Lucene search
+L

9689 matches found

Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.16 views

PT-2026-52338

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists where an uninitialized stack variable is used within the rseq exit user update function. This occurs because the evaluation order of expressions in an initializer list is...

5.5CVSS6AI score0.00112EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.10 views

PT-2026-52299

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the accel/ivpu component where the get info ioctl function fails to validate the info size returned from the metric stream info query against the allocated buffer size...

7.1CVSS6.2AI score0.00153EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.31 views

Linux Distros Unpatched Vulnerability : CVE-2026-53089

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Fix use-after-free in offloaded map/prog info fill When querying info for an offloaded BPF map or program, bpfmapoffloadinfofillns and...

6.1AI score0.00145EPSS
Exploits0References4
CVE
CVE
added 2026/06/24 9:5 p.m.10 views

CVE-2026-49278

Rocket.Chat vulnerable component: the visitors.info endpoint leaked a token in responses prior to versions 8.5.0, 8.4.2, 8.3.4, 8.2.4, 8.1.5, 8.0.6, 7.13.8, and 7.10.12. The issue allows token exposure in visitor information responses and is fixed in the listed versions. Affected products/version...

6.7CVSS5.8AI score0.00243EPSS
Exploits0References1
OSV
OSV
added 2026/06/24 9:5 p.m.2 views

CVE-2026-49278 Rocket.Chat: Livechat Visitor Profile Disclosure Leaks Bearer Token and Enables Visitor Impersonation

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.2, 8.3.4, 8.2.4, 8.1.5, 8.0.6, 7.13.8, and 7.10.12, in the visitors.info endpoint, https://developer.rocket.chat/apidocs/get-visitor-information-by-id-1, token is returned in the response. It...

6.7CVSS5.9AI score0.00243EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/24 8:21 p.m.8 views

CVE-2026-35025

ProFTPD through 1.3.9b and 1.3.10rc2 contains an access control bypass vulnerability that allows authenticated FTP users to circumvent Directory ACL restrictions by prefixing paths with /proc/self/root in the RNFR command handler. Attackers can exploit the unresolved symlink components in...

8.6CVSS5.8AI score0.00331EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 6:32 p.m.10 views

EUVD-2026-38863

In the Linux kernel, the following vulnerability has been resolved: net/rds: zero per-item info buffer before handing it to visitors rdsforeachconninfo and rdswalkconnpathinfo both hand a caller-allocated on-stack u64 buffer to a per-connection visitor and then copy the full itemlen bytes back to...

6AI score0.00122EPSS
Exploits0References9
NVD
NVD
added 2026/06/24 5:17 p.m.7 views

CVE-2026-52995

In the Linux kernel, the following vulnerability has been resolved: net/rds: zero per-item info buffer before handing it to visitors rdsforeachconninfo and rdswalkconnpathinfo both hand a caller-allocated on-stack u64 buffer to a per-connection visitor and then copy the full itemlen bytes back to...

5.5CVSS0.00122EPSS
Exploits0References8
CVE
CVE
added 2026/06/24 4:30 p.m.12 views

CVE-2026-53089

The CVE-2026-53089 issue concerns the Linux kernel BPF offload info retrieval for maps/programs. When querying offloaded map/prog info, the code previously called get_net(dev_net(offmap->netdev)) to obtain the network namespace, which could race with netns destruction. If the netns refcount ha...

5.7AI score0.00145EPSS
Exploits0References2
OSV
OSV
added 2026/06/24 4:30 p.m.4 views

CVE-2026-53089 bpf: Fix use-after-free in offloaded map/prog info fill

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in offloaded map/prog info fill When querying info for an offloaded BPF map or program, bpfmapoffloadinfofillns and bpfprogoffloadinfofillns obtain the network namespace with getnetdevnetoffmap-netdev...

5.8AI score0.00145EPSS
Exploits0References5
OSV
OSV
added 2026/06/24 4:29 p.m.2 views

CVE-2026-52995 net/rds: zero per-item info buffer before handing it to visitors

In the Linux kernel, the following vulnerability has been resolved: net/rds: zero per-item info buffer before handing it to visitors rdsforeachconninfo and rdswalkconnpathinfo both hand a caller-allocated on-stack u64 buffer to a per-connection visitor and then copy the full itemlen bytes back to...

5.5CVSS6AI score0.00122EPSS
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:29 p.m.4 views

CVE-2026-52995

In the Linux kernel, the following vulnerability has been resolved: net/rds: zero per-item info buffer before handing it to visitors rdsforeachconninfo and rdswalkconnpathinfo both hand a caller-allocated on-stack u64 buffer to a per-connection visitor and then copy the full itemlen bytes back to...

6AI score0.00122EPSS
Exploits0References9Affected Software1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Net: Ethernet: xscale: Ensure proper check for PTP support. In the function ixp4xxgettsinfo, the function ixp46xptpfind is called unconditionally, even though this feature only exists in ixp46x. This leads to the following...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Media: Verisilicon: AV1 – Fix for the tile info buffer size. Each tile consists of: rowsb, colsb, startpos, and endpos 4 bytes each. Therefore, the total memory required is AV1MAXTILES 16 bytes. Use the correct define to allocate...

7.8CVSS5.9AI score0.00138EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Fixed a race condition related to bitfield writes in btrfsclearspaceinfofull. According to the memory-barriers.txt document regarding memory barrier ordering guarantees: - These guarantees do not apply to bitfields, as...

5.5CVSS6AI score0.00161EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.22.0, there was a NULL pointer dereference vulnerability in rdpwritelogoninfov2. This vulnerability allowed a malicious RDP server to crash the FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with...

7.5CVSS5.9AI score0.00467EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: scsi: xen: scsiback: Fixed a potential memory leak in scsibackremove. The memory allocated for the struct vscsiblkinfo structure in scsibackprobe is not freed in scsibackRemove, resulting in potential memory leaks during the...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: A memory leak has been fixed in amdgpuacpienumeratexcc. In amdgpuacpienumeratexcc, if amdgpuacpidevinit returns -ENOMEM, the function returns directly without releasing the allocated xccinfo. This results in a memory...

5.5CVSS5.8AI score0.00162EPSS
Exploits0References2
OSV
OSV
added 2026/06/24 1:11 p.m.4 views

OESA-2026-2721 freerdp security update

FreeRDP is a client implementation of the Remote Desktop Protocol RDP that follows Microsoft's open specifications. This package provides the client applications xfreerdp. Security Fixes: A NULL pointer dereference vulnerability exists in the rdpwritelogoninfov2 function of FreeRDP remote desktop...

7.5CVSS5.9AI score0.00467EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 9:0 a.m.36 views

CVE-2026-52943

CVE-2026-52943 affects the Linux kernel: two pskb_carve helpers (pskb_carve_inside_header and pskb_carve_inside_nonlinear) copy the old skb_shared_info header via memcpy without calling net_zcopy_get() for the new copy, creating an unaccounted destructor_arg (uarg) reference. This can cause use-a...

7.8CVSS5.9AI score0.00238EPSS
Exploits1References11Affected Software1
Rows per page
Query Builder