Lucene search
K

2129 matches found

CVE
CVE
added yesterday6 views

CVE-2026-10669

Summary (CVE-2026-10669) : On Xtensa SoCs with CONFIG_XTENSA_MPU and CONFIG_USERSPACE, arch_buffer_validate() erroneously permits access when the buffer size rounds to a wrap of the 32-bit address space, bypassing MPU checks. This can let an unprivileged user-thread validate or copy memory it sho...

7.8CVSS6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
added yesterday4 views

PT-2026-60097

Name of the Vulnerable Software and Affected Versions nebula-mesh affected versions not specified Description The web handler renderMobileBundle passes a pki.CAResolver to the mobilebundle.Build function, which decrypts the CA's ed25519 private key into a pki.CAManager. However, the Build functio...

8.7CVSS6.2AI score
Exploits0References6
Metasploit
Metasploit
added 5 days ago26 views

FTP Fetch, Windows shellcode stage, Bind TCP Stager (No NX or Win7)

Fetch and execute an x86 payload from an FTP server. Custom shellcode stage. Listen for a connection No NX Module Options msf use payload/cmd/windows/ftp/x86/custom/bindnonxtcp msf payloadbindnonxtcp show actions ...actions... msf payloadbindnonxtcp set ACTION msf payloadbindnonxtcp show options...

6.2AI score
Exploits0
OSV
OSV
added 2026/07/06 6:29 a.m.4 views

OESA-2026-2868 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: arm64: io: Extract user memory type in ioremapprot The only caller of ioremapprot outside of the generic ioremap implementation is genericaccessphys, which passe...

7.8CVSS6AI score0.00129EPSS
Exploits0References7
Apple
Apple
added 2026/06/29 12:0 a.m.11 views

About the security content of iOS 26.5.2 and iPadOS 26.5.2

About the security content of iOS 26.5.2 and iPadOS 26.5.2 This update delivers security fixes that were first made available in the iOS 26.6 and iPadOS 26.6 betas. This document describes the security content of iOS 26.5.2 and iPadOS 26.5.2. About Apple security updates For our customers'...

9.1CVSS5.8AI score0.00371EPSS
Exploits2References1Affected Software2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: KVM: x86: Added SRCU protection for reading PDPTRs in getsregs2. Added read-side protection when reading PDPTR registers in getsregs2. Reading PDPTRs may trigger access to guest memory: kvmpdptrread - svmcachereg - loadpdptrs ...

7.8CVSS5.9AI score0.00139EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/22 1:43 p.m.11 views

CVE-2026-52908

A flaw was found in the Linux kernel. This vulnerability occurs during the re-registration of a Remote Direct Memory Access RDMA memory region. If the memory's access permissions are changed from read-only to read-write, the system may fail to properly update and secure the underlying user memory...

7.8CVSS5.6AI score0.00129EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in amd64-microcode

IOMMU improperly handles certain special address ranges with invalid device table entries DTEs. This may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in SEV-SNP, potentially resulting in a loss of guest integrity...

6CVSS6.2AI score0.00174EPSS
Exploits0References2
NVD
NVD
added 2026/06/08 5:16 p.m.15 views

CVE-2026-46309

In the Linux kernel, the following vulnerability has been resolved: drm/xe/uapi: Reject cohnone PAT index for CPU cached memory in madvise Add validation in xevmmadviseioctl to reject PAT indices with XECOHNONE coherency mode when applied to CPU cached memory. Using cohnone with CPU cached buffer...

7CVSS0.00125EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.13 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fmtsrc driver in the iris media driver being released during MBPF checks, potentially leading...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References2
OSV
OSV
added 2026/05/27 12:57 p.m.2 views

CVE-2026-46054 selinux: fix overlayfs mmap() and mprotect() access checks

In the Linux kernel, the following vulnerability has been resolved: selinux: fix overlayfs mmap and mprotect access checks The existing SELinux security model for overlayfs is to allow access if the current task is able to access the top level file the "user" file and the mounter's credentials ar...

7.1CVSS5.9AI score0.00118EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.18 views

PT-2026-43921

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The SELinux security model for overlayfs allows access if the current task can access the top-level user file and the mounter's credentials are sufficient for the lower-level backing fil...

7.1CVSS5.9AI score0.00118EPSS
Exploits0
NVD
NVD
added 2026/05/25 10:16 a.m.23 views

CVE-2026-9274

This vulnerability exists in CP Plus Wi-Fi Camera due to improper protection of sensitive information in runtime memory. An attacker with physical access could exploit this vulnerability by accessing the UART interface and performing memory extraction to obtain sensitive information, including...

5.2CVSS0.00125EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/25 9:19 a.m.12 views

CVE-2026-9274

This vulnerability exists in CP Plus Wi-Fi Camera due to improper protection of sensitive information in runtime memory. An attacker with physical access could exploit this vulnerability by accessing the UART interface and performing memory extraction to obtain sensitive information, including...

5.2CVSS5.8AI score0.00125EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: arm64: io: The memory type of the user is extracted in ioremapprot. The only function that calls ioremapprot outside of the generic ioremap implementation is genericaccessphys, which passes a pgprott value determined from the use...

5.5CVSS5.7AI score0.00127EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Correctly handling the kvmarminit failure in finalizepkvm Currently, there is no synchronization between the finalizepkvm and kvmarminit initcalls. The finalizepkvm continues to execute even if kvmarminit fails,...

5.5CVSS6AI score0.00128EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: arm64/pageattr: The return value from changememorycommon must be propagated. The rodata=on security measure requires that any code path that uses vmalloc or setmemoryro/setmemoryrox must also protect the linear map alias...

5.9AI score0.00158EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Consider the return from setmemoryrox when using bpfjitbinarylockro. setmemoryrox may fail, leaving memory unprotected. Check the return value and bail out if bpfjitbinarylockro returns an error...

5.5CVSS6.1AI score0.00224EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2026/05/20 12:0 a.m.19 views

Unbreakable Enterprise kernel security update

5.15.0-320.202.8.4 - ptrace: slightly saner 'getdumpable' logic Linus Torvalds Orabug: 39391447 CVE-2026-46333 5.15.0-320.202.8.3 - nfsd: fix heap overflow in NFSv4.0 LOCK replay cache Jeff Layton Orabug: 39362036 CVE-2026-31402 - net/sched: Only allow actct to bind to clsact/ingress qdiscs and...

7.1CVSS6.2AI score0.96267EPSS
Exploits262
Microsoft CVE
Microsoft CVE
added 2026/05/07 8:8 a.m.9 views

APEI/GHES: ARM processor Error: don't go past allocated memory

...

5.5CVSS5.8AI score0.00127EPSS
Exploits0
Rows per page
Query Builder