Lucene search
K

25357 matches found

OSV
OSV
added 2026/06/25 9:33 p.m.3 views

GHSA-47Q9-M4WW-924M Rekor has an OOM Condition due to Unbounded gzip Decompression in Alpine APK Parsing Logic

Description The Package.Unmarshal function in pkg/types/alpine/apk.go decompresses the signature and control gzip members of an APK file into in-memory buffers without bounding the total decompressed size. The existing maxapkmetadatasize check default 1MB is only applied to individual tar entry...

7.5CVSS5.9AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/25 6:18 p.m.5 views

CVE-2026-53048

A flaw was found in the Linux kernel's gfs2 filesystem. During the unmount process, a NULL pointer dereference can occur when flushing outstanding glock work. This happens because gfs2logflush is called when a critical data structure sdp-sdjdesc has already been deallocated, and a subsequent...

5.5CVSS5.8AI score0.00172EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 6:17 p.m.7 views

CVE-2026-53049

A flaw was found in the Linux kernel's Global File System 2 GFS2 component. The gfs2logd function, responsible for log flushing, calls several log flushing functions without holding the required lock. This omission allows concurrent transactions to access shared resources without proper exclusion...

9.8CVSS5.8AI score0.00509EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 6:16 p.m.4 views

CVE-2026-53059

A flaw was found in the Linux kernel's device-mapper log dm log component. A local attacker could exploit an integer overflow vulnerability where a 64-bit value is truncated to 32 bits, leading to undersized memory allocations. This allows for out-of-bounds writes to kernel memory during log...

6.3CVSS5.8AI score0.00127EPSS
Exploits0References4
OSV
OSV
added 2026/06/25 3:31 p.m.4 views

OPENSUSE-RU-2026:21160-1 Recommended update for dnscrypt-proxy

This update for dnscrypt-proxy fixes the following issues: Changes in dnscrypt-proxy: - Update to version 2.1.16 The "tlsciphersuite" option is now a no-op. Modern TLS stacks no longer expose cipher suite selection in a meaningful way, and the option had become misleading A log size of 0 no longe...

9.1CVSS6.6AI score0.01557EPSS
Exploits1References8
ATTACKERKB
ATTACKERKB
added 2026/06/25 1:12 p.m.4 views

CVE-2026-56005

Subscriber Cross Site Scripting XSS in WP Activity Log = 5.6.3.1 versions...

7.1CVSS5.8AI score0.0023EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/25 1:12 p.m.26 views

CVE-2026-56005 WordPress WP Activity Log plugin <= 5.6.3.1 - Cross Site Scripting (XSS) vulnerability

Subscriber Cross Site Scripting XSS in WP Activity Log = 5.6.3.1 versions...

7.1CVSS0.0023EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.5 views

EUVD-2026-39374

Subscriber Cross Site Scripting XSS in WP Activity Log = 5.6.3.1 versions...

7.1CVSS5.8AI score0.0023EPSS
Exploits0References1
CVE
CVE
added 2026/06/25 1:12 p.m.13 views

CVE-2026-56005

CVE-2026-56005 affects the WordPress plugin WP Activity Log (versions

7.1CVSS5.8AI score0.0023EPSS
Exploits0References1
NVD
NVD
added 2026/06/25 9:16 a.m.5 views

CVE-2026-53205

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add bounds checks for firmware log indices Add validation that read and write indices in the firmware log buffer are within valid bounds datasize before using them. If out-of-bounds indices are encountered from...

7.1CVSS0.00131EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 9:16 a.m.5 views

CVE-2026-53169

In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: reject NPUOPRESIZE commands from userspace NPUOPRESIZE is a U85-only command that the driver does not yet implement. The existing WARNON1 placeholder fires unconditionally whenever userspace submits this command via...

0.00155EPSS
Exploits0References2
NVD
NVD
added 2026/06/25 9:16 a.m.8 views

CVE-2026-53131

In the Linux kernel, the following vulnerability has been resolved: netfilter: require Ethernet MAC header before using ethhdr ip6teui64, xtmac, the bitmap:ip,mac, hash:ip,mac, and hash:mac ipset types, and nflogsyslog access ethhdrskb after either assuming that the skb is associated with an...

9.4CVSS0.00431EPSS
Exploits0References7
OSV
OSV
added 2026/06/25 9:16 a.m.2 views

UBUNTU-CVE-2026-53131

In the Linux kernel, the following vulnerability has been resolved: netfilter: require Ethernet MAC header before using ethhdr ip6teui64, xtmac, the bitmap:ip,mac, hash:ip,mac, and hash:mac ipset types, and nflogsyslog access ethhdrskb after either assuming that the skb is associated with an...

9.4CVSS5.7AI score0.00431EPSS
Exploits0References10
OSV
OSV
added 2026/06/25 9:16 a.m.2 views

UBUNTU-CVE-2026-53205

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add bounds checks for firmware log indices Add validation that read and write indices in the firmware log buffer are within valid bounds datasize before using them. If out-of-bounds indices are encountered from...

7.1CVSS5.9AI score0.00131EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/25 8:39 a.m.4 views

EUVD-2026-39300

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: reject oversized Broadcast Announcement prepend Existing advertising instances can already hold the maximum extended advertising payload. When hciadvbcastannoucement prepends the Broadcast Announcement service...

6AI score0.00138EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.26 views

CVE-2026-53205 accel/ivpu: Add bounds checks for firmware log indices

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add bounds checks for firmware log indices Add validation that read and write indices in the firmware log buffer are within valid bounds datasize before using them. If out-of-bounds indices are encountered from...

7.1CVSS0.00131EPSS
Exploits0References4
CVE
CVE
added 2026/06/25 8:39 a.m.13 views

CVE-2026-53205

The CVE-2026-53205 issue is in the Linux kernel Intel Versatile Processing Unit (IVPU) accelerator driver (accel/ivpu). It stems from insufficient validation of read/write indices in the firmware log buffer, allowing potential out-of-bounds access if firmware supplies invalid indices. Affected sy...

7.1CVSS6AI score0.00131EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/06/25 8:39 a.m.3 views

EUVD-2026-39296

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add bounds checks for firmware log indices Add validation that read and write indices in the firmware log buffer are within valid bounds datasize before using them. If out-of-bounds indices are encountered from...

6AI score0.00131EPSS
Exploits0References4
CVE
CVE
added 2026/06/25 8:38 a.m.11 views

CVE-2026-53186

CVE-2026-53186 affects the Linux kernel SRP path in RDMA: the SRP_RSP data length (resp_data_len) is not bounded by the actual received bytes, risking an out-of-bounds read when processing sense data. The copy is capped to 96 bytes, but the source offset can point far past the received data, pote...

9.1CVSS6AI score0.00544EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/25 8:38 a.m.30 views

CVE-2026-53131 netfilter: require Ethernet MAC header before using eth_hdr()

In the Linux kernel, the following vulnerability has been resolved: netfilter: require Ethernet MAC header before using ethhdr ip6teui64, xtmac, the bitmap:ip,mac, hash:ip,mac, and hash:mac ipset types, and nflogsyslog access ethhdrskb after either assuming that the skb is associated with an...

9.4CVSS0.00431EPSS
Exploits0References7
Rows per page
Query Builder