Lucene search
K

396 matches found

Tenable Nessus
Tenable Nessus
added 2026/07/07 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-53361

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - afunix: Set gcinprogress to true in unixgc. Igor Ushakov reported that unixgc could run with gcinprogress being false if the work is scheduled while running:...

6.1AI score0.00171EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/07/05 2:59 p.m.13 views

CVE-2026-53361

A flaw was found in the Linux kernel's afunix component. A race condition exists within the unixgc garbage collection function where the gcinprogress flag may not be correctly set. This could lead to unixpeekfpl misinterpreting garbage collection status when handling MSGPEEK operations, potential...

7CVSS5.9AI score0.00171EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/07/05 1:58 a.m.15 views

SUSE CVE-2026-53361

In the Linux kernel, the following vulnerability has been resolved: afunix: Set gcinprogress to true in unixgc. Igor Ushakov reported that unixgc could run with gcinprogress being false if the work is scheduled while running: Thread 1 Thread 2 Thread 3 -------- -------- -------- unixschedulegc...

5.8AI score0.00171EPSS
Exploits0References4
OSV
OSV
added 2026/07/04 12:17 p.m.3 views

UBUNTU-CVE-2026-53361

In the Linux kernel, the following vulnerability has been resolved: afunix: Set gcinprogress to true in unixgc. Igor Ushakov reported that unixgc could run with gcinprogress being false if the work is scheduled while running: Thread 1 Thread 2 Thread 3 -------- -------- -------- unixschedulegc...

5.8AI score0.00171EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/07/04 11:54 a.m.20 views

CVE-2026-53361

In the Linux kernel, the following vulnerability has been resolved: afunix: Set gcinprogress to true in unixgc. Igor Ushakov reported that unixgc could run with gcinprogress being false if the work is scheduled while running: Thread 1 Thread 2 Thread 3 -------- -------- -------- unixschedulegc...

5.8AI score0.00171EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/07/04 11:54 a.m.17 views

EUVD-2026-41668

In the Linux kernel, the following vulnerability has been resolved: afunix: Set gcinprogress to true in unixgc. Igor Ushakov reported that unixgc could run with gcinprogress being false if the work is scheduled while running: Thread 1 Thread 2 Thread 3 -------- -------- -------- unixschedulegc...

5.8AI score0.00171EPSS
Exploits0References4
EUVD
EUVD
added 2026/07/04 8:15 a.m.10 views

EUVD-2026-41660

A vulnerability has been found in FederatedAI FATE up to 2.2.0. This affects the function QueuePushReqStreamObserver.initEggroll of the file java/osx/osx-broker/src/main/java/org/fedai/osx/broker/grpc/QueuePushReqStreamObserver.java of the component OSX Broker. Such manipulation of the argument...

3.1CVSS5.1AI score0.00299EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.14 views

PT-2026-55581

Name of the Vulnerable Software and Affected Versions RT-Thread versions prior to 5.0.3 Description A memory corruption issue exists in the sys getaddrinfo function within the components/lwp/lwp syscall.c file. A local attacker can trigger this by manipulating the ai addr argument. Recommendation...

6.8CVSS6.2AI score0.00119EPSS
Exploits0References11
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:17 a.m.9 views

xfrm: espintcp: do not reuse an in-progress partial send

...

7.8CVSS5.8AI score0.0012EPSS
Exploits0
EUVD
EUVD
added 2026/06/24 4:29 p.m.6 views

EUVD-2026-38914

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free from async crypto on Qualcomm crypto engine ksmbdcryptmessage sets a NULL completion callback on AEAD requests and does not handle the -EINPROGRESS return code from async hardware crypto engines like the...

5.8AI score0.00531EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2026/06/24 7:14 a.m.6 views

CVE-2026-52935

In the Linux kernel, the following vulnerability has been resolved: xfrm: espintcp: do not reuse an in-progress partial send espintcp keeps a single in-flight transmit in ctx-partial. Before building a new skmsg, espintcpsendmsg first tries to flush that state through espintcppushmsgs. For blocki...

7.8CVSS5.8AI score0.0012EPSS
Exploits0
EUVD
EUVD
added 2026/06/24 7:14 a.m.9 views

EUVD-2026-38705

In the Linux kernel, the following vulnerability has been resolved: xfrm: espintcp: do not reuse an in-progress partial send espintcp keeps a single in-flight transmit in ctx-partial. Before building a new skmsg, espintcpsendmsg first tries to flush that state through espintcppushmsgs. For blocki...

5.9AI score0.0012EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/06/05 12:9 a.m.11 views

CVE-2025-65640

Cross Site Scripting XSS vulnerability in the "Task in Progress / Recent" page in Arket Globe Document Intelligence 5.0.0.559 due to improper sanitization of user input in text fields when creating a new document. Specifically, when an authenticated attacker submits data containing JavaScript cod...

6.3CVSS6.1AI score0.00216EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 12:0 a.m.12 views

CVE-2025-65640

Cross Site Scripting XSS vulnerability in the "Task in Progress / Recent" page in Arket Globe Document Intelligence 5.0.0.559 due to improper sanitization of user input in text fields when creating a new document. Specifically, when an authenticated attacker submits data containing JavaScript cod...

6.1AI score0.00216EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.16 views

PT-2026-46312

Name of the Vulnerable Software and Affected Versions Arket Globe Document Intelligence version 5.0.0.559 Description Cross Site Scripting XSS occurs in the "Task in Progress / Recent" page due to improper sanitization of user input in text fields during the creation of a new document. An...

6.3CVSS5.8AI score0.00216EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/04 12:0 a.m.6 views

CVE-2025-65640

Cross Site Scripting XSS vulnerability in the "Task in Progress / Recent" page in Arket Globe Document Intelligence 5.0.0.559 due to improper sanitization of user input in text fields when creating a new document. Specifically, when an authenticated attacker submits data containing JavaScript cod...

6.1AI score0.00216EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/04 12:0 a.m.30 views

CVE-2025-65640

Cross Site Scripting XSS vulnerability in the "Task in Progress / Recent" page in Arket Globe Document Intelligence 5.0.0.559 due to improper sanitization of user input in text fields when creating a new document. Specifically, when an authenticated attacker submits data containing JavaScript cod...

0.00216EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/29 7:39 p.m.19 views

russh server userauth state is not reset when authentication principal changes

Summary The russh server authentication path keeps internal userauth state across SSHMSGUSERAUTHREQUEST messages without separating that state when the request principal changes. RFC 4252 allows the user name and service name fields to change between authentication requests. The issue is not that...

5.3CVSS5.8AI score0.00218EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/05/29 7:39 p.m.7 views

GHSA-HPV4-5H6F-WQR3 russh server userauth state is not reset when authentication principal changes

Summary The russh server authentication path keeps internal userauth state across SSHMSGUSERAUTHREQUEST messages without separating that state when the request principal changes. RFC 4252 allows the user name and service name fields to change between authentication requests. The issue is not that...

5.3CVSS5.8AI score0.00218EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.14 views

PT-2026-45018

Name of the Vulnerable Software and Affected Versions Russh versions 0.34.0-beta.1 through 0.60.x Description The server authentication path in the Russh library fails to separate internal user authentication state when the request principal changes across SSH MSG USERAUTH REQUEST messages...

5.3CVSS5.5AI score0.00218EPSS
Exploits0References3
Rows per page
Query Builder