Lucene search
K

3468 matches found

NVD
NVD
added 4 days ago6 views

CVE-2026-56814

Plug.Parsers.MULTIPART, the multipart request-body parser used to handle file uploads and multipart forms, does not enforce its :length budget against all consumed resources, allowing an unauthenticated remote attacker to cause denial of service. The parser charges the :length limit only for part...

6.9CVSS0.00579EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 4 days ago7 views

CVE-2026-56814

Plug.Parsers.MULTIPART, the multipart request-body parser used to handle file uploads and multipart forms, does not enforce its :length budget against all consumed resources, allowing an unauthenticated remote attacker to cause denial of service. The parser charges the :length limit only for part...

6.9CVSS6.1AI score0.00579EPSS
Exploits0References10Affected Software1
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42873

Plug.Parsers.MULTIPART, the multipart request-body parser used to handle file uploads and multipart forms, does not enforce its :length budget against all consumed resources, allowing an unauthenticated remote attacker to cause denial of service. The parser charges the :length limit only for part...

6.9CVSS6.1AI score0.00579EPSS
Exploits0References9
CVE
CVE
added 4 days ago8 views

CVE-2026-56814

Summary: CVE-2026-56814 affects Plug:Multipart in Elixir’s Plug.Parsers.MULTIPART, where the :length budget is applied only to part body bytes. Part headers are not counted, so requests with many empty-body file parts can slip under the length limit and create a temporary file per part, triggerin...

6.9CVSS6.1AI score0.00579EPSS
Exploits0References9
OSV
OSV
added 2026/06/30 10:3 a.m.11 views

SUSE-SU-2026:2238-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-20585: x86/CPU: Fix FPDSS on Zen1 bsc1243603. - CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. -...

9.8CVSS6.9AI score0.03663EPSS
Exploits32References449
RedhatCVE
RedhatCVE
added 2026/06/29 1:12 p.m.10 views

CVE-2026-53122

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock between reflink and transaction commit when using flushoncommit When using the flushoncommit mount option, we can have a deadlock between a transaction commit and a reflink operation that copied an inline exte...

5.5CVSS5.8AI score0.00179EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/26 11:34 a.m.10 views

CVE-2026-52990

A flaw was found in the Linux kernel. A local attacker could exploit a race condition in the fsnotifyrecalcmask function, which fails to properly handle an inode reference. This improper handling can lead to an inode reference leak, causing tasks to hang and resulting in a Denial of Service DoS f...

5.5CVSS5.8AI score0.00175EPSS
Exploits0References4
OSV
OSV
added 2026/06/26 6:37 a.m.4 views

SUSE-SU-2026:2638-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. - CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished delayed work...

9.8CVSS5.9AI score0.0053EPSS
Exploits1References45
OSV
OSV
added 2026/06/25 11:55 a.m.4 views

SUSE-SU-2026:2630-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. - CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished delayed wo...

9.8CVSS7AI score0.0055EPSS
Exploits8References63
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-52990

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fsnotify: fix inode reference leak in fsnotifyrecalcmask fsnotifyrecalcmask fails to handle the return value of fsnotifyrecalcmask, which may return an inode...

6AI score0.00175EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 6:32 p.m.7 views

EUVD-2026-38897

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: prevent uninitialized lcn caused by zero len syzbot reported a uninit-value in ntfsiomapbegin 1. Since runs was not touched yet, runlookupentry immediately fails and returns false, which makes the value of "len" 0...

5.7AI score0.00172EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 6:32 p.m.6 views

EUVD-2026-38885

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix data loss caused by incorrect use of natentry flag Data loss can occur when fsync is performed on a newly created file before any checkpoint has been written concurrently with a checkpoint operation. The scenario is as...

5.7AI score0.00162EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 6:32 p.m.7 views

EUVD-2026-38858

In the Linux kernel, the following vulnerability has been resolved: fsnotify: fix inode reference leak in fsnotifyrecalcmask fsnotifyrecalcmask fails to handle the return value of fsnotifyrecalcmask, which may return an inode pointer that needs to be released via fsnotifydropobject when the...

5.7AI score0.00175EPSS
Exploits0References5
NVD
NVD
added 2026/06/24 5:17 p.m.11 views

CVE-2026-53017

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix data loss caused by incorrect use of natentry flag Data loss can occur when fsync is performed on a newly created file before any checkpoint has been written concurrently with a checkpoint operation. The scenario is as...

0.00162EPSS
Exploits0References2
NVD
NVD
added 2026/06/24 5:17 p.m.7 views

CVE-2026-52990

In the Linux kernel, the following vulnerability has been resolved: fsnotify: fix inode reference leak in fsnotifyrecalcmask fsnotifyrecalcmask fails to handle the return value of fsnotifyrecalcmask, which may return an inode pointer that needs to be released via fsnotifydropobject when the...

0.00175EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 4:30 p.m.11 views

EUVD-2026-38990

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock between reflink and transaction commit when using flushoncommit When using the flushoncommit mount option, we can have a deadlock between a transaction commit and a reflink operation that copied an inline exte...

5.8AI score0.00179EPSS
Exploits0References4
OSV
OSV
added 2026/06/24 4:30 p.m.4 views

CVE-2026-53122 btrfs: fix deadlock between reflink and transaction commit when using flushoncommit

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock between reflink and transaction commit when using flushoncommit When using the flushoncommit mount option, we can have a deadlock between a transaction commit and a reflink operation that copied an inline exte...

5.8AI score0.00179EPSS
Exploits0References7
OSV
OSV
added 2026/06/24 4:29 p.m.3 views

CVE-2026-53017 f2fs: fix data loss caused by incorrect use of nat_entry flag

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix data loss caused by incorrect use of natentry flag Data loss can occur when fsync is performed on a newly created file before any checkpoint has been written concurrently with a checkpoint operation. The scenario is as...

5.8AI score0.00162EPSS
Exploits0References5
CVE
CVE
added 2026/06/24 4:29 p.m.10 views

CVE-2026-52990

CVE-2026-52990 involves the Linux kernel fsnotify subsystem. The bug stems from fsnotify_recalc_mask() returning an inode pointer without releasing it when the connector’s HAS_IREF flag transitions from true to false, leaving an iref leak that can cause a hung task (example trace includes unmount...

5.7AI score0.00175EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: AppArmor: Fixed the race condition between freeing data and accessing it through the file system. AppArmor originally placed a reference to private data after removing the original entry from the file system. However, the inode m...

7.8CVSS6.1AI score0.00145EPSS
Exploits0References3
Rows per page
Query Builder