Lucene search
K

209 matches found

CVE
CVE
added 2026/05/08 1:26 p.m.21 views

CVE-2026-43319

CVE-2026-43319 affects the Linux kernel spidev driver. The vulnerability stemmed from inverted lock ordering between spi_lock and buf_lock across code paths (write/read use buf_lock then spi_lock; ioctl uses spi_lock then buf_lock), enabling potential deadlocks in multi-threaded access. The fix u...

5.5CVSS5.8AI score0.00094EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/05/08 1:26 p.m.2 views

CVE-2026-43319 spi: spidev: fix lock inversion between spi_lock and buf_lock

In the Linux kernel, the following vulnerability has been resolved: spi: spidev: fix lock inversion between spilock and buflock The spidev driver previously used two mutexes, spilock and buflock, but acquired them in different orders depending on the code path: write/read: buflock - spilock ioctl...

5.5CVSS6AI score0.00094EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.12 views

PT-2026-38970

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A lock inversion exists in the spidev driver involving two mutexes, spi lock and buf lock. These locks were acquired in different orders depending on the execution path: write and read...

5.5CVSS5.6AI score0.00094EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.18 views

Linux Distros Unpatched Vulnerability : CVE-2026-43319

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - spi: spidev: fix lock inversion between spilock and buflock The spidev driver previously used two mutexes, spilock and buflock, but acquired them in different...

5.5CVSS6.3AI score0.00094EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/07 2:59 a.m.12 views

EUVD-2026-28272

Admidio is an open-source user management solution. Prior to version 5.0.9, a logic error in Admidio's two-factor authentication reset inverts the authorization check. Non-admin users cannot remove their own TOTP configuration, but they can remove other users' TOTP, including administrators. A...

7.1CVSS5.7AI score0.00297EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.7 views

PT-2026-32909

Name of the Vulnerable Software and Affected Versions OpenStack Keystone versions prior to 28.0.1 Description The LDAP identity backend fails to convert the user enabled attribute to a boolean value when the user enabled invert configuration option is set to False. Specifically, the ldap res to...

7.7CVSS5.2AI score0.00317EPSS
Exploits0References26
Packet Storm News
Packet Storm News
added 2026/04/10 12:0 a.m.7 views

CLIP-Inspector: Model-Level Backdoor Detection for Prompt-Tuned CLIP Via OOD Trigger Inversion

Organisations with limited data and computational resources increasingly outsource model training to Machine Learning as a Service MLaaS providers, who adapt vision-language models VLMs such as CLIP to downstream tasks via prompt tuning rather than training from scratch. This semi-honest setting...

5.8AI score
Exploits0
NVD
NVD
added 2026/04/07 5:16 p.m.4 views

CVE-2026-35610

PolarLearn is a free and open-source learning program. In 0-PRERELEASE-14 and earlier, setCustomPassworduserId, password and deleteUseruserId in the account-management module used an inverted admin check. Because of the inverted condition, authenticated non-admin users were allowed to execute bot...

8.8CVSS0.00298EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/03/30 12:0 a.m.15 views

Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1495)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1495 advisory. In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix null-deref in aggdequeue CVE-2025-40083 In the Linux kernel, the following vulnerability has been...

6.1AI score0.0025EPSS
Exploits0References102
Packet Storm News
Packet Storm News
added 2026/03/10 12:0 a.m.5 views

PRoADS: Provably Secure and Robust Audio Diffusion Steganography with Latent Optimization and Backward Euler Inversion

This paper proposes PRoADS, a provably secure and robust audio steganographic framework based on audio diffusion models. As a generative steganography scheme, PRoADS embeds secret messages into the initial noise of diffusion models via orthogonal matrix projection. To address the reconstruction...

5.8AI score
Exploits0
AstraLinux
AstraLinux
added 2026/03/03 9:29 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: vsock: Fixed lock inversion in vsockassigntransport. Syzbot reported a potential lock inversion deadlock between vsockregistermutex and sklock-AFVSOCK when vsocklinger is called. The issue was introduced by the commit...

6.1AI score0.00179EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/03/03 12:0 a.m.6 views

Scores Know Bobs Voice: Speaker Impersonation Attack

Advances in deep learning have enabled the widespread deployment of speaker recognition systems SRSs, yet they remain vulnerable to score-based impersonation attacks. Existing attacks that operate directly on raw waveforms require a large number of queries due to the difficulty of optimizing in...

5.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : nss-3.53.1-17.0.1.el8 (AXSA:2021-1536:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1536:01 advisory. nss: Side channel attack on ECDSA signature generation CVE-2020-6829 nss: P-384 and P-521 implementation uses a side-channel vulnerable modular...

9.1CVSS8.2AI score0.01541EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/01/12 9:30 a.m.3 views

kernel: net: phylink: add lock for serializing concurrent pl->phydev writes with resolver

A flaw was found in the Linux kernel’s phylink subsystem: when phylinkresolve executes while pl-statemutex is held, it may acquire pl-phydev-lock out of order relative to other paths phylinkbringupphy or phylinkdisconnectphy that acquire pl-phydev-lock prior to pl-statemutex. This lock inversion...

7CVSS5.8AI score0.00102EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/09 11:19 a.m.7 views

CVE-2021-22494

An issue was discovered in the fingerprint scanner on Samsung Note20 mobile devices with Q10.0 software. When a screen protector is used, the required image compensation is not present. Consequently, inversion can occur during fingerprint enrollment, and a high False Recognition Rate FRR can occu...

5.5CVSS6.9AI score0.00304EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.4 views

PT-2026-7991

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the nf tables component of the Linux kernel. The nft map catchall activate function contains a logic bug where an inverted element activity check is...

7.8CVSS7.2AI score0.00344EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2025/12/21 12:0 a.m.5 views

FreeBSD : traefik -- Inverted TLS Verification Logic in Kubernetes NGINX Provider (dc7e30db-de67-11f0-b893-5404a68ad561)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the dc7e30db-de67-11f0-b893-5404a68ad561 advisory. The traefik project reports: There is a potential vulnerability in Traefik NGINX provider managing the...

5.9CVSS7.3AI score0.00213EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/12/17 12:24 a.m.4 views

SUSE CVE-2025-68244

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Avoid lock inversion when pinning to GGTT on CHV/BXT+VTD On completion of i915vmapinww, a synchronous variant of dmafenceworkcommit is called. When pinning a VMA to GGTT address space on a Cherry View family processor, ...

5.5CVSS6.4AI score0.00167EPSS
Exploits0References21
EUVD
EUVD
added 2025/12/16 3:30 p.m.12 views

EUVD-2025-203652

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Avoid lock inversion when pinning to GGTT on CHV/BXT+VTD On completion of i915vmapinww, a synchronous variant of dmafenceworkcommit is called. When pinning a VMA to GGTT address space on a Cherry View family processor, ...

5.9AI score0.00167EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2025/12/16 3:15 p.m.14 views

CVE-2025-68244

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Avoid lock inversion when pinning to GGTT on CHV/BXT+VTD On completion of i915vmapinww, a synchronous variant of dmafenceworkcommit is called. When pinning a VMA to GGTT address space on a Cherry View family processor, ...

5.9AI score0.00167EPSS
Exploits0References33
Rows per page
Query Builder