Lucene search
K

186 matches found

OSV
OSV
added 2026/07/02 8:26 p.m.2 views

GHSA-63WG-WJJJ-7CP8 Zebra Address Book Aborted by IPv4-Mapped Mempool Misbehavior Update

Am I affected You are affected if: 1. You run zebrad up to and including v4.4.1. 2. Your node listens on the default :: address on a Linux host the standard deployment configuration — net.ipv6.bindv6only=0 is the default on all common Linux distributions. 3. Your node is synced near the chain tip...

7.5CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2026/07/02 8:12 p.m.2 views

GHSA-65JJ-FMW8-468Q zebrad has unbounded memory leak in mempool download pipeline via timeout path cancel_handles retention

Am I affected You are affected if: 1. You run zebrad up to and including v4.4.1. 2. Your node accepts inbound P2P connections network.listenaddr is set, which is the default. 3. Your node's mempool is active node is synced near the chain tip. All default configurations are affected. Summary The...

5.3CVSS5.7AI score
Exploits0References4
OSV
OSV
added 2026/07/02 7:39 p.m.3 views

GHSA-4FC2-H7JH-287C zebrad has mempool transaction admission denial via single-peer inbound queue saturation

Am I affected You are affected if: 1. You run zebrad up to and including v4.4.1. 2. Your node accepts inbound P2P connections network.listenaddr is set, which is the default. 3. Your node's mempool is active node is synced near the chain tip. All default configurations are affected. Summary A...

5.3CVSS5.7AI score
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2026/06/26 12:0 a.m.2 views

The vulnerability of the mm/mempool module in Linux operating systems allows a hacker to cause a service failure or memory corruption.

The vulnerability of the mm/mempool module in Linux operating systems is related to access to a buffer with an incorrect length value. Exploiting this vulnerability can allow an attacker to cause service failures or memory corruption...

7.1CVSS6.2AI score0.00156EPSS
Exploits0References13Affected Software6
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.12 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Fix for a random warning message when loading drivers Warning log: 4.141392 Unexpected gfp: 0x4 GFPDMA32. Fixing it up to gfp: 0xa20 GFPATOMIC. Fix your code! 4.150340 CPU: 1 PID: 175 Comm: 1-0050 Not tainted...

7.8CVSS6AI score0.00166EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: cifs: fixed a small mempool leak in SMB2negotiate. In some cases of failures dialect mismatches in SMB2negotiate, after the request is sent, the checks would return -EIO. Instead, it should return rc = -EIO and then jump to negex...

5.5CVSS6.2AI score0.00149EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:38 p.m.14 views

CVE-2026-34064

nimiq-account contains account primitives to be used in Nimiq's Rust implementation. Prior to version 1.3.0, VestingContract::canchangebalance returns AccountError::InsufficientFunds when newbalance balance, the node crashes while trying to return an error. The mincap balance precondition is...

8.2CVSS5.4AI score0.00275EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: nvme-pci: fixed the mempool allocation size. The maximum size was converted to bytes to match the units of the divisor that calculates the worst-case number of PRP entries. This result is used to determine how many PRP Lists a...

6.1AI score0.00206EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: NFS: Avoid writeback threads getting stuck in mempoolalloc In situations with low memory availability, allow the NFS writeback code to fail without getting stuck in infinite loops in mempoolalloc...

5.5CVSS6.2AI score0.00238EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: dm: fixed a NULL pointer race issue when completing IO operations. The dmiodecpending function calls endioacct first, and then decreases the number of pending DMA operations. However, if a task swaps the DM table at the same...

4.7CVSS6AI score0.00239EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mm/mempool: Fixed the issue where poisoning operations affected pages with an order greater than 0 using HIGHMEM. The kernel test reported the following issues: - BUG: Unable to handle page faults for address: fffba000. - PF:...

6.2AI score0.00156EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: md: fixed a crash in mempoolfree There is a crash in mempoolfree when running the lvm test using shell/lvchange-rebuild-raid.sh. The reason for the crash is as follows: - superwritten calls atomicdecandtest&mddev-pendingwrites an...

5.5CVSS6.1AI score0.0015EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/22 7:43 p.m.5 views

CVE-2026-34064 nimiq-account: Vesting insufficient funds error can panic

nimiq-account contains account primitives to be used in Nimiq's Rust implementation. Prior to version 1.3.0, VestingContract::canchangebalance returns AccountError::InsufficientFunds when newbalance balance, the node crashes while trying to return an error. The mincap balance precondition is...

5.3CVSS5.7AI score0.00275EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/22 7:43 p.m.28 views

CVE-2026-34064 nimiq-account: Vesting insufficient funds error can panic

nimiq-account contains account primitives to be used in Nimiq's Rust implementation. Prior to version 1.3.0, VestingContract::canchangebalance returns AccountError::InsufficientFunds when newbalance balance, the node crashes while trying to return an error. The mincap balance precondition is...

5.3CVSS0.00275EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2026/04/22 7:23 p.m.9 views

nimiq-block-production (>=0.1.0 <=0.2.0), nimiq-client (>=0.1.0 <=0.2.0) +6 more potentially affected by CVE-2026-34066 via nimiq-blockchain (>=0.1.0 <=0.2.0)

nimiq-blockchain CARGO version =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0 Source cves: CVE-2026-34066 Source advisory: OSV:GHSA-J99G-7RQW-Q9JG...

5.3CVSS5.8AI score0.00242EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/22 7:13 p.m.11 views

nimiq-accounts (>=0.1.0 <=0.2.0), nimiq-block-production (>=0.1.0 <=0.2.0) +11 more potentially affected by CVE-2026-33471 via nimiq-block (>=0.1.0 <=0.2.0)

nimiq-block CARGO version =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0 Source cves: CVE-2026-33471 Source advisory: OSV:GHSA-6973-8887-87FF...

9.6CVSS5.8AI score0.00217EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.7 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013704)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013704 advisory. In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix mempool alloc size Convert the max size to bytes to match the units of the divisor...

6AI score0.00206EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.6 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013683)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013683 advisory. In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null-ptr-deref in raid10syncrequest initresync inits mempool and sets...

5.9AI score0.00225EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/21 7:18 p.m.2 views

CVE-2026-40880 Zebra: Cached Mempool Verification Bypasses Consensus Rules for Ahead-of-Tip Blocks

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.1 and zebra-consensus version 5.0.2, a logic error in Zebra's transaction verification cache could allow a malicious miner to induce a consensus split. By carefully submitting a transaction that is valid for height H+1 bu...

7.2CVSS5.8AI score0.00261EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.5 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011263)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011263 advisory. In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix mempool alloc size Convert the max size to bytes to match the units of the divisor...

5.7AI score0.00206EPSS
Exploits0References4
Rows per page
Query Builder