Lucene search
K

120 matches found

RedhatCVE
RedhatCVE
added 2026/06/25 6:18 p.m.7 views

CVE-2026-53018

A flaw was found in the Linux kernel's f2fs filesystem. During garbage collection, a race condition can occur when a page is moved and updated, but the system attempts to read it again from an outdated location. This can trigger a kernel bug, leading to a system crash and a denial of service DoS....

5.8AI score0.00166EPSS
Exploits0References4
OSV
OSV
added 2026/06/15 1:52 p.m.2 views

OPENSUSE-SU-2026:20986-1 Security update for perl-Crypt-SaltedHash

This update for perl-Crypt-SaltedHash fixes the following issues: Changes in perl-Crypt-SaltedHash: updated to 0.110.0 0.11 0.11 2026-05-20 14:05:07+01:00 Europe/London - Fixed metadata - Moved author tests into xt 0.10 2026-05-19 - Maintenance taken over by Robert Rothenberg - Updated the Git...

9.1CVSS5.8AI score0.00397EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/03 7:56 p.m.14 views

EUVD-2026-34176

FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, the Redirect module does not validate the URL scheme of administrator-configured destination URLs before storing or issuing redirects. This allows arbitrary external URLs to be configured as redirect...

4.8CVSS5.9AI score0.00259EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/05/23 12:17 p.m.10 views

CVE-2026-43503

In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers Two frag-transfer helpers pskbcopyfclone and skbshift fail to propagate the SKBFLSHAREDFRAG bit in skbshinfo-flags when moving frags from source to...

8.8CVSS5.7AI score0.00135EPSS
Exploits7References10
EUVD
EUVD
added 2026/05/23 11:44 a.m.12 views

EUVD-2026-31535

In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skbtrycoalesce can attach paged frags from @from to @to. If @from has SKBFLSHAREDFRAG set, the resulting @to skb can contain the same externally-owned or page-cache-backe...

6AI score0.03663EPSS
Exploits11References7
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed a double-free of blocks due to incorrect movedlen values during extent movements. In ext4moveextents, movedlen is updated only when all movements are successfully executed. It also discards preallocations for originod...

7.8CVSS6.2AI score0.00266EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: vlan: fixed an underflow issue related to the realdev refcnt. An error is injected before devholdrealdev in registervlandev, and the following testcase is executed: bash ip link add dev dummy1 type dummy ip link add name...

5.5CVSS5.8AI score0.00208EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: btrfs: Do not log conflicting inodes if it’s a directory that was moved during the current transaction. We cannot log an conflicting inode if it’s a directory that was moved from one parent directory to another parent directory...

6AI score0.00168EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/06 1:43 a.m.11 views

SUSE CVE-2026-31721

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fhid: move list and spinlock inits from bind to alloc There was an issue when you did the following: - setup and bind an hid gadget - open /dev/hidg0 - use the resulting fd in EPOLLCTLADD - unbind the UDC - bind the...

5.5CVSS5.5AI score0.00123EPSS
Exploits0References3
NVD
NVD
added 2026/05/01 3:16 p.m.5 views

CVE-2026-31721

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fhid: move list and spinlock inits from bind to alloc There was an issue when you did the following: - setup and bind an hid gadget - open /dev/hidg0 - use the resulting fd in EPOLLCTLADD - unbind the UDC - bind the...

5.5CVSS0.00123EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/01 2:14 p.m.13 views

EUVD-2026-26534

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fhid: move list and spinlock inits from bind to alloc There was an issue when you did the following: - setup and bind an hid gadget - open /dev/hidg0 - use the resulting fd in EPOLLCTLADD - unbind the UDC - bind the...

5.5AI score0.00123EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/04/10 3:58 p.m.4 views

CVE-2026-35595 Vikunja Affected by Privilege Escalation via Project Reparenting

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the CanUpdate check at pkg/models/projectpermissions.go:139-148 only requires CanWrite on the new parent project when changing parentprojectid. However, Vikunja's permission model uses a recursive CTE that walks up th...

8.3CVSS5.8AI score0.0029EPSS
Exploits1References4
OSV
OSV
added 2026/04/10 3:33 p.m.3 views

GHSA-2VQ4-854F-5C72 Vikunja vulnerable to Privilege Escalation via Project Reparenting

Summary A user with Write-level access to a project can escalate their permissions to Admin by moving the project under a project they own. After reparenting, the recursive permission CTE resolves ownership of the new parent as Admin on the moved project. The attacker can then delete the project,...

8.3CVSS5.8AI score0.0029EPSS
Exploits1References6
OSV
OSV
added 2026/04/03 4:16 p.m.6 views

UBUNTU-CVE-2026-23435

In the Linux kernel, the following vulnerability has been resolved: perf/x86: Move event pointer setup earlier in x86pmuenable A production AMD EPYC system crashed with a NULL pointer dereference in the PMU NMI handler: BUG: kernel NULL pointer dereference, address: 0000000000000198 RIP:...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/03/26 3:16 p.m.5 views

CVE-2026-28881

A privacy issue was addressed by moving sensitive data. This issue is fixed in macOS Tahoe 26.4. An app may be able to access sensitive user data...

5.5CVSS5.8AI score0.00177EPSS
Exploits0References1
OSV
OSV
added 2026/02/14 5:15 p.m.3 views

UBUNTU-CVE-2026-23192

In the Linux kernel, the following vulnerability has been resolved: linkwatch: use devput in callers to prevent UAF After linkwatchdodev calls devput to release the linkwatch reference, the device refcount may drop to 1. At this point, netdevruntodo can proceed since linkwatchsyncdev sees an empt...

7.8CVSS5.7AI score0.00125EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/02/14 1:28 a.m.5 views

CVE-2025-70956

A State Pollution vulnerability was discovered in the TON Virtual Machine TVM before v2025.04. The issue exists in the RUNVM instruction logic VmState::runchildvm, which is responsible for initializing child virtual machines. The operation moves critical resources specifically libraries and log...

7.5CVSS5.9AI score0.00455EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/01/15 9:2 a.m.5 views

btrfs: don't log conflicting inode if it's a dir moved in the current transaction

...

6.1CVSS5.4AI score0.00168EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/15 4:40 a.m.5 views

CVE-2025-68778

A data corruption flaw was found in the Linux kernel's Btrfs filesystem log replay mechanism. When a directory is moved between parent directories in the same transaction and then a file with the same name is created and synced, the log replay can create a directory with two hard links. This caus...

5.5CVSS5.3AI score0.00168EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/01/15 12:26 a.m.7 views

SUSE CVE-2025-68778

In the Linux kernel, the following vulnerability has been resolved: btrfs: don't log conflicting inode if it's a dir moved in the current transaction We can't log a conflicting inode if it's a directory and it was moved from one parent directory to another parent directory in the current...

4.7CVSS6.3AI score0.00168EPSS
Exploits0References19
Rows per page
Query Builder