Lucene search
K

266 matches found

RedHat Linux
RedHat Linux
added yesterday4 views

kernel: crypto: algif_aead - Revert to operating out-of-place

A flaw was found in the Linux kernel's algifaead cryptographic algorithm interface. An incorrect in-place operation causes source and destination data mappings to differ during cryptographic processing. A low-privileged local attacker can exploit this flaw to corrupt the contents of sensitive...

7.8CVSS7.3AI score0.96775EPSS
Exploits228References14
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: crypto: essiv – The ssizei check is moved to the beginning of essivaeadcrypt, so it is also checked for decryption and in-place encryption operations...

5.7AI score0.00274EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/06/19 12:0 a.m.5 views

EulerOS Virtualization 2.10.1 : kernel (EulerOS-SA-2026-2429)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : xfrm: esp: avoid in-place decrypt on shared skb fragsCVE-2026-43284 crypto: algifaead - Revert to operating...

8.8CVSS7.1AI score0.96775EPSS
Exploits255References3
OSV
OSV
added 2026/06/16 10:30 p.m.12 views

USN-8440-1 linux-azure-6.8 vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

9.8CVSS7.6AI score0.96775EPSS
Exploits282References394
Ubuntu
Ubuntu
added 2026/06/16 10:30 p.m.17 views

USN-8440-1: Linux kernel (Azure) vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

9.8CVSS6.6AI score0.96775EPSS
Exploits282
OSV
OSV
added 2026/06/15 8:0 p.m.10 views

GHSA-X4VX-RJVF-J5P4 DOMPurify: `IN_PLACE` mode trusts attacker-controlled `nodeName` on live non-form nodes, allowing script retention and XSS via attacker-supplied DOM objects

Summary When DOMPurify.sanitizeroot, INPLACE: true is called on an attacker-supplied live DOM node, DOMPurify still trusts currentNode.nodeName for non-form nodes in the main sanitizeElements pipeline. A real child node whose observable nodeName is attacker-controlled can therefore be misclassifi...

5.5AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/15 8:0 p.m.15 views

DOMPurify: `IN_PLACE` mode trusts attacker-controlled `nodeName` on live non-form nodes, allowing script retention and XSS via attacker-supplied DOM objects

Summary When DOMPurify.sanitizeroot, INPLACE: true is called on an attacker-supplied live DOM node, DOMPurify still trusts currentNode.nodeName for non-form nodes in the main sanitizeElements pipeline. A real child node whose observable nodeName is attacker-controlled can therefore be misclassifi...

5.5AI score
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/15 7:56 p.m.3 views

GHSA-HPCV-96WG-7VJ8 DOMPurify: Cross-realm IN_PLACE sanitization leaves executable markup intact via realm-bound `instanceof` checks

Cross-realm INPLACE sanitization leaves executable markup intact via realm-bound instanceof checks CWE: CWE-79 XSS — Improper Neutralization of Input During Web Page Generation via CWE-693 Protection Mechanism Failure — realm-bound instanceof checks fail-open on foreign-realm DOM nodes and CWE-50...

6.1CVSS5.8AI score0.00055EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/15 7:53 p.m.14 views

DOMPurify: IN_PLACE mode preserves attributes of a clobbered root element, allowing XSS via attacker-controlled root DOM

INPLACE mode preserves attributes of a clobbered root element, allowing XSS via attacker-controlled root DOM CWE: CWE-79 XSS — Improper Neutralization of Input During Web Page Generation via CWE-693 Protection Mechanism Failure — silent no-op when forceRemove is called on a parent-less node Summa...

5.4AI score0.00042EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/15 7:53 p.m.4 views

GHSA-R47G-FVHR-H676 DOMPurify: IN_PLACE mode preserves attributes of a clobbered root element, allowing XSS via attacker-controlled root DOM

INPLACE mode preserves attributes of a clobbered root element, allowing XSS via attacker-controlled root DOM CWE: CWE-79 XSS — Improper Neutralization of Input During Web Page Generation via CWE-693 Protection Mechanism Failure — silent no-op when forceRemove is called on a parent-less node Summa...

6.1CVSS5.5AI score0.00042EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.13 views

PT-2026-49557

Cross-realm IN PLACE sanitization leaves executable markup intact via realm-bound instanceof checks CWE: CWE-79 XSS — Improper Neutralization of Input During Web Page Generation via CWE-693 Protection Mechanism Failure — realm-bound instanceof checks fail-open on foreign-realm DOM nodes and CWE-5...

6.1CVSS5.7AI score0.00055EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.12 views

PT-2026-49558

IN PLACE mode preserves attributes of a clobbered root element, allowing XSS via attacker-controlled root DOM CWE: CWE-79 XSS — Improper Neutralization of Input During Web Page Generation via CWE-693 Protection Mechanism Failure — silent no-op when forceRemove is called on a parent-less node...

6.1CVSS5.4AI score0.00042EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.5 views

EulerOS 2.0 SP13 : kernel (EulerOS-SA-2026-2363)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : xfrm: esp: avoid in-place decrypt on shared skb fragsCVE-2026-43284 Tenable has extracted the preceding description block directly from the EulerO...

8.8CVSS5.9AI score0.93235EPSS
Exploits31References2
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.6 views

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2026-2275)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : xfrm: esp: avoid in-place decrypt on shared skb fragsCVE-2026-43284 crypto: algifaead - Revert to operating out-of-placeCVE-2026-31431 Tenable has...

8.8CVSS7.6AI score0.96775EPSS
Exploits255References3
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.15 views

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2026-2276)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : xfrm: esp: avoid in-place decrypt on shared skb fragsCVE-2026-43284 crypto: algifaead - Revert to operating out-of-placeCVE-2026-31431 Tenable has...

8.8CVSS7.6AI score0.96775EPSS
Exploits255References3
Packet Storm News
Packet Storm News
added 2026/06/09 12:0 a.m.20 views

FreeBSD Security Advisory - FreeBSD-SA-26:26.ktls

FreeBSD Security Advisory - The KTLS receive path decrypted each record in place, assuming that the mbufs holding received data were anonymous and safe to modify. This assumption does not hold for data placed on a socket by sendfile2, which can reference file-backed memory directly through...

5.5AI score0.00154EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/06/01 9:5 a.m.24 views

LSN-120-1: Kernel Live Patch Security Notice

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Tear down vGIC on failed vCPU creation If kvmarchvcpucreate fails to share the vCPU page with the hypervisor, we propagate the error back to the ioctl but leave the vGIC vCPU data initialised. In the Linux kernel, the...

9.8CVSS6.7AI score0.96775EPSS
Exploits228
OSV
OSV
added 2026/05/29 1:33 p.m.10 views

OESA-2026-2478 sed security update

Sed is a non-interactive command-line text editor. A stream editor is used to per-form basic text transformations on an input stream a file or input from a pipeline. Security Fixes: When sed is invoked with both -i in-place edit and --follow-symlinks, the function opennextfile performs two...

2.1CVSS5.9AI score0.00142EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2026/05/28 6:34 p.m.18 views

USN-8229-2: sed vulnerability

USN-8229-1 fixed a vulnerability in sed. This update provides the corresponding update for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: Michał Majchrowicz and Marcin Wyczechowski discovered that sed incorrectly handled symbolic links when performing in-place edits. A local...

2.1CVSS5.9AI score0.00142EPSS
Exploits0
OSV
OSV
added 2026/05/28 6:34 p.m.7 views

USN-8229-2 sed vulnerability

USN-8229-1 fixed a vulnerability in sed. This update provides the corresponding update for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: Michał Majchrowicz and Marcin Wyczechowski discovered that sed incorrectly handled symbolic links when performing in-place edits. A local...

2.1CVSS5.9AI score0.00142EPSS
Exploits0References2
Rows per page
Query Builder