Lucene search
+L

115 matches found

cve
cve
added 2026/07/01 1:32 p.m.19 views

CVE-2026-53348

CVE-2026-53348 concerns the Linux kernel ASoC SDCA subsystem. A NULL pointer dereference in sdca_dev_unregister_functions (due to func_dev entries that may be NULL when cleanup occurs) could trigger a kernel oops during device cleanup. The issue arises when a function registration partially fails...

5.8AI score0.00145EPSS
Exploits0References2
euvd
euvd
added 2026/07/01 1:32 p.m.8 views

EUVD-2026-40982

In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: fix NULL pointer dereference in sdcadevunregisterfunctions sdcadevunregisterfunctions iterates over all SDCA function descriptors and calls sdcadevunregister on each funcdev without checking for NULL. When a function...

5.8AI score0.00145EPSS
Exploits0References2
nvd
nvd
added 2026/04/24 3:16 p.m.5 views

CVE-2026-31662

In the Linux kernel, the following vulnerability has been resolved: tipc: fix bcackers underflow on duplicate GRPACKMSG The GRPACKMSG handler in tipcgroupprotorcv currently decrements bcackers on every inbound group ACK, even when the same member has already acknowledged the current broadcast...

7.5CVSS0.00389EPSS
Exploits0References8
osv
osv
added 2026/04/24 3:16 p.m.8 views

DEBIAN-CVE-2026-31662

In the Linux kernel, the following vulnerability has been resolved: tipc: fix bcackers underflow on duplicate GRPACKMSG The GRPACKMSG handler in tipcgroupprotorcv currently decrements bcackers on every inbound group ACK, even when the same member has already acknowledged the current broadcast...

7.5CVSS5.3AI score0.00389EPSS
Exploits0References1
euvd
euvd
added 2026/04/24 2:45 p.m.6 views

EUVD-2026-25555

In the Linux kernel, the following vulnerability has been resolved: tipc: fix bcackers underflow on duplicate GRPACKMSG The GRPACKMSG handler in tipcgroupprotorcv currently decrements bcackers on every inbound group ACK, even when the same member has already acknowledged the current broadcast...

5.4AI score0.00389EPSS
Exploits0References8
attackerkb
attackerkb
added 2026/04/24 2:45 p.m.5 views

CVE-2026-31662

In the Linux kernel, the following vulnerability has been resolved: tipc: fix bcackers underflow on duplicate GRPACKMSG The GRPACKMSG handler in tipcgroupprotorcv currently decrements bcackers on every inbound group ACK, even when the same member has already acknowledged the current broadcast...

5.4AI score0.00389EPSS
Exploits0References9Affected Software1
cve
cve
added 2026/04/24 2:45 p.m.22 views

CVE-2026-31662

CVE-2026-31662 concerns the Linux kernel’s TIPc grouping protocol. The bug in tipc_group_proto_rcv() decrements bc_ackers for every inbound GRP_ACK_MSG, even if the sender already acknowledged the current broadcast round. Since bc_ackers is a 16-bit unsigned, a duplicate ACK after the last legiti...

7.5CVSS5.4AI score0.00389EPSS
Exploits0References8Affected Software1
ptsecurity
ptsecurity
added 2026/04/24 12:0 a.m.9 views

PT-2026-35014

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The GRP ACK MSG handler in the tipc group proto rcv function decrements the bc ackers variable on every inbound group ACK, including duplicate ACKs from members who have already...

7.5CVSS5.2AI score0.00389EPSS
Exploits0
susecve
susecve
added 2026/04/14 11:25 p.m.8 views

SUSE CVE-2026-40109

Flux notification-controller is the event forwarder and notification dispatcher for the GitOps Toolkit controllers. Prior to 1.8.3, the gcr Receiver type in Flux notification-controller does not validate the email claim of Google OIDC tokens used for Pub/Sub push authentication. This allows any...

3.1CVSS5.8AI score0.00127EPSS
Exploits0References3
redhatcve
redhatcve
added 2026/04/14 7:23 p.m.7 views

CVE-2026-40109

Flux notification-controller is the event forwarder and notification dispatcher for the GitOps Toolkit controllers. Prior to 1.8.3, the gcr Receiver type in Flux notification-controller does not validate the email claim of Google OIDC tokens used for Pub/Sub push authentication. This allows any...

3.1CVSS5.8AI score0.00127EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/04/01 5:3 p.m.3 views

CVE-2026-34210

mppx is a TypeScript interface for machine payments protocol. Prior to version 0.4.11, the stripe/charge payment method did not check Stripe's Idempotent-Replayed response header when creating PaymentIntents. An attacker could replay a valid credential containing the same spt token against a new...

8.1CVSS5.8AI score0.00494EPSS
Exploits0References1
nvd
nvd
added 2026/03/31 3:16 p.m.5 views

CVE-2026-34210

mppx is a TypeScript interface for machine payments protocol. Prior to version 0.4.11, the stripe/charge payment method did not check Stripe's Idempotent-Replayed response header when creating PaymentIntents. An attacker could replay a valid credential containing the same spt token against a new...

8.1CVSS0.00494EPSS
Exploits0References3
attackerkb
attackerkb
added 2026/03/31 2:10 p.m.5 views

CVE-2026-34210

mppx is a TypeScript interface for machine payments protocol. Prior to version 0.4.11, the stripe/charge payment method did not check Stripe's Idempotent-Replayed response header when creating PaymentIntents. An attacker could replay a valid credential containing the same spt token against a new...

6CVSS5.8AI score0.00494EPSS
Exploits0References4Affected Software1
cve
cve
added 2026/03/31 2:10 p.m.11 views

CVE-2026-34210

The cvE-2026-34210 issue affects the mppx TypeScript interface for the machine payments protocol. Prior to version 0.4.11, the stripe/charge method did not validate Stripe’s Idempotent-Replayed header when creating PaymentIntents, allowing an attacker to replay a valid credential with the same sp...

8.1CVSS5.8AI score0.00494EPSS
Exploits0References3Affected Software1
cnnvd
cnnvd
added 2026/03/31 12:0 a.m.10 views

mppx 安全漏洞

MPPX is a blockchain-based payment protocol SDK developed by Wevm. Versions of MPPX prior to 0.4.11 contained security vulnerabilities. These vulnerabilities stemmed from the stripe/charge payment method not checking Stripe’s Idempotent-Replayed response header, which could allow attackers to...

8.1CVSS5.8AI score0.00494EPSS
Exploits0References3
osv
osv
added 2026/03/29 3:11 p.m.5 views

GHSA-8MHJ-RFFC-RCVW mppx has Stripe charge credential replay via missing idempotency check

Impact The stripe/charge payment method did not check Stripe's Idempotent-Replayed response header when creating PaymentIntents. An attacker could replay a valid credential containing the same spt token against a new challenge, and the server would accept the replayed Stripe PaymentIntent as a ne...

6CVSS5.9AI score0.00494EPSS
Exploits0References6
github
github
added 2026/03/29 3:11 p.m.5 views

mppx has Stripe charge credential replay via missing idempotency check

Impact The stripe/charge payment method did not check Stripe's Idempotent-Replayed response header when creating PaymentIntents. An attacker could replay a valid credential containing the same spt token against a new challenge, and the server would accept the replayed Stripe PaymentIntent as a ne...

8.1CVSS5.9AI score0.00494EPSS
Exploits0References6Affected Software1
ptsecurity
ptsecurity
added 2026/03/29 12:0 a.m.10 views

PT-2026-28608

Impact The stripe/charge payment method did not check Stripe's Idempotent-Replayed response header when creating PaymentIntents. An attacker could replay a valid credential containing the same spt token against a new challenge, and the server would accept the replayed Stripe PaymentIntent as a ne...

6CVSS5.9AI score0.00494EPSS
Exploits0References7
nessus
nessus
added 2026/03/02 12:0 a.m.3 views

SUSE SLES11: kernel-default / kernel-default-base / kernel-default-devel / etc (SUSE-SU-2026:0688-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0688-1 advisory. The SUSE Linux Enterprise 11 SP4 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2021-0920:...

6.9CVSS6.8AI score0.00811EPSS
Exploits0References7
suse
suse
added 2026/02/27 3:9 p.m.4 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 11 SP4 kernel was updated to fix various security issues The following security issues were fixed: CVE-2021-0920: net: split out functions related to registering inflight socket files bsc1193731. CVE-2025-38177: schhfsc: make hfscqlennotify idempotent bsc1245986. Special...

7.8CVSS6AI score0.00811EPSS
Exploits0References8
Rows per page
Query Builder