Lucene search
K

378 matches found

RedhatCVE
RedhatCVE
added 2026/05/27 6:40 p.m.18 views

CVE-2026-46066

A flaw was found in the Linux kernel's Ceph filesystem. When writing to encrypted CephFS files, a failure to allocate a bounce buffer for a dirty folio can lead to an off-by-one error in the numops counter. This inconsistency can cause a kernel panic, resulting in a Denial of Service DoS for the...

5.5CVSS5.9AI score0.00121EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mm/swapfile: condresched was added to getswappages. A softlockup still occurs in getswappages under memory pressure. With 64 CPU cores, 64GB of memory, and 28 zram devices, the size of each zram device is 50MB, and they all have...

5.5CVSS5.9AI score0.00192EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in mbedtls

Mbed TLS versions before 3.0.1 have a double-free error under certain out-of-memory conditions, as demonstrated by a failure in the mbedtlssslsetsession function...

9.8CVSS8.3AI score0.02569EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: zsmalloc: The LRU update function has been moved from zsmapobject to zsmalloc. Under memory pressure, we sometimes observe the following crashes: 5694.832838 ------------ Cut here 5694.842093 Listdel corruption;...

5.9AI score0.00155EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-6.1, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables – Failure to set the dormant flag on the hook register We need to set the dormant flag again if we fail to register the hooks. During memory pressure, hook registration may fail, resulting in a table being...

5.5CVSS5.3AI score0.00227EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: igb: Do not free qvector unless a new one was allocated. Avoid potential use-after-free conditions under memory pressure. If kzalloc fails, qvector will be freed, but it will remain in the original adapter-qvectorvidx array...

7.8CVSS6.2AI score0.00153EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mptcp: The crash occurred when performing a pressure test on mptcp. The following error occurred: dstrelease: dst: ffffa06ce6e5c058 refcnt: -1 The kernel attempted to execute a NX-protected page – an attempt to exploit a...

5.5CVSS5.5AI score0.00245EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: TCP: Proper handling of extreme memory squeeze situations Testing with iperf3 using the “pasta” protocol splicer revealed a problem with how TCP handles window advertisement in extreme memory squeeze situations. Under memory...

5.5CVSS6.4AI score0.00141EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Firefox and Thunderbird

A use-after-free condition affected the creation of TLS sockets when memory pressure was present. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...

8.8CVSS7.3AI score0.01092EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: smb: server: Fixed a leak in activenumconn when there is a failure in transport allocation. The commit 77ffbcac4e56 “smb: server: fixed the leak in activenumconn in ksmbdtcpnewconnection” addresses the failure path in kthreadrun...

7.5CVSS6AI score0.00542EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2026/05/18 7:42 a.m.23 views

Security update for python3

This update for python3 fixes the following issue: CVE-2026-1502: HTTP client proxy tunnel headers not validated for CR/LF bsc1261969. CVE-2026-3446: base64 decoding stops at first padded quad by default and ignores other information that could be processed bsc1261970. CVE-2026-4786: URLs prefixe...

9.1CVSS7.4AI score0.00579EPSS
Exploits1References20
OSV
OSV
added 2026/05/18 7:41 a.m.6 views

SUSE-SU-2026:1937-1 Security update for python3

This update for python3 fixes the following issue: - CVE-2026-1502: HTTP client proxy tunnel headers not validated for CR/LF bsc1261969. - CVE-2026-3446: base64 decoding stops at first padded quad by default and ignores other information that could be processed bsc1261970. - CVE-2026-4786: URLs...

9.1CVSS7.3AI score0.00579EPSS
Exploits1References11
EUVD
EUVD
added 2026/05/13 6:30 p.m.25 views

EUVD-2026-29890

An authenticated user can cause excess memory usage via bitwise match expression AST processing of $bitsAllSet, $bitsAnySet, $bitsAllClear, and $bitsAnyClear. This contributes to memory pressure and may lead to availability loss by OOM. This issue impacts MongoDB Server v7.0 versions prior to...

7.1CVSS5.8AI score0.00258EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/13 12:5 a.m.11 views

CVE-2026-8199

An authenticated user can cause excess memory usage via bitwise match expression AST processing of $bitsAllSet, $bitsAnySet, $bitsAllClear, and $bitsAnyClear. This contributes to memory pressure and may lead to availability loss by OOM. This issue impacts MongoDB Server v7.0 versions prior to...

7.1CVSS5.8AI score0.00258EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/10 12:0 a.m.19 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python3 (SUSE-SU-2026:1715-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1715-1 advisory. - CVE-2025-13462: incorrect parsing of TarInfo when GNU long name and type AREGTYPE are combined...

9.1CVSS6.9AI score0.00621EPSS
Exploits1References31
RedhatCVE
RedhatCVE
added 2026/05/09 1:45 a.m.15 views

CVE-2026-43469

A flaw was found in the Linux kernel's xprtrdma component. This vulnerability occurs when the rpcrdmapostrecvs function fails to create a work request or exits prematurely, leading to the rereceiving counter not being decremented. This improper resource handling can cause the system to hang...

7.5CVSS5.8AI score0.0038EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/08 2:19 a.m.14 views

SUSE CVE-2026-44601

Tor before 0.4.9.7, when circuit queue memory pressure exists, can experience a client crash because of a double close of a circuit, aka TROVE-2026-009...

7.5CVSS5.8AI score0.00337EPSS
Exploits0References3
NVD
NVD
added 2026/05/07 4:16 a.m.16 views

CVE-2026-44601

Tor before 0.4.9.7, when circuit queue memory pressure exists, can experience a client crash because of a double close of a circuit, aka TROVE-2026-009...

7.5CVSS0.00337EPSS
Exploits0References4
OSV
OSV
added 2026/05/07 4:16 a.m.13 views

UBUNTU-CVE-2026-44601

Tor before 0.4.9.7, when circuit queue memory pressure exists, can experience a client crash because of a double close of a circuit, aka TROVE-2026-009...

7.5CVSS5.8AI score0.00337EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/05/07 3:9 a.m.16 views

CVE-2026-44601

Tor before 0.4.9.7, when circuit queue memory pressure exists, can experience a client crash because of a double close of a circuit, aka TROVE-2026-009...

3.7CVSS5.8AI score0.00337EPSS
Exploits0References4
Rows per page
Query Builder