Lucene search
K

1288 matches found

RedHat Linux
RedHat Linux
added 2 days ago6 views

kernel: md/bitmap: fix GPF in write_page caused by resize race

A flaw was found in the Linux kernel's md/bitmap component. This vulnerability involves a use-after-free race condition that occurs during array resize operations. When the bitmapdaemonwork and bitmapresize functions execute concurrently, they can access memory pages that have already been freed...

4.7CVSS6.1AI score0.00091EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/01 6:20 p.m.5 views

postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS5.8AI score0.00558EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/30 9:4 a.m.9 views

postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS5.8AI score0.00558EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-6412

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Certificate policy and RFC 8446 compliance concerns regarding the continued acceptance of SHA-1/MD5 in certificate processing. CVE-2026-6412 Note that Nessus...

4.3CVSS6AI score0.00074EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/29 6:28 p.m.7 views

Moderate: Red Hat Security Advisory: mod_md security update

An update for modmd is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.3CVSS7AI score0.00628EPSS
Exploits0References2
OSV
OSV
added 2026/06/29 12:0 a.m.5 views

ALSA-2026:30845 Moderate: mod_md security update

This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal. Security Fixes: httpd:...

7.3CVSS7.1AI score0.00628EPSS
Exploits0References4
OSV
OSV
added 2026/06/27 5:16 p.m.9 views

MGASA-2026-0233 Updated krb5 packages fix security vulnerabilities

CVE-2025-3576, A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity...

7.5CVSS7.1AI score0.00501EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.11 views

SUSE SLES15: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2026:2632-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2632-1 advisory. The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: -...

9.8CVSS6.6AI score0.0053EPSS
Exploits1References91
OSV
OSV
added 2026/06/25 9:16 p.m.3 views

DEBIAN-CVE-2026-6412

Certificate policy and RFC 8446 compliance concerns regarding the continued acceptance of SHA-1/MD5 in certificate processing...

4.3CVSS5.8AI score0.00074EPSS
Exploits0References1
NVD
NVD
added 2026/06/25 9:16 p.m.8 views

CVE-2026-6412

Certificate policy and RFC 8446 compliance concerns regarding the continued acceptance of SHA-1/MD5 in certificate processing...

4.3CVSS0.00074EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/25 8:38 p.m.25 views

CVE-2026-6412 Continued acceptance of SHA-1/MD5 digests in certificate processing

Certificate policy and RFC 8446 compliance concerns regarding the continued acceptance of SHA-1/MD5 in certificate processing...

2.3CVSS0.00074EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/25 8:38 p.m.7 views

CVE-2026-6412

Certificate policy and RFC 8446 compliance concerns regarding the continued acceptance of SHA-1/MD5 in certificate processing...

4.3CVSS5.8AI score0.00074EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:38 p.m.7 views

CVE-2026-6412

Certificate policy and RFC 8446 compliance concerns regarding the continued acceptance of SHA-1/MD5 in certificate processing...

2.3CVSS5.8AI score0.00074EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/06/25 1:1 p.m.5 views

CVE-2026-42390

An invalid zone might pass ZONEMD validation while it should not. This is only relevant if ZoneToCache is configured with ZONEMD validation...

5.3CVSS5.8AI score0.00213EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/25 12:30 p.m.4 views

postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

8.2CVSS5.8AI score0.00558EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2026-53125

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - md: fix arraystate=clear sysfs deadlock When clear is written to arraystate, mdattrstore breaks sysfs active protection so the array can delete itself from its...

6.2AI score0.00169EPSS
Exploits0References3
NVD
NVD
added 2026/06/24 5:17 p.m.20 views

CVE-2026-53125

In the Linux kernel, the following vulnerability has been resolved: md: fix arraystate=clear sysfs deadlock When "clear" is written to arraystate, mdattrstore breaks sysfs active protection so the array can delete itself from its own sysfs store method. However, mdattrstore currently drops the...

0.00169EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 4:30 p.m.4 views

CVE-2026-53125 md: fix array_state=clear sysfs deadlock

In the Linux kernel, the following vulnerability has been resolved: md: fix arraystate=clear sysfs deadlock When "clear" is written to arraystate, mdattrstore breaks sysfs active protection so the array can delete itself from its own sysfs store method. However, mdattrstore currently drops the...

5.8AI score0.00169EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/24 4:30 p.m.6 views

EUVD-2026-38993

In the Linux kernel, the following vulnerability has been resolved: md: fix arraystate=clear sysfs deadlock When "clear" is written to arraystate, mdattrstore breaks sysfs active protection so the array can delete itself from its own sysfs store method. However, mdattrstore currently drops the...

5.7AI score0.00169EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 4:30 p.m.4 views

CVE-2026-53123 md: wake raid456 reshape waiters before suspend

In the Linux kernel, the following vulnerability has been resolved: md: wake raid456 reshape waiters before suspend During raid456 reshape, direct IO across the reshape position can sleep in raid5makerequest waiting for reshape progress while still holding an activeio reference. If userspace then...

5.8AI score0.00171EPSS
Exploits0References7
Rows per page
Query Builder