CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

28 matches found

EUVD-2026-38964

In the Linux kernel, the following vulnerability has been resolved: bpf: Use RCU-safe iteration in devmapredirectmulti SKB path The DEVMAPHASH branch in devmapredirectmulti uses hlistforeachentrysafe to iterate hash buckets, but this function runs under RCU protection called from...

5.7AI score0.00176EPSS

Exploits0References7

AstraLinux•added 2026/06/19 11:10 a.m.•4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: gtp: Fixed the use-after-free issue in gtpdellink. Since the callrcu function, which is called during the hlistforeachentryrcu traversal of gtpdellink, is not part of the RCU read critical section, it is possible that the RC...

7.8CVSS6.2AI score0.00244EPSS

Exploits0References2

SUSE CVE•added 2026/05/31 1:32 a.m.•17 views

SUSE CVE-2026-46242

In the Linux kernel, the following vulnerability has been resolved: eventpoll: fix epremove struct eventpoll / struct file UAF epremove via epremovefile cleared file-fep under file-flock but then kept using @file inside the critical section isfileepoll, hlistdelrcu through the head, spinunlock. A...

5.5CVSS5.8AI score0.00123EPSS

Exploits0References3

EUVD•added 2026/05/30 12:13 p.m.•17 views

EUVD-2026-33459

5.8AI score0.00123EPSS

Exploits0References3

NVD•added 2026/05/28 10:16 a.m.•9 views

CVE-2026-46116

In the Linux kernel, the following vulnerability has been resolved: xfrm: defensively unhash xfrmstate lists in xfrmstatedelete KASAN reproduces a slab-use-after-free in xfrmstatedelete's hlistdelrcu calls under syzkaller load on linux-6.12.y stable reproduced on 6.12.47, also reachable via the...

7.8CVSS0.00126EPSS

Exploits0References7

OSV•added 2026/05/28 10:16 a.m.•4 views

UBUNTU-CVE-2026-46116

7.8CVSS5.8AI score0.00126EPSS

Exploits0References8

EUVD•added 2026/05/28 9:35 a.m.•10 views

EUVD-2026-32875

5.8AI score0.00126EPSS

Exploits0References5

Positive Technologies•added 2026/05/28 12:0 a.m.•14 views

PT-2026-44239

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.47 Description A slab-use-after-free and out-of-bounds write issue exists in the Linux kernel's xfrm module. The problem occurs within the xfrm state delete function, where unhashing of byseq and byspi lists...

7.8CVSS5.9AI score0.00126EPSS

Exploits0

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: raw: Fixed NULL dereference in rawgetnext. Dae R. Jeong reported a NULL dereference in rawgetnext. It seems that the reproduction test was running these sequences in parallel, so one thread was iterating over a socket that was...

5.5CVSS5.5AI score0.00145EPSS

Exploits0References1

Tenable Nessus•added 2026/04/22 12:0 a.m.•4 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013550)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013550 advisory. In the Linux kernel, the following vulnerability has been resolved: mrp: introduce active flags to prevent UAF when applicant uninit The caller of deltimersync must...

5.9AI score0.00196EPSS

Exploits0References4

RedhatCVE•added 2025/12/25 1:23 p.m.•5 views

CVE-2023-53987

A flaw was found in the Linux kernel. A local attacker could exploit a potential NULL dereference vulnerability in the ping socket handling when accessing /proc/net/icmp. This issue arises from an incorrect use of Read-Copy Update RCU instead of a spinlock. Successful exploitation of this flaw...

5.5CVSS5.7AI score0.00167EPSS

Exploits0References4

Cvelist•added 2025/12/24 10:55 a.m.•26 views

CVE-2023-53987 ping: Fix potentail NULL deref for /proc/net/icmp.

In the Linux kernel, the following vulnerability has been resolved: ping: Fix potentail NULL deref for /proc/net/icmp. After commit dbca1596bbb0 "ping: convert to RCU lookups, get rid of rwlock", we use RCU for ping sockets, but we should use spinlock for /proc/net/icmp to avoid a potential NULL...

0.00167EPSS

Exploits0References3

EUVD•added 2025/12/08 3:31 a.m.•3 views

EUVD-2025-201639

In the Linux kernel, the following vulnerability has been resolved: orangefs: fix xattr related buffer overflow... Willy Tarreau forwarded me a message from Disclosure with the following warning: The helper xattrkey uses the pointer variable in the loop condition rather than dereferencing it. As...

6AI score0.00182EPSS

Exploits0References9

Cvelist•added 2025/12/08 12:46 a.m.•25 views

CVE-2025-40306 orangefs: fix xattr related buffer overflow...

0.00182EPSS

Exploits0References8

Tenable Nessus•added 2025/10/07 12:0 a.m.•1 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986532)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986532 advisory. In the Linux kernel, the following vulnerability has been resolved: net: gtp: Fix Use-After-Free in gtpdellink Since callrcu, which is called in the...

7.8CVSS6.2AI score0.00244EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-59778

Malicious code in bioql PyPI...

7.6AI score0.00145EPSS

Exploits0References4

SUSE CVE•added 2025/09/15 11:27 p.m.•1 views

SUSE CVE-2023-53198

In the Linux kernel, the following vulnerability has been resolved: raw: Fix NULL deref in rawgetnext. Dae R. Jeong reported a NULL deref in rawgetnext 0. It seems that the repro was running these sequences in parallel so that one thread was iterating on a socket that was being freed in another...

5.5CVSS7AI score0.00145EPSS

Exploits0References3

NVD•added 2025/09/15 2:15 p.m.•3 views

CVE-2023-53198

5.5CVSS0.00145EPSS

Exploits0References3

OSV•added 2025/09/15 2:15 p.m.•3 views

DEBIAN-CVE-2023-53198

5.5CVSS5.4AI score0.00145EPSS

Exploits0References1

OSV•added 2025/09/15 2:15 p.m.•5 views

UBUNTU-CVE-2023-53198