Lucene search
K

3542 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: gve: Defer the enabling of interrupts until NAPI registration. Currently, interrupts are automatically enabled immediately upon request. This allows interrupts to occur before the associated NAPI context is fully initialized,...

7.8CVSS5.9AI score0.00119EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.6 views

PT-2026-51979

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free flaw exists in the Berkeley Packet Filter BPF subsystem. The task vma iterator reads task-mm locklessly and acquires mmap read trylock without calling mmget. If a task...

7.8CVSS5.7AI score0.00111EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.5 views

PT-2026-52034

Name of the Vulnerable Software and Affected Versions Warp versions 0.2021.04.25.23.05.stable 00 through 0.2026.05.06.15.42.stable 00 Description Warp accepts state-mutating terminal lifecycle hooks from the PTY Pseudo-Terminal stream without verifying if the hooks were emitted by the shell...

4.3CVSS5.8AI score0.00278EPSS
Exploits1References6
Cvelist
Cvelist
added 2026/06/22 2:33 p.m.31 views

CVE-2024-51454 IBM Engineering Lifecycle Management - Engineering Workflow Management is impacted by vulnerabilities Host Header Injection observed

IBM Engineering Workflow Management 7.0.2 through 7.0.2 Interim Fix 035, 7.0.3 through 7.0.3 Interim Fix 017, and 7.1 through 7.1 Interim Fix 004 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various...

6.5CVSS0.00181EPSS
Exploits0References1
CVE
CVE
added 2026/06/22 2:33 p.m.11 views

CVE-2024-51454

Affected product: IBM Engineering Workflow Management (part of IBM Engineering Lifecycle Management). The vulnerability is a free-form HTTP header injection in HOST header parsing due to input validation weaknesses. Affected versions are 7.0.2 (with Interim Fix 035), 7.0.3 (IFix 017), and 7.1 (IF...

6.5CVSS5.8AI score0.00181EPSS
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/22 3:49 a.m.6 views

Important: Red Hat Security Advisory: webkitgtk4 security update

An update for webkitgtk4 is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

8.8CVSS5.8AI score0.00693EPSS
Exploits0References17
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/19 2:25 p.m.3 views

Security Bulletin: IBM Engineering Lifecycle Management - Engineering Workflow Management is impacted by vulnerabilities Host Header Injection observed

Summary Vulnerabilities have been identified in Host Header Injection , which is used in IBM Engineering Lifecycle Management -Engineering Workflow Management Vulnerability Details CVEID:CVE-2024-51454 DESCRIPTION: IBM Engineering Workflow Management is vulnerable to HTTP header injection, caused...

6.5CVSS5.8AI score0.00181EPSS
Exploits0Affected Software1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Chromium

The object lifecycle issue in V8 of Google Chrome prior to 123.0.6312.58 allowed a remote attacker to potentially exploit object corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.01044EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

The object lifecycle issue in Media in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: High...

7.5CVSS5.5AI score0.00282EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: vhostvdpa: The irqbypassunregisterproducer function must correctly assign the token. Previously, we used irqbypassunregisterproducer in vhostvdpasetupvqirq, which was problematic because we had no way of knowing whether the...

7.8CVSS6.3AI score0.00213EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

In ANGLE of Google Chrome, before version 96.0.4664.110, there was an issue with the object lifecycle mechanism that allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS6.9AI score0.00738EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

During the worker lifecycle, a use-after-free condition could occur, which may lead to a potentially exploitable crash. This vulnerability affects Firefox 115.0.2, Firefox ESR 115.0.2, and Thunderbird 115.0.1...

8.8CVSS7.3AI score0.00542EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: virtio-mmio: Do not break the lifecycle of vmdev. vmdev has a separate lifecycle because it has a struct device embedded within it. Therefore, having a release callback for it is correct. However, allocating the vmdev structure...

7.8CVSS5.3AI score0.00139EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uether: Fixed NULL pointer dereferencing in ethgetdrvinfo The commit ec35c1969650 “usb: gadget: fncm: Fixed netdevice lifecycle handling with devicemove“” re-parents the gadget device to /sys/devices/virtual during...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 6:35 p.m.10 views

EUVD-2026-37550

Object lifecycle issue in Metrics in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.4AI score0.00242EPSS
Exploits0References3
NVD
NVD
added 2026/06/17 1:20 p.m.9 views

CVE-2026-12465

Object lifecycle issue in Metrics in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS0.00242EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/17 12:10 p.m.9 views

Important: Red Hat Security Advisory: dovecot security update

An update for dovecot is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

7.5CVSS5.8AI score0.0079EPSS
Exploits3References5
CVE
CVE
added 2026/06/17 1:38 a.m.29 views

CVE-2026-12465

CVE-2026-12465 affects Google Chrome Metrics: an Object lifecycle issue in Chrome prior to 149.0.7827.155 allows a renderer-compromised remote attacker to potentially escape the sandbox via a crafted HTML page. Patch: update to Chrome 149.0.7827.155 or newer. Exploitation details are not describe...

8.3CVSS5.4AI score0.00242EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/17 1:38 a.m.19 views

CVE-2026-12465

Object lifecycle issue in Metrics in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

0.00242EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/17 1:38 a.m.7 views

CVE-2026-12465

Object lifecycle issue in Metrics in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.4AI score0.00242EPSS
Exploits0
Rows per page
Query Builder