Lucene search
K

54 matches found

CVE
CVE
added 2026/06/24 4:29 p.m.8 views

CVE-2026-52995

The CVE-2026-52995 issue affects the Linux kernel’s RDS path: rds_for_each_conn_info() and rds_walk_conn_path_info() pass a caller-allocated on-stack buffer to visitors and then copy item_len bytes back to user space, potentially exposing uninitialized stack data. In particular, rds_ib_conn_info_...

6AI score0.00176EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.18 views

PT-2026-44255

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A stack information leak exists in the rtnl fill vfinfo function. The function declares a struct ifla vf broadcast on the stack without initialization. This structure contains a 32-byte...

9.8CVSS5.9AI score0.00491EPSS
Exploits0References366
NVD
NVD
added 2026/05/11 6:16 p.m.16 views

CVE-2026-42859

Neat VNC is a VNC server library. Prior to 0.9.6, a pre-authentication stack buffer overflow exists in neatvnc in the RSA-AES security type handler. An unauthenticated remote attacker who can reach the VNC listening socket can send a crafted security type 5 RSA-AES or security type 129 RSA-AES-25...

9.3CVSS0.0055EPSS
Exploits0References2
Broadcom
Broadcom
added 2026/01/27 12:0 a.m.21 views

Scan discovered multiple CVEs against glibc

Binary scan of Brocade Fabric OS identified multiple potential CVEs against glibc CVE-2020-6096 An exploitable signed comparison vulnerability exists in the ARMv7 memcpy implementation of GNU glibc 2.30.9000. Calling memcpy on ARMv7 targets that utilize the GNU glibc implementation with a negativ...

8.1CVSS7.8AI score0.05223EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003654)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003654 advisory. An issue was discovered in writetptentry in drivers/infiniband/hw/cxgb4/mem.c in the Linux kernel through 5.3.2. The cxgb4 driver is directly calling dmamapsingle a...

7.5CVSS6.8AI score0.06236EPSS
Exploits0References13
GithubExploit
GithubExploit
added 2026/01/03 12:49 a.m.259 views

Exploit for Use After Free in Apple Safari

CVE-2025-43529: JavaScriptCore DFG ObjectAllocationSinkingPhas...

8.8CVSS6.6AI score0.08439EPSS
Exploits8
SUSE CVE
SUSE CVE
added 2025/12/31 12:27 a.m.3 views

SUSE CVE-2023-54235

In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fix destroyworkonstack race The following debug object splat was observed in testing: ODEBUG: free active active state 0 object: 0000000097d23782 object type: workstruct hint: doestatemachinework+0x0/0x510 WARNING: CPU: ...

4.7CVSS6.6AI score0.00168EPSS
Exploits0References17
UbuntuCve
UbuntuCve
added 2025/12/30 1:16 p.m.3 views

CVE-2023-54235

In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fix destroyworkonstack race The following debug object splat was observed in testing: ODEBUG: free active active state 0 object: 0000000097d23782 object type: workstruct hint: doestatemachinework+0x0/0x510 WARNING: CPU: ...

5.8AI score0.00168EPSS
Exploits0References6
OSV
OSV
added 2025/12/30 1:16 p.m.3 views

UBUNTU-CVE-2023-54235

In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fix destroyworkonstack race The following debug object splat was observed in testing: ODEBUG: free active active state 0 object: 0000000097d23782 object type: workstruct hint: doestatemachinework+0x0/0x510 WARNING: CPU: ...

5.7AI score0.00168EPSS
Exploits0References7
CVE
CVE
added 2025/12/30 12:11 p.m.17 views

CVE-2023-54235

CVE-2023-54235 affects the Linux kernel and describes a race in the PCI/DOE path where destroy_work_on_stack() could race with the PCI DOE worker’s work_struct going out of scope. The issue manifested as a debug object dump and warning in the DoE workqueue (pci 0000:36:00.0 DOE). The recommended ...

6.2AI score0.00168EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/29 3:30 p.m.4 views

EUVD-2025-205581

A type confusion in jsish 2.0 allows incorrect control flow during execution of the OPNEXT opcode. When an “instanceof” expression uses an array element access as the left-hand operand inside a for-in loop, the instructions implementation leaves an additional array reference on the stack rather...

7.1AI score0.00445EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2025/12/16 2:15 p.m.3 views

CVE-2025-68234

In the Linux kernel, the following vulnerability has been resolved: iouring/cmdnet: fix wrong argument types for skbqueuesplice If timestamp retriving needs to be retried and the local list of SKB's already has entries, then it's spliced back into the socket queue. However, the arguments for the...

5.7AI score0.00145EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.6 views

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-53680)

ipvs: vulnerability causes undefined behavior due to uninitialized stack access in ipvsprotocolinit, which is fixed by zeroing the on-stack buffer to prevent out-of-bound accesses. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more informatio...

5.5CVSS7.2AI score0.00224EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.6 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990081)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990081 advisory. In the Linux kernel, the following vulnerability has been resolved: ipvs: fix UB due to uninitialized stack access in ipvsprotocolinit Under certain kernel...

5.5CVSS6.6AI score0.00224EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2025/11/01 10:54 a.m.8 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: wifi: mt76: fix linked list corruption Never leave scheduled wcid entries on the temporary on-stack list...

5.5CVSS5.7AI score0.00134EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.2 views

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-42093)

net/dpaa2: explicit cpumask var allocation on stack For CONFIGCPUMASKOFFSTACK=y kernel, explicit allocation of cpumask variable on stack can cause potential stack overflow. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

7.3CVSS6.7AI score0.00223EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/08 8:32 a.m.7 views

EUVD-2025-31833

A vulnerability was detected in Kilo Code up to 4.86.0. Affected is the function ClineProvider of the file src/core/webview/ClineProvider.ts of the component Prompt Handler. Performing manipulation results in injection. The attack can be initiated remotely. The exploit is now public and may be...

7.5CVSS6.4AI score0.00297EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/10/02 11:43 a.m.6 views

CVE-2025-39918

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: fix linked list corruption Never leave scheduled wcid entries on the temporary on-stack list...

7CVSS6AI score0.00134EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/10/01 11:22 p.m.5 views

SUSE CVE-2025-39918

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: fix linked list corruption Never leave scheduled wcid entries on the temporary on-stack list...

4.3CVSS6.6AI score0.00134EPSS
Exploits0References11
NVD
NVD
added 2025/10/01 8:15 a.m.5 views

CVE-2025-39918

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: fix linked list corruption Never leave scheduled wcid entries on the temporary on-stack list...

5.5CVSS0.00134EPSS
Exploits0References3
Rows per page
Query Builder