Lucene search
K

15111 matches found

CVE
CVE
added 2026/06/26 3:18 p.m.13 views

CVE-2026-45195

CVE-2026-45195 affects kernel software inside a Host VM that posts commands to GPU Firmware, enabling memory reads/writes outside the host kernel’s permitted range. Root cause: untrusted addresses passed to rgxfw_set_mips_fault_address in the GPU DDK may grant the firmware privileged memory acces...

7.8CVSS5.8AI score0.00106EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/26 3:15 p.m.31 views

CVE-2026-5757 There exists an unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine

Unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine allows an attacker to read and exfiltrate the server's heap memory, potentially leading to sensitive data exposure, further compromise, and stealthy persistence...

0.00551EPSS
Exploits1References2
CVE
CVE
added 2026/06/26 12:0 a.m.8 views

CVE-2026-38571

The CVE-2026-38571 case concerns the Tenda N300 F3 device (version V603), where the unauthenticated UART debug console stores WPA2 credentials in cleartext and does not require authentication for rr/wr memory read/write commands. This enables a physically proximate attacker to extract stored WPA2...

4.6CVSS6AI score0.00113EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.7 views

PT-2026-52842

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Kernel software running within a Host VM can send improper commands to the GPU Firmware. This allows the firmware to perform memory read or write operations...

7.8CVSS5.8AI score0.00106EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.15 views

RHEL 8 : redis:6 (RHSA-2026:29817)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:29817 advisory. Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and...

8.8CVSS6.4AI score0.02995EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 11:53 p.m.5 views

CVE-2026-53133

A flaw was found in the Linux kernel's RDMA/umem component. When the IOMMU Input/Output Memory Management Unit is used, a very large memory block can be split across multiple scatter-gather SG entries. During the reassembly of these split SG entries, an issue with truncation for block sizes great...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 11:39 p.m.12 views

CVE-2026-53229

A flaw was found in the Linux kernel's mlx5e driver. When an XDP eXpress Data Path transmission fails, the driver does not properly unmap DMA Direct Memory Access addresses or free allocated XDP frames. This oversight can lead to a continuous leak of DMA resources and XDP frames, potentially...

7.5CVSS5.8AI score0.00466EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/25 11:21 p.m.5 views

kernel: RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss()

A flaw was found in the Linux kernel's RDMA/mana component. A local user could trigger a kernel corruption by providing specific configurations through the user Application Programming Interface uAPI that cause an internal error. This issue arises when Work Queues WQs are specified to share the...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/25 11:12 p.m.6 views

CVE-2026-52956

A flaw was found in the Linux kernel's libceph module. A remote attacker could trigger an out-of-bounds memory access in the cephxdecrypt function by sending a specially crafted message frame of type FRAMETAGAUTHREPLYMORE with a small ciphertext length. This vulnerability arises because the...

7.5CVSS6.1AI score0.00359EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 6:44 p.m.6 views

CVE-2026-52955

A flaw was found in the libceph component of the Linux kernel. A remote attacker could send a specially crafted CEPHMSGOSDMAP message where two internal fields, alg and b-alg, contain differing bucket algorithm values. This discrepancy can lead to an out-of-bounds memory access during processing ...

9.8CVSS5.8AI score0.00377EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 6:17 p.m.4 views

CVE-2026-52968

A flaw was found in the Linux kernel's KVM Kernel-based Virtual Machine subsystem, specifically affecting s390 PCI devices. This vulnerability arises from incorrect pointer arithmetic during the indexing of the Guest Access Instruction Table GAIT, leading to out-of-bounds memory access. A local...

6.4CVSS5.8AI score0.0018EPSS
Exploits0References4
CVE
CVE
added 2026/06/25 6:6 p.m.10 views

CVE-2026-56770

Libais 0.15 is affected by an out-of-bounds vector access in VdmStream::AddLine caused by an unchecked sentinel value used as a vector index when handling AIS sentences with empty or out-of-range sequential IDs. Remote attackers can crash services or vessel systems by sending crafted AIVDM senten...

8.7CVSS5.9AI score0.00339EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/25 6:2 p.m.6 views

CVE-2026-53112

A flaw was found in the Linux kernel's rtlwifi PCI driver. This vulnerability, a use-after-free, occurs when a rtlwifi wireless card is detached or fails to initialize, and a related background task is not properly shut down. This can lead to the system attempting to access memory that has alread...

5.7AI score0.00164EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 4:16 p.m.7 views

CVE-2026-57438

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, XInclude substitution performed by Nokogiri::XML::Nodedoxinclude replaced each in place, freeing the include node along with its children such as and its descendants and any namespaces declared on...

6.6CVSS0.00093EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/25 2:39 p.m.30 views

CVE-2026-57438 Nokogiri: Possible Use-After-Free in XInclude Processing

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, XInclude substitution performed by Nokogiri::XML::Nodedoxinclude replaced each in place, freeing the include node along with its children such as and its descendants and any namespaces declared on...

5.9CVSS0.00093EPSS
Exploits0References1
CVE
CVE
added 2026/06/25 2:39 p.m.15 views

CVE-2026-57438

Nokogiri (Ruby) prior to 1.19.4 is vulnerable to a use-after-free in XInclude processing: Nokogiri::XML::Node#do_xinclude frees the xi:include node, its children, and namespaces, potentially leaving Ruby objects pointing at freed memory. This can lead to invalid memory reads/writes. The issue is ...

6.6CVSS5.9AI score0.00093EPSS
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/25 10:37 a.m.4 views

redis: RESTORE invalid memory access may allow remote code execution

A flaw was found in Redis. An authenticated attacker with permission to execute the RESTORE command can send a crafted serialized payload that may lead to an invalid memory access due to an improper validation of the serialized values. This flaw can cause the server to crash and may allow arbitra...

8.8CVSS6.2AI score0.02995EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/25 10:37 a.m.5 views

Important: Red Hat Security Advisory: redis:6 security update

An update for the redis:6 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

8.8CVSS6.4AI score0.02995EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 9:31 a.m.5 views

EUVD-2026-39190

Generic IO & Memory Access driver for PCs provided by TOSHIBA CORPORATION and Dynabook Inc. exposes its IOCTL with insufficient access control. A logged-in user with no administrative privilege may access physical memory...

6.8CVSS5.8AI score0.00121EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 9:16 a.m.8 views

CVE-2026-53159

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix DMA address corruption due to findvma misuse fastrpcgetargs uses findvma to look up the VMA for a user-provided pointer and compute a DMA address offset. When the address falls in a gap before the returned VMA,...

0.00172EPSS
Exploits0References7
Rows per page
Query Builder