Lucene search
K

22 matches found

NVD
NVD
•added 2026/06/24 5:17 p.m.•5 views

CVE-2026-53031

In the Linux kernel, the following vulnerability has been resolved: bpf: Validate nodeid in arenaallocpages arenaallocpages accepts a plain int nodeid and forwards it through the entire allocation chain without any bounds checking. Validate nodeid before passing it down the allocation chain in...

7.8CVSS0.00128EPSS
Exploits0References4
OSV
OSV
•added 2026/06/24 4:29 p.m.•1 views

CVE-2026-53031 bpf: Validate node_id in arena_alloc_pages()

In the Linux kernel, the following vulnerability has been resolved: bpf: Validate nodeid in arenaallocpages arenaallocpages accepts a plain int nodeid and forwards it through the entire allocation chain without any bounds checking. Validate nodeid before passing it down the allocation chain in...

7.8CVSS5.8AI score0.00128EPSS
Exploits0References7
AstraLinux
AstraLinux
•added 2026/05/20 5:53 a.m.•6 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed the issue of clearing dirty inodes in f2fsevictinode. As reported by Yanming in Bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215904 The kernel message is as follows: Kernel BUG at fs/f2fs/inode.c: 825! Call...

5.5CVSS5.9AI score0.00247EPSS
Exploits0References2
CNNVD
CNNVD
•added 2026/05/06 12:0 a.m.•13 views

Linux kernel å®‰å…Øę¼ę“ž

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the CNID counting check used in the HFS file system. This bug can trigger errors when the MDB is...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2026/04/30 1:16 p.m.•8 views

CVE-2025-14576

Insufficient validation of node IDs in Qt SVG module allows arbitrary QML/JavaScript code injection when loading malicious SVG files through the VectorImage component in Qt Quick. While QML execution is typically more restricted than native code execution, this could still lead to denial of...

9.3CVSS6AI score0.00224EPSS
Exploits0References3
Cvelist
Cvelist
•added 2026/04/30 12:39 p.m.•32 views

CVE-2025-14576 Possible QML code injection in VectorImage component

Insufficient validation of node IDs in Qt SVG module allows arbitrary QML/JavaScript code injection when loading malicious SVG files through the VectorImage component in Qt Quick. While QML execution is typically more restricted than native code execution, this could still lead to denial of...

9.3CVSS0.00224EPSS
Exploits0References1
Github Security Blog
Github Security Blog
•added 2026/03/02 10:29 p.m.•10 views

OpenClaw: Node exec approvals could be replayed across nodes

Summary exec.approval requests for host=node were not explicitly bound to the target nodeId, so an approval intended for one node could be replayed for a different node under the same operator-controlled gateway fleet. Impact An operator approval for a system.run request could be reused across...

6.1AI score
Exploits0References3Affected Software1
CNNVD
CNNVD
•added 2026/02/06 12:0 a.m.•7 views

free5GC å®‰å…Øę¼ę“ž

Free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of Free5GC 4.1.0 and earlier contain security vulnerabilities, which stem from incorrect operations on the ResolveNodeIdToIp function in the internal/sbi/processor/datapath.go file. These vulnerabilities may...

7.5CVSS6.1AI score0.00499EPSS
Exploits1References7
OSV
OSV
•added 2026/01/20 12:17 p.m.•8 views

CLSA-2026-1768911433 python3.11: Fix of CVE-2025-12084

CVE-2025-12084: fix denial-of-service by removing quadratic behavior in xml.dom.minidom node ID cache clearing when building deeply nested documents...

6.3CVSS5.8AI score0.00708EPSS
Exploits0References1
AstraLinux
AstraLinux
•added 2026/01/13 2:1 p.m.•3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed the issue of detecting potentially corrupted nid entries in freenidlist. According to reports, the disk-related footer.ino and footer.nid files are identical and outside the acceptable range. Therefore, we need to add...

5.7AI score0.00171EPSS
Exploits0References3
Cvelist
Cvelist
•added 2025/12/18 12:0 a.m.•28 views

CVE-2025-65563

A denial-of-service vulnerability exists in the omec-project UPF component upf-epc/pfcpiface up to at least version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Association Setup Request that is missing the mandatory NodeID Information Element, the association setup handler...

0.00369EPSS
Exploits1References2
OSV
OSV
•added 2025/12/18 12:0 a.m.•6 views

CVE-2025-65563

A denial-of-service vulnerability exists in the omec-project UPF component upf-epc/pfcpiface up to at least version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Association Setup Request that is missing the mandatory NodeID Information Element, the association setup handler...

7.5CVSS6.7AI score0.00369EPSS
Exploits1References4
OSV
OSV
•added 2025/12/16 4:16 p.m.•4 views

UBUNTU-CVE-2025-68315

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to detect potential corrupted nid in freenidlist As reported, on-disk footer.ino and footer.nid is the same and out-of-range, let's add sanity check on f2fsallocnid to detect any potential corruption in freenidlist...

5.7AI score0.00171EPSS
Exploits0References21
ATTACKERKB
ATTACKERKB
•added 2025/12/16 3:39 p.m.•7 views

CVE-2025-68315

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to detect potential corrupted nid in freenidlist As reported, on-disk footer.ino and footer.nid is the same and out-of-range, let's add sanity check on f2fsallocnid to detect any potential corruption in freenidlist...

5.8AI score0.00171EPSS
Exploits0References5Affected Software1
Mageia
Mageia
•added 2025/12/09 7:12 p.m.•8 views

Updated python3 packages fix security vulnerabilities

Excessive read buffering DoS in http.client. CVE-2025-13836 Out-of-memory when loading Plist. CVE-2025-13837 Quadratic complexity in node ID cache clearing. CVE-2025-12084...

7.5CVSS6.8AI score0.01525EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
•added 2025/12/06 9:4 a.m.•6 views

Quadratic complexity in node ID cache clearing

...

6.3CVSS7AI score0.00708EPSS
Exploits0
Cvelist
Cvelist
•added 2025/12/03 6:55 p.m.•46 views

CVE-2025-12084 Quadratic complexity in node ID cache clearing

When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building excessively nested documents...

6.3CVSS0.00708EPSS
Exploits0References14
RedhatCVE
RedhatCVE
•added 2025/05/22 8:53 p.m.•8 views

CVE-2021-31851

A Reflected Cross-Site Scripting vulnerability in McAfee Policy Auditor prior to 6.5.2 allows a remote unauthenticated attacker to inject arbitrary web script or HTML via the profileNodeID request parameters. The malicious script is reflected unmodified into the Policy Auditor web-based interface...

6.1CVSS6.5AI score0.00793EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
•added 2025/01/15 8:15 a.m.•5 views

CVE-2024-7322

A ZigBee coordinator, router, or end device may change their node ID when an unsolicited encrypted rejoin response is received, this change in node ID causes Denial of Service DoS. To recover from this DoS, the network must be re-established...

5.8CVSS5.7AI score0.00291EPSS
Exploits0References2Affected Software1
CNVD
CNVD
•added 2018/08/22 12:0 a.m.•4 views

Open Microscopy Environment OMERO.server Information Disclosure Vulnerability

Open Microscopy Environment OMERO.server is an open source image management platform. The platform supports a variety of image file formats , and image management , viewing and editing operations. An information disclosure vulnerability exists in Open Microscopy Environment OMERO.server versions...

7.2CVSS6.4AI score0.00345EPSS
Exploits0References1
Rows per page
Query Builder