Lucene search
K

670 matches found

OSV
OSV
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-1015 TensorFlow vulnerable to assertion fail on MLIR empty edge names

Impact When mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes, it crashes. cpp // We pre-allocate the array of operands and populate it using the // outputnametoposition and controloutputtoposition populated // previously. SmallVector retvalsfunc.retsize +...

5.9CVSS5.9AI score0.00547EPSS
Exploits0References8
CVE
CVE
added 2026/07/06 7:33 p.m.14 views

CVE-2026-44362

OP-TEE (trusted execution environment for Arm TrustZone) has a vulnerability in subkey rollback protection affecting versions 3.20.0 through 4.10.x; during TA loading, shdr_load_pub_key() fails to propagate subkey_version into the runtime structure, so key->version stays zero. When check_updat...

5.5CVSS6AI score0.00122EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/07/06 5:24 p.m.16 views

CVE-2026-41434

OP-TEE (a TEE for Arm TrustZone) has an unbounded recursion in sanitize_client_object() that can crash the PKCS#11 trusted app. Affected versions are 3.10.0 up to, but not including, 4.11.0. Version 4.11.0 contains the patch. No public workarounds are documented. This CVE affects the PKCS#11 TA a...

3.3CVSS6AI score0.00105EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/07/06 4:26 p.m.5 views

EUVD-2026-41891

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.21.0 and prior to version 4.11.0, the ARM Crypto Extensions accelerated SHA-3 implementation has an off-by-one erro...

5.5CVSS6AI score0.00109EPSS
Exploits0References1
CVE
CVE
added 2026/07/06 4:26 p.m.15 views

CVE-2026-40257

CVE-2026-40257 affects OP-TEE (Trusted Execution Environment) for Cortex-A with TrustZone. From versions 3.21.0 up to, but not including, 4.11.0, the ARM Crypto Extensions accelerated SHA-3 implementation has an off-by-one error that can cause a massive heap overflow, corrupting all TEE kernel me...

5.5CVSS6AI score0.00109EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/07/06 12:0 a.m.4 views

CVE-2026-38976

mrubyc through 3.4.1 was found to contain a NULL pointer dereference in src/vm.c in opsuper / OPSUPER due to a missing runtime guard for top-level super...

7.5CVSS5.9AI score0.00339EPSS
Exploits0References5
OSV
OSV
added 2026/07/02 8:55 p.m.2 views

GHSA-V8RP-6XCV-FWGH Kiwi TCMS's /init-db/ page renders and responds to requests after first use

Kiwi TCMS provides the /init-db/ page as part of its setup mechanism for administrators who prefer a browser instead of the command line. In previous versions of Kiwi TCMS this page still renders and responds to requests even after first use. Impact The /init-db/ page does not require any user...

6.9CVSS5.8AI score0.00048EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.14 views

PT-2026-55201

Name of the Vulnerable Software and Affected Versions SUSE Rancher Fleet versions prior to 0.15.2 SUSE Rancher Fleet versions prior to 0.14.6 SUSE Rancher Fleet versions prior to 0.13.11 SUSE Rancher Fleet versions prior to 0.12.15 Description Missing validation of valuesFrom references in the He...

9.9CVSS5.8AI score0.00585EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/06/26 7:23 a.m.11 views

CVE-2026-53169

A flaw was found in the Linux kernel's accel/ethosu driver. An unprivileged local user with access to the Direct Rendering Manager DRM device could submit a specific command NPUOPRESIZE that the driver does not properly handle. This could lead to excessive kernel log spam and, if the paniconwarn...

5.5CVSS5.8AI score0.00107EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/25 9:31 a.m.5 views

EUVD-2026-39344

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Skip CSD when it has zeroed workgroups A compute shader dispatch encodes its workgroup counts in the CFG0..CFG2 registers. Kicking off a dispatch with a zero count in any of the three dimensions is invalid. First, the...

6AI score0.00122EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 9:16 a.m.7 views

CVE-2026-53139

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Skip CSD when it has zeroed workgroups A compute shader dispatch encodes its workgroup counts in the CFG0..CFG2 registers. Kicking off a dispatch with a zero count in any of the three dimensions is invalid. First, the...

5.5CVSS0.00122EPSS
Exploits0References7
CVE
CVE
added 2026/06/25 8:38 a.m.13 views

CVE-2026-53169

In the Linux kernel, accel/ethosu has been fixed to reject NPU_OP_RESIZE commands from userspace. The driver previously used an unconditional WARN_ON(1) in DRM_IOCTL_ETHOSU_GEM_CREATE, enabling kernel log spam and, if panic_on_warn was set, potential DoS via a local unprivileged user. The patch r...

5.5CVSS5.8AI score0.00107EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/24 7:14 a.m.40 views

CVE-2026-52939

CVE-2026-52939 is addressed by the Debian/Ubuntu Linux kernel fixes in the 6.1.y series. Debian LTS advisories (DLA-4671, DLA-4665) indicate linux-6.1 packages are updated to mitigate this issue, e.g., Debian 11/12 updates shipping linux-6.1 with CVE-2026-52939 included and patched versions such ...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References8Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.15 views

PT-2026-52142

Name of the Vulnerable Software and Affected Versions Cacti versions prior to 1.2.31 Description Command Injection occurs due to insufficient sanitization in the escape command function located at lib/rrd.php, which acts as a no-op by returning the $command unchanged. The command line constructed...

9.8CVSS5.8AI score0.01113EPSS
Exploits0References15
EUVD
EUVD
added 2026/06/09 2:27 p.m.11 views

EUVD-2026-31440

shell-quote quote does not escape newlines in object .op values...

9.2CVSS5.4AI score0.00848EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/06/03 4:45 p.m.10 views

CVE-2026-40290

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.16.0 and prior to 4.11.0, a user-after-free UAF race condition exists in the shared memory teardown logic of FF-A...

7.8CVSS5.8AI score0.00187EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.9 views

OP-TEE Trusted OS 安全漏洞

OP-TEE Trusted OS is an implementation of the OP-TEE open-source project, which creates an open-source Trusted Execution Environment TEE that utilizes Arm TrustZone technology. There were security vulnerabilities in versions 4.3.0 to 4.11.0 of OP-TEE Trusted OS. These vulnerabilities stemmed from...

5.5CVSS5.4AI score0.00155EPSS
Exploits1References2
OSV
OSV
added 2026/06/01 9:27 a.m.5 views

SUSE-SU-2026:21936-1 Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-35.1 fixes various security issues The following security issues were fixed: - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. - CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259798. - CVE-2026-23274:...

7.8CVSS6.4AI score0.03663EPSS
Exploits17References13
OSV
OSV
added 2026/06/01 9:26 a.m.6 views

SUSE-SU-2026:21891-1 Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-36.1 fixes various security issues The following security issues were fixed: - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. - CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259798. - CVE-2026-23274:...

7.8CVSS6.4AI score0.03663EPSS
Exploits17References13
OSV
OSV
added 2026/06/01 9:26 a.m.6 views

SUSE-SU-2026:21939-1 Security update for the Linux Kernel (Live Patch 16 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-39.1 fixes various security issues The following security issues were fixed: - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. - CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259798. - CVE-2026-23274:...

7.8CVSS6.4AI score0.03663EPSS
Exploits17References13
Rows per page
Query Builder