Lucene search
K

691 matches found

EUVD
EUVD
added 2026/06/24 7:14 a.m.9 views

EUVD-2026-38715

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfqueue: hold bridge skb-dev while queued brpassframeup rewrites skb-dev from the ingress port to the bridge master before queueing bridge LOCALIN packets. NFQUEUE only holds references on state.in/out and bridge...

5.7AI score0.00142EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.11 views

PT-2026-51718

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Null Pointer Dereference NPD can occur when removing a port from a Virtual Routing and Forwarding VRF instance. RCU readers using netif is l3 slave may incorrectly assume that netdev...

6AI score0.00114EPSS
Exploits0References19
Wolfi
Wolfi
added 2026/06/23 8:20 p.m.10 views

GHSA-XJVP-4FHW-GC47 vulnerabilities

Vulnerabilities for packages: podman, node-feature-discovery, cadvisor, rancher-agent, sriov-network-device-plugin, buildah, rancher, k8s-device-plugin, nvidia-container-toolkit...

6.1AI score
Exploits0
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: Ensure that we call ipv6mcdown at most once. There are two reasons why addrconfnotify is called with NETDEVDOWN: Either the network device is actually going down, or IPv6 was disabled on the interface. If either of the...

5.5CVSS6.2AI score0.0021EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: idpf: Detaching and closing netdevs while handling a reset Protect the reset path from callbacks by setting the netdevs to detached state and closing any netdevs in UP state until the reset handling is completed. During a reset,...

5.5CVSS5.8AI score0.00115EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: netdevsim: Avoid potential loops in nsimdevtrapreportwork. Many syzbot reports include the following trace 1. If nsimdevtrapreportwork cannot acquire the mutex, it should rearm itself at least one jiffie later. 1 Sending NMI...

5.5CVSS6.4AI score0.00225EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 p.m.12 views

CVE-2026-50266

A flaw was found in OpenStack Neutron. A project manager can exploit this vulnerability by creating or updating a port on a shared network and setting the deviceowner to a specific value. This bypasses default access controls, allowing the project manager to obtain trusted network-service port...

6.6CVSS5.1AI score0.00262EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.13 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS : QEMU vulnerabilities (USN-8412-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8412-1 advisory. Felipe Franciosi, Raphael Norwitz, and Peter Turschmid discovered that the iSCSI block driver in QEMU incorrectly...

8.2CVSS8.2AI score0.04018EPSS
Exploits10References40
NVD
NVD
added 2026/06/04 5:16 p.m.13 views

CVE-2025-67446

Improper Authentication Authentication Bypass exists in Neterbit NW-431F Router 20241014-IR03 and before. The router uses a weak/predictable cookie value for authentication. By modifying the cookie value e.g., setting it to "admin", an attacker can bypass the authentication schema and gain...

9.8CVSS0.00454EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/04 4:18 p.m.11 views

CVE-2026-50266

In OpenStack Neutron before 28.0.1, a project manager can create or update a port on a shared network owned by another project and set deviceowner to a value that has "network:" at the beginning "network:dhcp" for example. The default port RBAC policies incorrectly included PROJECTMANAGER without...

2.2CVSS5.8AI score0.00262EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.20 views

PT-2026-46270

In OpenStack Neutron before 28.0.1, a project manager can create or update a port on a shared network owned by another project and set device owner to a value that has "network:" at the beginning "network:dhcp" for example. The default port RBAC policies incorrectly included PROJECT MANAGER witho...

2.2CVSS5.8AI score0.00262EPSS
Exploits0References9
CBLMariner
CBLMariner
added 2026/06/02 2:56 a.m.8 views

CVE-2026-39821 affecting package sriov-network-device-plugin for versions less than 3.7.0-6

CVE-2026-39821 affecting package sriov-network-device-plugin for versions less than 3.7.0-6. A patched version of the package is available...

9.6CVSS5.8AI score0.00478EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/06/02 2:56 a.m.20 views

CVE-2026-42506 affecting package sriov-network-device-plugin for versions less than 3.7.0-6

CVE-2026-42506 affecting package sriov-network-device-plugin for versions less than 3.7.0-6. A patched version of the package is available...

6.1CVSS5.8AI score0.00188EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/06/02 2:56 a.m.17 views

CVE-2026-25681 affecting package sriov-network-device-plugin for versions less than 3.7.0-6

CVE-2026-25681 affecting package sriov-network-device-plugin for versions less than 3.7.0-6. A patched version of the package is available...

6.1CVSS5.8AI score0.00178EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/30 4:30 p.m.10 views

CVE-2026-10127

A weakness has been identified in Edimax BR-6478AC 1.23. This affects the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component POST Request Handler. This manipulation of the argument rootAPmac causes command injection. The attack may be initiated remotely. The exploit has...

6.5CVSS6.5AI score0.01262EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/28 6:18 p.m.17 views

CVE-2026-46120

A flaw was found in the Linux kernel's ip6gre module. An unprivileged user could exploit this vulnerability by migrating a network device, causing the ip6erspanchangelink function to incorrectly handle network namespace references. This error leads to a use-after-free condition when the original...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/28 9:36 a.m.34 views

CVE-2026-46165 openvswitch: vport: fix self-deadlock on release of tunnel ports

In the Linux kernel, the following vulnerability has been resolved: openvswitch: vport: fix self-deadlock on release of tunnel ports vports are used concurrently and protected by RCU, so netdevput must happen after the RCU grace period. So, either in an RCU call or after the synchronizenet. The...

0.00099EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/05/28 3:56 a.m.12 views

SUSE CVE-2026-45900

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - fix netdev memory leak in dpaa2caamprobe When commit 0e1a4d427f58 "crypto: caam: Unembed netdev structure in dpaa2" converted embedded netdevice to dynamically allocated pointers, it added cleanup in...

5.7AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:56 a.m.13 views

SUSE CVE-2026-45917

In the Linux kernel, the following vulnerability has been resolved: ipvs: do not keep destdst if dev is going down There is race between the netdev notifier ipvsdstevent and the code that caches dst with dev that is going down. As the FIB can be notified for the closed device after our handler...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/28 1:32 a.m.13 views

CVE-2026-45917

A flaw was found in the Linux kernel's IP Virtual Server IPVS component. A race condition exists between the network device notifier and the destination cache when a device is shutting down. This can lead to a leaked device reference, potentially causing system instability or a denial of service...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References4
Rows per page
Query Builder