacom: Use ktimet rather than int when dealing with timestamps Code which interacts with timestamps needs to use the ktimet type returned by functions like ktimeget. The int type does not offer enough space to store these...

6.4AI score0.00179EPSS
Exploits0References10
SUSE Linux
SUSE Linux
added 2025/12/03 12:34 p.m.4 views

Security update for cups

This update for cups fixes the following issues: The fix for CVE-2025-58436 causes a regression where GTK applications will hang. bsc1254353 See also https://github.com/OpenPrinting/cups/issues/1429 The fix has been temporary disabled. Patch Instructions: To install this SUSE update use the SUSE...

8.2CVSS7AI score0.00195EPSS
Exploits1References4
Snyk
Snyk
added 2025/11/29 3:39 a.m.4 views

Improper Handling of Windows Device Names

Overview Affected versions of this package are vulnerable to Improper Handling of Windows Device Names via the safejoin function. An attacker can cause the application to hang indefinitely by requesting a path ending with a Windows special device name, e.g. CON or NUL. Note: This is only vulnerab...

6.3CVSS6.8AI score0.00474EPSS
Exploits0References2
OSV
OSV
added 2025/11/29 3:16 a.m.6 views

ALPINE-CVE-2025-66221

Werkzeug is a comprehensive WSGI web application library. Prior to version 3.1.4, Werkzeug's safejoin function allows path segments with Windows device names. On Windows, there are special device names such as CON, AUX, etc that are implicitly present and readable in every directory...

5.3CVSS5.3AI score0.00474EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/11/12 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990848)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990848 advisory. In the Linux kernel, the following vulnerability has been resolved: virtiopmem: Check device status before requesting flush If a pmem device is in a bad status, the...

5.5CVSS6.4AI score0.00227EPSS
Exploits0References3
Rows per page
Query Builder