Lucene search
+L

66 matches found

RedhatCVE
RedhatCVE
added 2026/06/26 9:59 a.m.8 views

CVE-2026-53271

A flaw was found in the ksmbd component of the Linux kernel. A remote attacker could exploit a NULL-dereference vulnerability in the oplock/lease break notifiers. This occurs because opinfo-conn is read without proper checks, allowing a concurrent Server Message Block SMB2 LOGOFF to set op-conn t...

5.5CVSS5.8AI score0.00119EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/06/26 2:7 a.m.6 views

SUSE CVE-2026-53271

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix NULL-deref of opinfo-conn in oplock/lease break notifiers smb2oplockbreaknoti and smb2leasebreaknoti read opinfo-conn into a local with neither READONCE nor a NULL check. Both run from oplockbreak after opinfogetlist h...

5.8AI score0.00119EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.7 views

CVE-2026-53271

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix NULL-deref of opinfo-conn in oplock/lease break notifiers smb2oplockbreaknoti and smb2leasebreaknoti read opinfo-conn into a local with neither READONCE nor a NULL check. Both run from oplockbreak after opinfogetlist h...

5.5CVSS5.6AI score0.00119EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:39 a.m.8 views

CVE-2026-53271

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix NULL-deref of opinfo-conn in oplock/lease break notifiers smb2oplockbreaknoti and smb2leasebreaknoti read opinfo-conn into a local with neither READONCE nor a NULL check. Both run from oplockbreak after opinfogetlist h...

5.6AI score0.00119EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/06/25 8:39 a.m.10 views

EUVD-2026-39222

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix NULL-deref of opinfo-conn in oplock/lease break notifiers smb2oplockbreaknoti and smb2leasebreaknoti read opinfo-conn into a local with neither READONCE nor a NULL check. Both run from oplockbreak after opinfogetlist h...

5.7AI score0.00119EPSS
Exploits0References5
OSV
OSV
added 2026/06/25 8:39 a.m.5 views

CVE-2026-53271 ksmbd: fix NULL-deref of opinfo->conn in oplock/lease break notifiers

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix NULL-deref of opinfo-conn in oplock/lease break notifiers smb2oplockbreaknoti and smb2leasebreaknoti read opinfo-conn into a local with neither READONCE nor a NULL check. Both run from oplockbreak after opinfogetlist h...

5.5CVSS5.8AI score0.00119EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.29 views

PT-2026-44236

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the KVM x86 shadow paging mechanism. The shadow MMU calculates Guest Frame Numbers GFNs for direct shadow pages by adding the SPTE index to sp-gfn. This...

8.8CVSS5.9AI score0.00126EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: Use cpuhpstateremoveinstancenocalls instead of cpuhpstateremoveinstance so that the notifications do not execute after the PMU device has been unregistered. When tearing down a ‘hisihns3’ PMU, we mistakenly ra...

5.5CVSS6.1AI score0.00239EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: hwmon: coretemp Simplified platform device handling Coretemp’s platform driver is unconventional. All the actual processing is performed globally by the initcall and CPU hotplug notifiers. The “driver” essentially just wraps t...

5.5CVSS6.2AI score0.00136EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Take the RTNL lock when necessary before calling xdpsetfeatures. The RTNL lock should be held when calling xdpsetfeatures with a registered netdev, as this call triggers the netdev notifiers. This could occur, for...

5.5CVSS6.2AI score0.00168EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.7 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013523)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013523 advisory. In the Linux kernel, the following vulnerability has been resolved: perf: hisi: Fix use-after-free when register pmu fails When we fail to register the uncore pmu, t...

7.8CVSS6.9AI score0.00241EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.12 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-011048)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011048 advisory. In the Linux kernel, the following vulnerability has been resolved: perf: hisi: Fix use-after-free when register pmu fails When we fail to register the uncore pmu, t...

7.8CVSS6.5AI score0.00241EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.7 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013221)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013221 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: Fix notifiers being shared by PCI and VIO buses failiommusetup registers the...

5.6AI score0.00204EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/09 10:57 a.m.6 views

CVE-2022-38358

Improper neutralization of input during web page generation leaves the Eyes of Network web application vulnerable to cross-site scripting attacks at /module/adminnotifiers/rules.php and /module/reportevent/indext.php via the parameters rulenotification, rulename, and rulenameold, and at...

6.1CVSS6.3AI score0.00529EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2025/12/25 12:55 a.m.5 views

SUSE CVE-2023-54095

In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: Fix notifiers being shared by PCI and VIO buses failiommusetup registers the failiommubusnotifier struct to both PCI and VIO buses. struct notifierblock is a linked list node, so this causes any notifiers later...

5.5CVSS6.5AI score0.00204EPSS
Exploits0References23
NVD
NVD
added 2025/12/24 1:16 p.m.7 views

CVE-2023-54095

In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: Fix notifiers being shared by PCI and VIO buses failiommusetup registers the failiommubusnotifier struct to both PCI and VIO buses. struct notifierblock is a linked list node, so this causes any notifiers later...

0.00204EPSS
Exploits0References9
OSV
OSV
added 2025/12/24 1:16 p.m.6 views

UBUNTU-CVE-2023-54095

In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: Fix notifiers being shared by PCI and VIO buses failiommusetup registers the failiommubusnotifier struct to both PCI and VIO buses. struct notifierblock is a linked list node, so this causes any notifiers later...

5.7AI score0.00204EPSS
Exploits0References11
Cvelist
Cvelist
added 2025/12/24 1:6 p.m.33 views

CVE-2023-54095 powerpc/iommu: Fix notifiers being shared by PCI and VIO buses

In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: Fix notifiers being shared by PCI and VIO buses failiommusetup registers the failiommubusnotifier struct to both PCI and VIO buses. struct notifierblock is a linked list node, so this causes any notifiers later...

0.00204EPSS
Exploits0References9
Snyk
Snyk
added 2025/10/09 11:54 p.m.5 views

Malicious Package

Overview js-notifiers is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
EUVD
EUVD
added 2025/10/09 11:54 p.m.3 views

EUVD-2025-33625

Malicious code in js-notifiers npm...

6.6AI score
Exploits0References1
Rows per page
Query Builder