Lucene search
K

2430 matches found

Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.17 views

PT-2026-48331

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.4.0, when LightBlockchain::rebranch adopts a fork chain whose tip is a macro block checkpoint or election, it only updates self.head but fails to update self.macro...

6.5CVSS5.3AI score0.00259EPSS
Exploits0References4
OSV
OSV
added 2026/06/08 1:43 p.m.12 views

JLSEC-2026-595

An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in expandmmacro in modules/preprocs/nasm/nasm-pp.c...

5.5CVSS5.4AI score0.00317EPSS
Exploits1References4
RustSec
RustSec
added 2026/06/07 12:0 p.m.37 views

proc-macro-error2 is unmaintained

The author of proc-macro-error2 has confirmed that the crate is no longer maintained and recommends that users migrate away from it. proc-macro-error2 was originally created as a maintained fork of proc-macro-error see RUSTSEC-2024-0370. Both the original crate and this fork are now unmaintained...

5.5AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:38 p.m.11 views

CVE-2026-34069

nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. In versions 1.2.2 and below, an unauthenticated p2p peer can cause the RequestMacroChain message handler task to panic. Sending a RequestMacroChain message where the...

5.3CVSS5.4AI score0.00297EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:31 p.m.11 views

CVE-2026-33378

Using the $timeGroup macro, one can achieve an OOM by overloading the server. This requires a SQL datasource. If the server is set up to auto-restart, the impact is minimal or non-existent, as the attack can take upwards of half an hour to crash the server...

6.5CVSS5.5AI score0.00328EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:30 p.m.10 views

CVE-2026-42140

PlantUML Macro is a macro for rendering UML diagrams from simple textual schemes. Prior to version 2.4.1, the PlantUML Macro is vulnerable to Server-Side Request Forgery SSRF. The macro allows users to specify an alternative PlantUML server via the server parameter. However, the application does...

4.4CVSS5.4AI score0.00151EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.13 views

CVE-2026-34065

nimiq-primitives contains primitives e.g., block, account, transaction to be used in Nimiq's Rust implementation. Prior to version 1.3.0, an untrusted p2p peer can cause a node to panic by announcing an election macro block whose validators set contains an invalid compressed BLS voting key. Hashi...

7.5CVSS5.4AI score0.00372EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-46210

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: iris: fix use-after-free of fmtsrc during MBPF check During concurrency testing, multiple instances can run in parallel, and each instance uses its own...

7.8CVSS7AI score0.00129EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/05/29 12:0 a.m.16 views

Separating Secrets from Placeholders: A Hybrid CNN-CodeBERT Framework for Three-Class Credential Leakage Detection

Credential leakage in public source code repositories poses a critical security threat, with over 23.8 million secrets exposed in 2024 alone. Existing detection tools suffer from high false-positive rates because rigid pattern matching and binary classification schemes fail to distinguish genuine...

5.7AI score
Exploits0
NVD
NVD
added 2026/05/28 10:16 a.m.14 views

CVE-2026-46210

In the Linux kernel, the following vulnerability has been resolved: media: iris: fix use-after-free of fmtsrc during MBPF check During concurrency testing, multiple instances can run in parallel, and each instance uses its own inst-lock while the core-lock protects the list of active instances. T...

7.8CVSS0.00129EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/28 9:40 a.m.11 views

EUVD-2026-32837

In the Linux kernel, the following vulnerability has been resolved: media: iris: fix use-after-free of fmtsrc during MBPF check During concurrency testing, multiple instances can run in parallel, and each instance uses its own inst-lock while the core-lock protects the list of active instances. T...

5.7AI score0.00129EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/28 9:40 a.m.12 views

CVE-2026-46210

In the Linux kernel, the following vulnerability has been resolved: media: iris: fix use-after-free of fmtsrc during MBPF check During concurrency testing, multiple instances can run in parallel, and each instance uses its own inst-lock while the core-lock protects the list of active instances. T...

5.7AI score0.00129EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/05/28 9:40 a.m.21 views

CVE-2026-46210

The CVE-2026-46210 issue affects the Linux kernel Iris media driver. A race between per-instance locks (inst->lock) and the core list lock (core->lock) allows a use-after-free during MBPF checks: MBPF iterates the core list and reads fields like fmt_src->width/height while iris_close() m...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/28 9:40 a.m.35 views

CVE-2026-46210 media: iris: fix use-after-free of fmt_src during MBPF check

In the Linux kernel, the following vulnerability has been resolved: media: iris: fix use-after-free of fmtsrc during MBPF check During concurrency testing, multiple instances can run in parallel, and each instance uses its own inst-lock while the core-lock protects the list of active instances. T...

7.8CVSS0.00129EPSS
Exploits0References2
OSV
OSV
added 2026/05/27 2:16 p.m.5 views

UBUNTU-CVE-2026-45857

In the Linux kernel, the following vulnerability has been resolved: scsi: csiostor: Fix dereference of null pointer rn The error exit path when rn is NULL ends up deferencing the null pointer rn via the use of the macro CSIOINCSTATS. Fix this by adding a new error return path label after the use ...

5.7CVSS5.7AI score0.00156EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the net module using the unnecessary WARNONONCE macro when accessing the forwarding path array...

5.8AI score0.00156EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.9 views

PT-2026-43724

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A null pointer dereference occurs in the scsi csiostor component. When the variable rn is NULL, the error exit path triggers a dereference of rn through the use of the CSIO INC STATS...

5.7CVSS5.4AI score0.00156EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.17 views

PT-2026-43809

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the ext4 file system between page migration and bitmap modification during mixed huge-page workloads. The issue occurs because the fast path of the load buddy...

7.8CVSS5.5AI score0.00126EPSS
Exploits0References144
SUSE CVE
SUSE CVE
added 2026/05/22 2:21 a.m.15 views

SUSE CVE-2026-7836

An incorrect calculation in the hextoint macro in Netatalk 2.0.0 through 4.4.2 due to improper uppercase character handling allows a remote authenticated attacker to cause limited data modification via crafted hexadecimal input...

3.1CVSS5.8AI score0.00257EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.13 views

Unity Linux 20.1050e / 20.1070e Security Update: sox (UTSA-2026-016771)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016771 advisory. An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integer overflow on the result of multiplication fed into the lsxvalloc macro that wraps malloc. Whe...

5.5CVSS6AI score0.01693EPSS
Exploits0References4
Rows per page
Query Builder