Lucene search
+L

2992 matches found

astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Thermal/debugfs: Fixed two locking issues related to the thermal zone debug. With the current locking mechanism for thermal zones in the debugfs code, user space can open the “mitigations” file for a thermal zone before the...

5.5CVSS6.4AI score0.00143EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: cpu: Re-enable CPU mitigations by default for !X86 architectures. Rename the configuration for x86 to CPUMITIGATIONS, define it in the generic code, and apply it to all architectures except x86. A recent commit that turned...

5.5CVSS6.8AI score0.00244EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux

A vulnerability was discovered in the Linux kernel’s EBPF verifier when handling internal data structures. Internal memory locations could be exposed to userspace. A local attacker with the permission to insert eBPF code into the kernel can exploit this vulnerability to leak internal kernel memor...

4.4CVSS6.7AI score0.00236EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux

A issue was discovered in the Linux kernel through version 5.11.x. The kernel/bpf/verifier.c file contains unwanted out-of-bounds speculation during pointer arithmetic operations, which allows for side-channel attacks that circumvent Spectre mitigations and extract sensitive information from kern...

5.5CVSS6.4AI score0.01071EPSS
Exploits0References2
nessus
nessus
added 2026/05/20 12:0 a.m.7 views

Fedora 43 : kernel (2026-3f85a4eba7)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-3f85a4eba7 advisory. The 7.0.9-104/204 kernels contain a fix for a SKBFLSHAREDFRAG page-cache corruption vulnerability as well as some mitigations for PinTheft Tenable has...

5.9AI score
Exploits0References1
nessus
nessus
added 2026/05/20 12:0 a.m.11 views

Fedora 44 : kernel (2026-57965ac9f7)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-57965ac9f7 advisory. The 7.0.9-104/204 kernels contain a fix for a SKBFLSHAREDFRAG page-cache corruption vulnerability as well as some mitigations for PinTheft Tenable has...

5.9AI score
Exploits0References1
cve
cve
added 2026/05/19 11:1 a.m.26 views

CVE-2026-7860

CVE-2026-7860 describes an information-disclosure risk in Vaadin build tools: Vaadin Maven/Gradle plugins can print the full set of environment variables to build logs when a frontend build fails (non-zero exit). This can expose credentials/secrets in CI logs and artifacts. Affected ranges and fi...

5.8CVSS5.8AI score0.00117EPSS
Exploits0References2
nessus
nessus
added 2026/05/19 12:0 a.m.14 views

Fedora 44 : kernel (2026-346fbec5d5)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-346fbec5d5 advisory. The 7.0.9-102/202 stable kernel builds contain additional mitigations for new code paths in fragnesia, and a couple of other security updates without fancy...

5.9AI score
Exploits0References1
thn
thn
added 2026/05/18 1:50 p.m.25 views

⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More

Monday opens with a trust problem. A mail server flaw is under active use. A network control system was targeted. Trusted packages were poisoned. A fake model page pushed a stealer. Then came the familiar ransom claim: the data was returned and deleted. The pattern is clear. One weak dependency c...

8.1CVSS6.5AI score0.0564EPSS
Exploits1
cvelist
cvelist
added 2026/05/14 7:0 p.m.39 views

CVE-2026-26062 Fleet server may terminate unexpectedly when handling certain gRPC requests

Fleet is open source device management software. Prior to version 4.81.0, Fleet contained a denial-of-service DoS issue in the gRPC Launcher PublishLogs endpoint. In affected versions, certain unexpected input values were not handled gracefully, which could cause the Fleet server process to...

8.7CVSS0.00372EPSS
Exploits0References2
githubexploit
githubexploit
added 2026/05/13 3:31 a.m.175 views

Exploit for CVE-2017-0144

💀 EternalBlue MS17-010 Exploitation Research Controlled r...

9.3CVSS6.7AI score0.9923EPSS
Exploits55
ubuntucve
ubuntucve
added 2026/05/12 6:17 p.m.11 views

CVE-2026-44167

phpseclib is a PHP secure communications library. Prior to 1.0.29, 2.0.54, and 3.0.52, anyone loading untrusted ASN1 files eg. X509 certificates, RSA PKCS8 private or public keys, etc. This is a bypass of CVE-2024-27355. This vulnerability is fixed in 1.0.29, 2.0.54, and 3.0.52...

7.5CVSS5.8AI score0.00201EPSS
Exploits0References2
packetstormnews
packetstormnews
added 2026/05/12 12:0 a.m.13 views

Five Attacks on X402 Agentic Payment Protocol

The x402 protocol revives the HTTP 402 Payment Required status code to enable web-native micropayments across APIs, content, and agents. It combines synchronous HTTP authorization with asynchronous blockchain settlement and introduces a cross-layer attack surface absent from conventional web and...

5.9AI score
Exploits0
ibm
ibm
added 2026/05/07 7:16 p.m.12 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerabilities in picomatch-2.3.1.tgz

Summary IBM Watson Discovery Cartridge affected by vulnerabilities in picomatch-2.3.1.tgz Vulnerability Details CVEID:CVE-2026-33671 DESCRIPTION: Picomatch is a glob matcher written JavaScript. Versions prior to 4.0.4, 3.0.2, and 2.3.2 are vulnerable to Regular Expression Denial of Service ReDoS...

7.5CVSS6.1AI score0.00412EPSS
Exploits0Affected Software1
githubexploit
githubexploit
added 2026/05/07 12:5 p.m.121 views

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 — "Copy Fail" Safe Detection Script A read-o...

7.8CVSS5.9AI score0.96267EPSS
Exploits230
github
github
added 2026/05/06 4:56 p.m.13 views

Duplicate Advisory: Mistune has a ReDoS in LINK_TITLE_RE that allows denial of service via crafted Markdown input

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-8mp2-v27r-99xp. This link is maintained to preserve external references. Original Description Summary Denial-of-Service DoS vulnerability in the Mistune Markdown parser. The issue occurs when processing speciall...

5.8AI score
Exploits0References2Affected Software1
hp
hp
added 2026/05/06 12:0 a.m.26 views

Poly Clariti Manager – May 2026 Security Update

Multiple potential security vulnerabilities have been identified on Poly Clariti Manager, on-premises management platform. These vulnerabilities are related to Berkeley Internet Name Domain BIND, which is an open-source protocol. HP has released updates to mitigate the potential vulnerabilities. ...

8.6CVSS7.1AI score0.99995EPSS
Exploits2
githubexploit
githubexploit
added 2026/05/04 10:49 p.m.125 views

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

check-copyfail check-copyfail.sh is a read-only Bash script...

7.8CVSS6.3AI score0.96267EPSS
Exploits230
githubexploit
githubexploit
added 2026/05/04 5:58 a.m.109 views

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 "Copy Fail" — Safe Probe Suite !License: MIT...

7.8CVSS6.1AI score0.96267EPSS
Exploits230
githubexploit
githubexploit
added 2026/05/02 6:30 p.m.115 views

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

copy-success — CVE-2026-31431 Compensating Control A defensiv...

7.8CVSS5.8AI score0.96267EPSS
Exploits230
Rows per page
Query Builder