Lucene search
+L

671 matches found

OSV
OSV
added 2026/05/20 10:16 a.m.10 views

UBUNTU-CVE-2026-44933

PluginScript attempts to chroot the plugin to the repoManagerRoot, this root is frequently / the system root in standard configurations or when using --root. If the chroot target is /, it is a no-op, allowing the traversed path to execute host binaries like /bin/bash with root privileges...

8.5CVSS5.9AI score0.00214EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: drm/etnaviv: checking for the reaped mapping in etnaviviommuunmapgem. When the mapping has already been reaped, the unmap operation must be a no-op. Otherwise, we would try to remove the mapping twice, corrupting the involved dat...

5.5CVSS6.1AI score0.00253EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: sched/ext: Prevent calls to updatelockedrq with a NULL rq. Avoid invoking updatelockedrq when the runqueue .rq pointer is NULL in the SCXCALLOP and SCXCALLOPRET macros. Previously, calling updatelockedrqNULL with preemption enabl...

5.5CVSS5.9AI score0.00137EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/19 9:57 p.m.21 views

dovecot: denial of service via specially crafted NOOP command

A flaw was found in dovecot. An unauthenticated and remote attacker can send a specially crafted "NOOP" command containing numerous open and close parentheses without a command-ending line feed, causing the server to allocate an excessive amount of memory, resulting in a denial of service...

7.5CVSS5.8AI score0.00667EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/05/19 4:19 p.m.15 views

dovecot: denial of service via specially crafted NOOP command

A flaw was found in dovecot. An unauthenticated and remote attacker can send a specially crafted "NOOP" command containing numerous open and close parentheses without a command-ending line feed, causing the server to allocate an excessive amount of memory, resulting in a denial of service...

7.5CVSS5.8AI score0.00667EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/05/19 4:19 p.m.18 views

Important: Red Hat Security Advisory: dovecot security update

An update for dovecot is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS5.9AI score0.0079EPSS
Exploits2References4
OSV
OSV
added 2026/05/18 8:2 a.m.8 views

SUSE-SU-2026:1959-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. - CVE-2026-46300: net: skbuff: propagate shared-frag marker...

8.8CVSS6.1AI score0.93235EPSS
Exploits47References11
SUSE Linux
SUSE Linux
added 2026/05/18 7:38 a.m.8 views

Security update for xen

This update for xen fixes the following issue CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264066. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...

7.4CVSS5.8AI score0.00258EPSS
Exploits0References4
OSV
OSV
added 2026/05/17 5:14 p.m.9 views

SUSE-SU-2026:1908-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. - CVE-2026-46300: net: skbuff: propagate shared-frag marker...

7.8CVSS6.1AI score0.03663EPSS
Exploits17References7
OSV
OSV
added 2026/05/15 3:56 p.m.2 views

SUSE-SU-2026:21779-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. - CVE-2026-46300: net: skbuff: propagate shared-frag marker throu...

7.8CVSS6.8AI score0.03663EPSS
Exploits11References5
OSV
OSV
added 2026/05/15 3:54 p.m.8 views

SUSE-SU-2026:21782-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. - CVE-2026-46300: net: skbuff: propagate shared-frag marker throu...

7.8CVSS6AI score0.03663EPSS
Exploits11References5
SUSE CVE
SUSE CVE
added 2026/05/15 1:58 a.m.9 views

SUSE CVE-2026-43486

In the Linux kernel, the following vulnerability has been resolved: arm64: contpte: fix setaccessflags no-op check for SMMU/ATS faults contpteptepsetaccessflags compared the gathered ptepget value against the requested entry to detect no-ops. ptepget ORs AF/dirty from all sub-PTEs in the CONT...

5.8AI score0.00114EPSS
Exploits0References3
Amazon
Amazon
added 2026/05/14 12:0 a.m.23 views

Medium: oci-add-hooks

Issue Overview: Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler cmd/compile. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption in programs compiled with...

9.8CVSS7.4AI score0.00621EPSS
Exploits0
Amazon
Amazon
added 2026/05/14 12:0 a.m.23 views

Important: docker

Issue Overview: Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler cmd/compile. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption in programs compiled with...

9.8CVSS7.3AI score0.08123EPSS
Exploits1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of aggregate values in the contpteptepsetaccessflags function when detecting no operation...

5.8AI score0.00114EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.12 views

PT-2026-40778

Name of the Vulnerable Software and Affected Versions AMD Zen 2-based products affected versions not specified Description Improper isolation of shared resources within the CPU operation op/µop cache on Zen 2-based products can cause incorrect instructions to be executed at a higher privilege...

7.3CVSS5.4AI score0.00258EPSS
Exploits0
EUVD
EUVD
added 2026/05/08 3:31 p.m.10 views

EUVD-2025-209749

In the Linux kernel, the following vulnerability has been resolved: Revert "arm64: zynqmp: Add an OP-TEE node to the device tree" This reverts commit 06d22ed6b6635b17551f386b50bb5aaff9b75fbe. OP-TEE logic in U-Boot automatically injects a reserved-memory node along with optee firmware node to...

5.8AI score0.00138EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/05 5:23 p.m.9 views

dovecot: denial of service via specially crafted NOOP command

A flaw was found in dovecot. An unauthenticated and remote attacker can send a specially crafted "NOOP" command containing numerous open and close parentheses without a command-ending line feed, causing the server to allocate an excessive amount of memory, resulting in a denial of service...

7.5CVSS5.8AI score0.00667EPSS
Exploits1References5
OSV
OSV
added 2026/05/01 6:16 p.m.5 views

UBUNTU-CVE-2026-37457

An off-by-one out-of-bounds write vulnerability in the bgpflowspecopdecode function bgpd/bgpflowspecutil.c of FRRouting FRR stable/10.0 allows attackers to cause a Denial of Service DoS via supplying a crafted FlowSpec component...

7.5CVSS5.8AI score0.00389EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.24 views

Amazon Linux 2 : golang, --advisory ALAS2-2026-3259 (ALAS-2026-3259)

The version of golang installed on the remote host is prior to 1.25.9-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3259 advisory. SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at...

9.8CVSS6.4AI score0.00658EPSS
Exploits0References20
Rows per page
Query Builder