Lucene search
K

635 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/27 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-31592

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: SEV: Protect all of sevmemencregisterregion with kvm-lock Take and hold kvm-lock for before checking sevguest in sevmemencregisterregion, as sevguest isn't...

5.5CVSS6AI score0.00122EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/24 6:12 p.m.5 views

CVE-2026-31572

A flaw was found in the Linux kernel's i2c: designware: amdisp component. A race condition exists between the device's probe and runtime Power Management PM resume operations. When pmruntimegetsync is called before i2cdwprobe, it can prematurely trigger the amdisp i2c runtime resume before the...

4.7CVSS5.3AI score0.00088EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/24 5:56 p.m.6 views

CVE-2026-31566

A flaw was found in the Linux kernel's AMD GPU amdgpu driver. An issue in the amdgpuamdkfdsubmitib function allows a local user to trigger a use-after-free vulnerability. This occurs because a fence reference is incorrectly released before waiting for job completion, potentially freeing the memor...

7.8CVSS5.4AI score0.00126EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/24 5:2 p.m.6 views

CVE-2026-31545

A flaw was found in the Linux kernel's NFC Near Field Communication subsystem, specifically within the nxp-nci driver. This flaw prevented General Purpose Input/Output GPIO pins from entering a sleep state, leading to a kernel WARNON condition. This issue could potentially cause system instabilit...

5.5CVSS5.3AI score0.00123EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/24 12:31 a.m.5 views

EUVD-2026-25363

A vulnerability in SenseLive X3050's web management interface allows critical system and network configuration parameters to be modified without sufficient validation and safety controls. Due to inadequate enforcement of constraints on sensitive functions, parameters such as IP addressing, watchd...

8.1CVSS5.7AI score0.00324EPSS
Exploits0References4
Snyk
Snyk
added 2026/04/23 12:0 a.m.12 views

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack due to insecure handling of Process ID PID files. When an application uses the ApplicationPidFileWriter, it writes its PID to a predictable file system path. A local attacker with write access to the PID file's directory...

6.7CVSS5.4AI score0.00112EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/22 7:55 p.m.4 views

CVE-2026-31511

A flaw was found in the Bluetooth Management MGMT component of the Linux kernel. An issue with how memory is managed during certain operations can lead to a 'dangling pointer' vulnerability. This means that the system might attempt to access memory that has already been released, potentially...

7.8CVSS5.3AI score0.00129EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/22 6:7 p.m.6 views

CVE-2026-31462

A flaw was found in the Linux kernel's drm/amdgpu component. This vulnerability arises from the immediate reuse of a Process Address Space ID PASID when a process exits. If a new process is assigned a recently freed PASID, it may encounter page faults still pending in the interrupt handler IH rin...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/22 5:17 p.m.7 views

CVE-2026-31439

A flaw was found in the Linux kernel's Xilinx DMA Direct Memory Access engine. The xdma driver's regmap initialization incorrectly handled errors, specifically when the devmregmapinitmmio function returned an error pointer instead of a null value. This improper error handling could potentially le...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/22 10:29 a.m.5 views

CVE-2026-31432

A flaw was found in the ksmbd component of the Linux kernel. This vulnerability allows an attacker to cause the system to write data beyond its intended memory boundaries when processing specific network requests. Specifically, when a complex request combines data reading with security informatio...

8.8CVSS6AI score0.00507EPSS
Exploits0References4
Snyk
Snyk
added 2026/04/21 12:0 a.m.5 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the Optimizer component. An attacker can cause the server to hang or crash repeatedly by sending specially crafted requests over the network. This is only exploitable if the...

6.9CVSS7.7AI score0.00323EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/13 5:26 p.m.4 views

CVE-2026-31417

A flaw was found in the Linux kernel's X.25 network protocol implementation net/x25. An attacker could potentially trigger an integer overflow in the x25sock.fraglen variable when accumulating packets. This oversight, combined with the fraglen not being properly reset, may lead to system...

7.5CVSS5.8AI score0.00389EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.6 views

PT-2026-32406

Uncontrolled Resource Consumption CWE-400 in Kibana can lead to denial of service via Excessive Allocation CAPEC-130. An authenticated user with access to the automatic import feature can submit specially crafted requests with excessively large input values. When multiple such requests are sent...

6.5CVSS5.8AI score0.0024EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/04/08 12:16 p.m.6 views

kernel: Linux kernel:A use-after-free in bridge multicast in br_multicast_port_ctx_init

A flaw was found in the Linux kernel's bridge multicast functionality. A local user could trigger a use-after-free vulnerability, a type of memory corruption, by improperly configuring network bridge router ports. This issue arises because the system fails to correctly remove ports from its...

7.8CVSS5.9AI score0.00248EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.4 views

PT-2026-31345

Name of the Vulnerable Software and Affected Versions Kibana affected versions not specified Description An authenticated user with access to the automatic import feature can submit specially crafted requests with excessively large input values. When multiple such requests are sent concurrently,...

6.5CVSS5.8AI score0.0024EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/07 11:32 p.m.3 views

CVE-2026-33815

A flaw was found in github.com/jackc/pgx. This memory-safety vulnerability could potentially lead to unexpected behavior or system instability. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria...

9.8CVSS5.8AI score0.00605EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/03 12:0 a.m.11 views

Cisco IOS Software IKEv2 DoS (cisco-sa-asa-ftd-ios-dos-kPEpQGGK)

According to its self-reported version, Cisco IOS Software is affected by a vulnerability. - A vulnerability in the Internet Key Exchange version 2 IKEv2 feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service DoS...

8.6CVSS6AI score0.00354EPSS
Exploits0References5
NVD
NVD
added 2026/03/30 3:16 p.m.4 views

CVE-2026-5165

A flaw was found in virtio-win, specifically within the VirtIO Block BLK device. When the device undergoes a reset, it fails to properly manage memory, resulting in a use-after-free vulnerability. This issue could allow a local attacker to corrupt system memory, potentially leading to system...

7.8CVSS0.00109EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/30 3:2 p.m.3 views

CVE-2026-5165

A flaw was found in virtio-win, specifically within the VirtIO Block BLK device. When the device undergoes a reset, it fails to properly manage memory, resulting in a use-after-free vulnerability. This issue could allow a local attacker to corrupt system memory, potentially leading to system...

6.7CVSS5.8AI score0.00109EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/30 12:0 a.m.7 views

PT-2026-29036

Name of the Vulnerable Software and Affected Versions virtio-win affected versions not specified Description A memory management issue exists in the VirtIO Block BLK device within virtio-win. A reset of the device does not properly handle memory, leading to a use-after-free condition. This could...

7.8CVSS5.9AI score0.00109EPSS
Exploits0References8
Rows per page
Query Builder