Lucene search
K

760 matches found

Snyk
Snyk
added 2026/06/19 7:34 p.m.4 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the group parsing process. An attacker can cause memory exhaustion and disrupt the container runtime API by supplying a maliciously crafted image that triggers unbounded parsing,...

6.9CVSS5.9AI score0.00317EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux

A issue was discovered in Xen through version 4.14.x. Some operating systems, such as Linux, FreeBSD, and NetBSD, process watch events using a single thread. If these events are received faster than the thread can handle them, they will be queued up. Since the queue is unbounded, a guest system m...

6.5CVSS6.5AI score0.00348EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.6 views

openSUSE 16 Security Update : polkit (openSUSE-SU-2026:20925-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20925-1 advisory. This update for polkit fixes the following issue: - CVE-2026-4897: Fixed possible OOM condition via specially crafted input to polkit-agent-helper-1...

5.5CVSS5.5AI score0.00131EPSS
Exploits0References3
CVE
CVE
added 2026/06/09 12:11 p.m.59 views

CVE-2026-46321

Summary. CVE-2026-46321 concerns the Linux kernel tun/tap with vhost-net, where a short-frame rejection path in tun_xdp_one() can leak memory pages. Specifically, when a frame is shorter than ETH_HLEN, tun_xdp_one() returns -EINVAL without freeing the page allocated by vhost_net_build_xdp(). tun_...

7.1CVSS5.4AI score0.00129EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2026/06/08 4:26 p.m.4 views

SUSE-SU-2026:22054-1 Security update for polkit

This update for polkit fixes the following issue: - CVE-2026-4897: Fixed possible OOM condition via specially crafted input to polkit-agent-helper-1 bsc1260859...

5.5CVSS5.4AI score0.00131EPSS
Exploits0References3
OSV
OSV
added 2026/06/08 4:26 p.m.3 views

SUSE-SU-2026:22090-1 Security update for polkit

This update for polkit fixes the following issue: - CVE-2026-4897: Fixed possible OOM condition via specially crafted input to polkit-agent-helper-1 bsc1260859...

5.5CVSS5.2AI score0.00131EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/02 3:27 p.m.11 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: rxrpc: DATA/RESPONSE packets are also unshared when paged fragments are present. The DATA-packet handler in rxrpcinputcallevent and the RESPONSE handler in rxrpcverifyresponse copy the skb into a linear sequence before calling...

7.8CVSS6.9AI score0.92766EPSS
Exploits20References3
EUVD
EUVD
added 2026/05/27 8:56 p.m.11 views

EUVD-2026-32666

Volcano is a Kubernetes-native batch scheduling system. Prior to v1.14.2, v1.13.3, and v1.12.4, the Volcano webhook server does not enforce a size limit on incoming HTTP request bodies. Any in-cluster pod that can reach the webhook endpoint may send an arbitrarily large request body, potentially...

6.8CVSS5.8AI score0.00173EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/05/26 4:2 p.m.105 views

patch-to-exploit

patch-to-exploit Lab + PoC scripts for "30 minutes from patch...

9.8CVSS6.1AI score0.84631EPSS
Exploits21
Rockylinux
Rockylinux
added 2026/05/21 4:27 p.m.11 views

libtiff security update

An update is available for libtiff. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libtiff packages contain a library of functions for manipulating Tagged...

7.5CVSS6.8AI score0.02187EPSS
Exploits1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: mm/vmalloc: fixed vmalloc, which may return null if called with GFPNOFAIL. The commit a421ef303008 "mm: allow !GFPKERNEL allocations for kvmalloc" includes support for GFPNOFAIL, but it creates a conflict with the commit...

5.5CVSS6.5AI score0.00226EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: x86 – Handling of SRCU initialization failures during page track initialization Check the return value of initsrcustruct, which may fail due to OOM conditions when initializing the page track mechanism. Lack of checking lead...

5.5CVSS5.4AI score0.0025EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: block, bfq: do not move oombfqq Our test report a UAF: 2073.019181 ================================================================== 2073.019188 BUG: KASAN: use-after-free in bfqputbfqq+0xa0/0x168 2073.019191 Written a size 8...

7.8CVSS6.3AI score0.00262EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/08 2:21 p.m.33 views

CVE-2026-43400 drm/amdgpu: add upper bound check on user inputs in signal ioctl

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in signal ioctl Huge input values in amdgpuuserqsignalioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough...

0.00126EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/08 2:21 p.m.7 views

CVE-2026-43398

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in wait ioctl Huge input values in amdgpuuserqwaitioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough value...

5.8AI score0.00126EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/05/08 2:16 p.m.5 views

UBUNTU-CVE-2026-43287

In the Linux kernel, the following vulnerability has been resolved: drm: Account property blob allocations to memcg DRMIOCTLMODECREATEPROPBLOB allows userspace to allocate arbitrary-sized property blobs backed by kernel memory. Currently, the blob data allocation is not accounted to the allocatin...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References17
OSV
OSV
added 2026/04/30 1:22 p.m.6 views

SUSE-SU-2026:21461-1 Security update for helm

This update for helm fixes the following issues: Update to version 3.20.2. Security issued fixed: - CVE-2025-55199: specially crafted JSON Schema can lead to out of memory OOM termination bsc1248093. - CVE-2026-35206: specially crafted Chart will have contents extracted to immediate output...

6.5CVSS6.8AI score0.00311EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/04/24 12:0 a.m.4 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: python3 (UTSA-2026-014318)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014318 advisory. When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues Tenable has...

5.5CVSS7.1AI score0.00193EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/18 12:0 a.m.4 views

SUSE SLES12 Security Update : polkit (SUSE-SU-2026:1425-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:1425-1 advisory. This update for polkit fixes the following issue: - CVE-2026-4897: Fixed possible OOM condition via specially crafted input to polkit-agent-helper-1...

5.5CVSS5.8AI score0.00131EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/13 1:40 p.m.33 views

CVE-2026-31420 bridge: mrp: reject zero test interval to avoid OOM panic

In the Linux kernel, the following vulnerability has been resolved: bridge: mrp: reject zero test interval to avoid OOM panic brmrpstarttest and brmrpstartintest accept the user-supplied interval value from netlink without validation. When interval is 0, usecstojiffies0 yields 0, causing the...

0.00091EPSS
Exploits0References4
Rows per page
Query Builder