Lucene search
+L

1154 matches found

SUSE Linux
SUSE Linux
added 6 days ago5 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2023-53995: net: ipv4: fix one memleak in inetdelifa bsc1255616. CVE-2026-23255: net: add proper RCU protection to /proc/net/ptype bsc1259891. CVE-2026-23451: bonding:...

9.3CVSS6.9AI score0.00574EPSS
Exploits12References260
SUSE Linux
SUSE Linux
added 2026/07/08 2:59 p.m.15 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-40216: iouring/rsrc: don't rely on user vaddr alignment bsc1259764. CVE-2025-40341: futex: Don't leak robustlist pointer on exec race bsc1255029. CVE-2025-71294:...

9.3CVSS6.9AI score0.00533EPSS
Exploits3References450
OSV
OSV
added 2026/07/06 1:11 p.m.4 views

SUSE-SU-2026:22522-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-40341: futex: Don't leak robustlist pointer on exec race bsc1255029. - CVE-2025-71294: drm/amdgpu: fix NULL pointer issue buffer funcs...

9.8CVSS7AI score0.00574EPSS
Exploits18References183
Github Security Blog
Github Security Blog
added 2026/07/01 8:45 p.m.10 views

Rancher Fleet vulnerable to cross namespace secret disclosure via unvalidated `valuesFrom` references in Helm Deployer

Impact A vulnerability in Fleet for Rancher Manager affects multi-tenancy environments where different tenants share the same downstream clusters e.g., different privileged or untrusted teams inside the same organization. On unpatched versions, tenants could bypass restrictions to access any conf...

9.9CVSS5.8AI score0.00585EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/30 11:7 a.m.4 views

SUSE-SU-2026:22458-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. - CVE-2025-38549: efivarfs: Fix memory leak of efivarfsfsinfo in...

9.8CVSS6.6AI score0.93235EPSS
Exploits69References350
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-53323

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: dsa: remove redundant netdevlockops from conduit ethtool ops DSA replaces the conduit master device's ethtoolops with its own wrappers that aggregate stats...

5.5CVSS6AI score0.0009EPSS
Exploits0References2
NVD
NVD
added 2026/06/26 8:17 p.m.10 views

CVE-2026-53323

In the Linux kernel, the following vulnerability has been resolved: net: dsa: remove redundant netdevlockops from conduit ethtool ops DSA replaces the conduit master device's ethtoolops with its own wrappers that aggregate stats from both the conduit and DSA switch ports. Taking the lock again...

5.5CVSS0.0009EPSS
Exploits0References3
CVE
CVE
added 2026/06/26 7:40 p.m.24 views

CVE-2026-53301

The CVE-2026-53301 entry refers to a Linux kernel issue: reset: amlogic: t7 where missing reset operations can cause a kernel null pointer dereference. The description notes this SOC’s reset is not currently used. Connected sources indicate this is a kernel-level fix (null reset ops) with referen...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53188

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate the passed in fops for ibgetucaps Sashiko pointed out it is not safe to rely only on the devt because char/block alias so if the user finds a block device with the same devt it can masquerade as a ucap cdev fd...

5.8AI score0.00136EPSS
Exploits0References4Affected Software1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: uacce: Implement mremap in uaccevmops to return -EPERM. The current uaccevmops does not support the mremap operation of vmoperationsstruct. Implement .mremap to return -EPERM to remind users. The reason we need to explicitly...

5.7AI score0.00177EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.22 views

PT-2026-51894

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the netfilter component of the Linux kernel, specifically within the Network Address Translation NAT subsystem. The issue stems from improper memory management when...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References8
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/16 5:3 p.m.7 views

Security Bulletin: MongoDB Enterprised Advanced affected by: Improperly Controlled Modification of Object Prototype Attributes (CVE-2025-13465)

Summary There are vulnerabilities in lodash-4.17.21.tgz, lodash-es-4.17.21.tgz used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-13465. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-13465 DESCRIPTION: Lodash versions 4.0.0 through 4.17.22 are...

8.2CVSS5.3AI score0.01535EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/16 2:11 p.m.7 views

Security Bulletin: MongoDB Enterprised Advanced affected by: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') (CVE-2026-2332)

Summary There are vulnerabilities in jetty-http-12.0.22.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2026-2332. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2026-2332 DESCRIPTION: In Eclipse Jetty, the HTTP/1.1 parser is vulnerable to request smuggling...

9.1CVSS5.3AI score0.01127EPSS
Exploits1Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.13 views

CVE-2026-6912

Improperly controlled modification of dynamically-determined object attributes in the Cognito User Pool configuration in AWS Ops Wheel before PR 165 allows remote authenticated users to escalate to deployment admin privileges and manage Cognito user accounts via a crafted UpdateUserAttributes API...

8.8CVSS5.6AI score0.00419EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:10 p.m.11 views

CVE-2026-8431

An administrative user with access to configure webhooks can execute arbitrary commands by configuring and then triggering webhooks containing specific FreeMarker template syntax. This issue affects all MongoDB Ops Manager 7.0 versions and MongoDB Ops Manager versions 8.0.22 and prior...

9.4CVSS5.8AI score0.00371EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/02 11:20 a.m.17 views

Malicious code in po-ops-local-dev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c7d0f2e829316d0c6a04bc41fb4d187569c00c3273384b1666d3068a0e696291 [email protected] has no functional code of its own index.js contains only module.exports = ; and there are no lifecycle scripts. Its sole effe...

6.1AI score
Exploits0References2
OSV
OSV
added 2026/06/02 11:20 a.m.13 views

MAL-2026-5159 Malicious code in po-ops-local-dev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c7d0f2e829316d0c6a04bc41fb4d187569c00c3273384b1666d3068a0e696291 [email protected] has no functional code of its own index.js contains only module.exports = ; and there are no lifecycle scripts. Its sole effe...

6.1AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/01 9:14 p.m.10 views

CVE-2026-28586

In multiple functions of AppOpsService.java, there is a possible missing permission check due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

3.3CVSS5.9AI score0.00064EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/01 9:14 p.m.35 views

CVE-2026-28586

In multiple functions of AppOpsService.java, there is a possible missing permission check due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00064EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2026/06/01 9:16 a.m.14 views

apache-airflow-core (>=3.2.0 <=3.2.1), apache-airflow-providers-google (=5.0.0) +10 more potentially affected by CVE-2026-41014 via apache-airflow (>=3.2.0 <=3.2.1rc3)

apache-airflow PYPI version =3.2.0, =3.2.0, =1.2.0, =13.0.2, =7.2.0, =1.18.3, =1.4.2, =2.1.1, =1.10.3, =1.41.2, =1.28.2, =5.6.2, =5.7.17 Source cves: CVE-2026-41014 Source advisory: OSV:PYSEC-2026-182...

4.3CVSS5.7AI score0.00352EPSS
Exploits0
Rows per page
Query Builder