Lucene search
K

62 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/ucma: Protects the mc object during concurrent multicast operations. The commit mentioned in the “Fixes” section has been partially reverted to ensure that the allocation and erasure of multicast structures are locked...

7.8CVSS6.3AI score0.00238EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/18 12:0 a.m.13 views

PT-2026-41787

Name of the Vulnerable Software and Affected Versions OpenTelemetry eBPF Instrumentation versions prior to 0.9.0 Description A memory leak exists in the custom CappedConcurrentHashMap used for Java TLS state tracking. The remove function deletes entries from the map but fails to remove the...

5.5CVSS5.8AI score0.00161EPSS
Exploits1References21
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.8 views

PT-2026-37527

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the XFS file system where a small freemap at the end of the xattr entries array can experience a size underflow during array expansion. This can result in zero-length...

8.8CVSS5.5AI score0.00469EPSS
Exploits0
CVE
CVE
added 2026/03/18 1:34 a.m.40 views

CVE-2026-27523

OpenClaw OpenClaw prior to version 2026.2.24 contains a sandbox bind-validation bypass vulnerability. The issue lets a bind source path that uses a symlinked parent with a non-existent leaf circumvent allowed-root and blocked-path checks, causing the path to resolve outside the sandbox and weaken...

7.5CVSS5.8AI score0.00254EPSS
Exploits0References3Affected Software1
Packet Storm News
Packet Storm News
added 2026/01/29 12:0 a.m.3 views

Secure Group Key Agreement on Cyber-Physical System Buses

Cyber-Physical Systems CPSs rely on distributed embedded devices that often must communicate securely over buses. Ensuring message integrity and authenticity on these buses typically requires group-shared keys for Message Authentication Codes MACs. To avoid insecure fixed pre-shared keys and...

5.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/23 12:0 a.m.3 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004849)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004849 advisory. In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Fix incorrect assignment of signed error value to unsigned fwlevel Though...

5.5CVSS5.3AI score0.0018EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/11/11 8:21 a.m.8 views

kernel: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array

In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array The loop that detects/populates cache information already has a bounds check on the array size but does not account for cache levels with separate data/instructions...

7.8CVSS6.8AI score0.00257EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.3 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989002)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989002 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/ucma: Protect mc during concurrent multicast leaves Partially revert the commit mentioned in...

7.8CVSS6AI score0.00238EPSS
Exploits0References4
CVE
CVE
added 2025/11/04 12:0 a.m.13 views

CVE-2025-63294

WorkDo HRM SaaS HR and Payroll Tool 8.1 is affected by an Insecure Permissions issue. An authenticated user can create leave or resignation records on behalf of other users due to improper permission settings. Documents across multiple sources (NVD, Red Hat, CNNVD, CVE catalogs, and security feed...

6.5CVSS6.4AI score0.00287EPSS
Exploits1References3Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-1907

Malicious code in bioql PyPI...

5.9CVSS5.9AI score0.00371EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-52683

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00503EPSS
Exploits1References3
CVE
CVE
added 2025/09/18 4:4 p.m.24 views

CVE-2023-53428

CVE-2023-53428 affects the Linux kernel powercap subsystem, specifically the arm_scmi implementation. The issue arises when powercap zones are retrieved from platforms and registered in a hierarchical tree; the current recursive walk can cause kernel stack overflow for large trees. The fix replac...

5.5CVSS6.3AI score0.00147EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2022-49964

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - arm64: cacheinfo: Fix incorrect assignment of signed error value to unsigned fwlevel Though acpifindlastcachelevel always returned signed value and the document...

5.5CVSS6.5AI score0.0018EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/07/07 11:23 p.m.3 views

SUSE CVE-2025-38230

In the Linux kernel, the following vulnerability has been resolved: jfs: validate AG parameters in dbMount to prevent crashes Validate dbagheight, dbagwidth, and dbagstart in dbMount to catch corrupted metadata early and avoid undefined behavior in dbAllocAG. Limits are derived from L2LPERCTL,...

7.8CVSS6.5AI score0.00157EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/06/18 11:0 a.m.6 views

CVE-2022-49964 arm64: cacheinfo: Fix incorrect assignment of signed error value to unsigned fw_level

In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Fix incorrect assignment of signed error value to unsigned fwlevel Though acpifindlastcachelevel always returned signed value and the document states it will return any errors caused by lack of a PPTT table, it...

0.0018EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.1 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Avoid out-of-bounds write to the cacheinfo array The loop that detects/populates cache information already includes a check on the array size. However, it does not take into account cache levels with separate...

7.8CVSS6.4AI score0.00257EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 5:40 a.m.6 views

CVE-2023-0641

A vulnerability was found in PHPGurukul Employee Leaves Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file changepassword.php. The manipulation of the argument newpassword/confirmpassword leads to weak password...

9.1CVSS4.2AI score0.01005EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:13 p.m.6 views

CVE-2022-34132

Jorani v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at application/controllers/Leaves.php...

9.8CVSS7.3AI score0.01502EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:3 p.m.14 views

CVE-2022-34133

Jorani v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the Comment parameter at application/controllers/Leaves.php...

6.1CVSS6.3AI score0.00545EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:51 p.m.6 views

CVE-2022-30931

Employee Leaves Management System ELMS V 2.1 is vulnerable to Cross Site Request Forgery CSRF via /myprofile.php...

6.5CVSS7AI score0.00503EPSS
Exploits1References1
Rows per page
Query Builder