Lucene search
+L

80 matches found

attackerkb
attackerkb
added 2026/06/30 10:8 p.m.7 views

CVE-2026-56278

Flowise before 3.1.0 affected versions 3.0.13 and earlier uses a weak hardcoded default secret 'flowise' for the express-session middleware when the EXPRESSSESSIONSECRET environment variable is not set packages/server/src/enterprise/middleware/passport/index.ts. Because this default secret is...

9.3CVSS5.8AI score0.0036EPSS
Exploits0References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2. When attempting to mount an HFS+ partition, the hfsplus filesystem driver does not correctly set the ERRNO value. This issue may lead to a NULL pointer access...

4.4CVSS5AI score0.00211EPSS
Exploits0References3
osv
osv
added 2026/06/17 7:48 p.m.4 views

CVE-2026-48817 Starlette: Arbitrary HTTP method dispatched to `HTTPEndpoint` attributes via `getattr`

Starlette is a lightweight ASGI framework/toolkit. In versions 1.0.1 and below, when dispatching a request, HTTPEndpoint selects the handler by lowercasing the HTTP method and looking it up as an attribute with getattr, without restricting the lookup to a known set of HTTP verbs. When an...

5.3CVSS5.9AI score0.00213EPSS
Exploits0References4
nvd
nvd
added 2026/06/08 5:16 p.m.10 views

CVE-2026-46279

In the Linux kernel, the following vulnerability has been resolved: mm/alloctag: clear codetag for pages allocated before pageext initialization Due to initialization ordering, pageext is allocated and initialized relatively late during boot. Some pages have already been allocated and freed befor...

7.8CVSS0.00127EPSS
Exploits0References3
redhatcve
redhatcve
added 2026/05/28 3:0 a.m.14 views

CVE-2026-45896

A flaw was found in the Linux kernel's mtdinteldg driver. This vulnerability occurs because the regions array is accessed before its size nregions is properly set, leading to an out-of-bounds memory access. A local attacker could potentially exploit this issue to cause system instability or a...

7.8CVSS5.8AI score0.00162EPSS
Exploits0References4
cnnvd
cnnvd
added 2026/05/27 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a failure in setting limits during the raid1run function. As a result, registered threads are not...

5.8AI score0.00155EPSS
Exploits0References4
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed a NULL pointer dereference in amdgpudmi2cxfer. When ddcserviceconstruct is called, it explicitly checks both the link type and whether there is something on the link that will determine whether the pin is...

5.5CVSS5AI score0.00236EPSS
Exploits0References2
osv
osv
added 2026/05/16 12:10 p.m.8 views

CLSA-2026-1778933429 Fix CVE(s): CVE-2024-11003, CVE-2024-48990, CVE-2024-48991, CVE-2024-48992

SECURITY UPDATE: drop usage of Module::ScanDeps to prevent LPE - debian/patches/CVE-2024-11003.patch: drop usage of Module::ScanDeps to prevent LPE - CVE-2024-11003 SECURITY UPDATE: do not set PYTHONPATH environment variable to prevent a LPE - debian/patches/CVE-2024-48990.patch: do not set...

7.8CVSS7.3AI score0.19924EPSS
Exploits15References1
osv
osv
added 2026/05/08 3:16 p.m.17 views

UBUNTU-CVE-2026-43354

In the Linux kernel, the following vulnerability has been resolved: iio: proximity: hx9023s: Protect against division by zero in setsampfreq Avoid division by zero when sampling frequency is unspecified...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References7
susecve
susecve
added 2026/05/07 2:17 a.m.14 views

SUSE CVE-2026-43137

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Fix NULL pointer dereference If there's a mismatch between the DAI links in the machine driver and the topology, it is possible that the playback/capture widget is not set, especially in the case of loopbac...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References3
euvd
euvd
added 2026/05/06 12:30 p.m.9 views

EUVD-2026-27699

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Fix NULL pointer dereference If there's a mismatch between the DAI links in the machine driver and the topology, it is possible that the playback/capture widget is not set, especially in the case of loopbac...

5.8AI score0.00127EPSS
Exploits0References5
attackerkb
attackerkb
added 2026/05/06 11:27 a.m.9 views

CVE-2026-43137

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Fix NULL pointer dereference If there's a mismatch between the DAI links in the machine driver and the topology, it is possible that the playback/capture widget is not set, especially in the case of loopbac...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References6Affected Software1
cvelist
cvelist
added 2026/05/06 11:27 a.m.33 views

CVE-2026-43137 ASoC: SOF: Intel: hda: Fix NULL pointer dereference

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Fix NULL pointer dereference If there's a mismatch between the DAI links in the machine driver and the topology, it is possible that the playback/capture widget is not set, especially in the case of loopbac...

0.00127EPSS
Exploits0References5
osv
osv
added 2026/05/06 11:27 a.m.2 views

CVE-2026-43137 ASoC: SOF: Intel: hda: Fix NULL pointer dereference

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Fix NULL pointer dereference If there's a mismatch between the DAI links in the machine driver and the topology, it is possible that the playback/capture widget is not set, especially in the case of loopbac...

5.5CVSS5.9AI score0.00127EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2026/05/06 12:0 a.m.12 views

PT-2026-37477

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference can occur in the ASoC SOF Intel hda component. This happens when there is a mismatch between the DAI links in the machine driver and the topology, which may...

5.5CVSS5.4AI score0.00127EPSS
Exploits0
nvd
nvd
added 2026/05/01 3:16 p.m.7 views

CVE-2026-31750

In the Linux kernel, the following vulnerability has been resolved: comedi: runflags cannot determine whether to reclaim chanlist syzbot reported a memory leak 1, because commit 4e1da516debb "comedi: Add reference counting for Comedi command handling" did not consider the exceptional exit case in...

5.5CVSS0.00107EPSS
Exploits0References2
nessus
nessus
added 2026/04/21 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011321)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011321 advisory. In the Linux kernel, the following vulnerability has been resolved: devlink: report devlinkporttypewarn source device devlinkporttypewarn is scheduled for port devli...

5.8AI score0.00224EPSS
Exploits0References4
snyk
snyk
added 2026/03/07 6:44 p.m.3 views

Improper Verification of Cryptographic Signature

Overview parse-server is a version of the Parse backend that can be deployed to any infrastructure that can run Node.js. Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature in the authentication process when the audience configuration option is not...

9.8CVSS5.8AI score0.00525EPSS
Exploits0References2
snyk
snyk
added 2026/03/03 2:50 p.m.4 views

Missing Encryption of Sensitive Data

Overview github.com/rancher/rancher/pkg/controllers/management/node is a complete container management platform Affected versions of this package are vulnerable to Missing Encryption of Sensitive Data in the cluster creation using RKE templates with Weave CNI, where the WEAVEPASSWORD is not set,...

7.6CVSS5.8AI score0.00369EPSS
Exploits1References2
nvd
nvd
added 2026/01/26 10:16 a.m.7 views

CVE-2025-59103

The Access Manager 92xx in hardware revision K7 is based on Linux instead of Windows CE embedded in older hardware revisions. In this new hardware revision it was noticed that an SSH service is exposed on port 22. By analyzing the firmware of the devices, it was noticed that there are two users...

9.2CVSS0.00403EPSS
Exploits0References3
Rows per page
Query Builder