Lucene search
K

188 matches found

OSV
OSV
added 2026/07/08 10:15 a.m.8 views

MAL-2026-6972 Malicious code in @vwfs-its/sf-sac-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41fd62df844e3fba17cb6200b0c9f2ce518a630677ed96f4cf0349b2a3eb7a3d On npm install, the package's preinstall hook node index.js collects installer host identity — hostname, OS user info, output of whoami and id, shell...

6.1AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/07/06 9:21 p.m.5 views

kernel: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM for ARM64, specifically within the vgic-its component. This vulnerability occurs when multiple concurrent operations incorrectly drop the translation cache's reference to an entry more than once during cache invalidation. Thi...

9.3CVSS6.8AI score0.00197EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/07/02 2:52 p.m.6 views

kernel: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM for ARM64, specifically within the vgic-its component. This vulnerability occurs when multiple concurrent operations incorrectly drop the translation cache's reference to an entry more than once during cache invalidation. Thi...

9.3CVSS5.7AI score0.00197EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Avoid truncating memory addresses. On 32-bit machines with CONFIGARMLPAE, it is possible for lowmem allocations to be backed by addresses located physically beyond the 32-bit address limit. This issue was...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/06/11 12:0 a.m.3 views

The vulnerability of the vgic_its_invalidate_cache() function in the arch/arm64/kvm/vgic/vgic-its.c module of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the vgicitsinvalidatecache function in the arch/arm64/kvm/vgic/vgic-its.c module of the Linux operating system is related to errors during link time. Exploiting this vulnerability can allow an attacker to cause a service failure...

7CVSS5.8AI score0.00197EPSS
Exploits0References9Affected Software2
SUSE CVE
SUSE CVE
added 2026/06/10 2:25 a.m.20 views

SUSE CVE-2026-46316

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry vgicitsinvalidatecache walks the per-ITS translation cache with xaforeach and drops the cache's reference on each entry with vgicputirq. It puts...

7.8CVSS5.4AI score0.00197EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2026/06/09 5:0 p.m.12 views

CVE-2026-46316

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM for ARM64, specifically within the vgic-its component. This vulnerability occurs when multiple concurrent operations incorrectly drop the translation cache's reference to an entry more than once during cache invalidation. Thi...

9.3CVSS5.4AI score0.00197EPSS
Exploits0References5
NVD
NVD
added 2026/06/09 1:16 p.m.21 views

CVE-2026-46316

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry vgicitsinvalidatecache walks the per-ITS translation cache with xaforeach and drops the cache's reference on each entry with vgicputirq. It puts...

9.3CVSS0.00197EPSS
Exploits0References11
OSV
OSV
added 2026/06/09 1:16 p.m.16 views

UBUNTU-CVE-2026-46316

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry vgicitsinvalidatecache walks the per-ITS translation cache with xaforeach and drops the cache's reference on each entry with vgicputirq. It puts...

9.3CVSS5.2AI score0.00197EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/06/09 11:52 a.m.43 views

CVE-2026-46316 KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry vgicitsinvalidatecache walks the per-ITS translation cache with xaforeach and drops the cache's reference on each entry with vgicputirq. It puts...

9.3CVSS0.00197EPSS
Exploits0References4
OSV
OSV
added 2026/06/09 11:52 a.m.3 views

CVE-2026-46316 KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry vgicitsinvalidatecache walks the per-ITS translation cache with xaforeach and drops the cache's reference on each entry with vgicputirq. It puts...

9.3CVSS6.5AI score0.00197EPSS
Exploits0References13
EUVD
EUVD
added 2026/06/09 11:52 a.m.22 views

EUVD-2026-35405

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry vgicitsinvalidatecache walks the per-ITS translation cache with xaforeach and drops the cache's reference on each entry with vgicputirq. It puts...

5.4AI score0.00197EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-46316

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry...

9.3CVSS6.6AI score0.00197EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.25 views

PT-2026-47753

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 13031fb6b835 Description A race condition exists in the vGIC-ITS Interrupt Translation Service emulation within KVM on arm64 systems. The issue occurs in the vgic its invalidate cache function, which iterates...

9.3CVSS6AI score0.00197EPSS
Exploits0
CVE
CVE
added 2026/05/29 8:37 a.m.25 views

CVE-2026-10058

The CVE-2026-10058 entry concerns ITS Intelligent SCADA System by ITP Technology and describes a Stored Cross-Site Scripting vulnerability that allows privileged remote attackers to inject JavaScript executed in users’ browsers on page load. Documents confirm the affected product, vulnerability t...

4.8CVSS5.8AI score0.00176EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/29 8:37 a.m.45 views

CVE-2026-10058 ITP Technology|ITS Intelligent SCADA System - Stored Cross-Site Scripting

ITS Intelligent SCADA System developed by ITP Technology has a Stored Cross-Site Scripting vulnerability, allowing privileged remote attackers to inject persistent JavaScript codes that are executed in users' browsers upon page load...

4.8CVSS0.00176EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: irqchip/gic-v3-its: Quirk probing for ACPI-based systems has been restored. While refactoring the way ITSs are probed, the handling of quirks applicable to ACPI-based platforms was lost. As a result, systems like HIP07 lose...

5.5CVSS5.2AI score0.00225EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Prevent double-free on error. The error handling path in itsvpeirqdomainalloc causes a double-free when itsvpeinit fails after successfully allocating at least one interrupt. This occurs because...

7.8CVSS5.8AI score0.00248EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache There is a potential UAF scenario in the case of an LPI translation cache hit racing with an operation that invalidates the cache, such as a DISCARD ITS command...

7.8CVSS5.9AI score0.0024EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/13 3:25 p.m.8 views

Malicious Package

Overview stats-api-js-client is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Rows per page
Query Builder