Lucene search
K

180 matches found

Tenable Nessus
Tenable Nessus
added 2026/02/04 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-23104

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ice: fix devlink reload call trace Commit 4da71a77fc3b ice: read internal temperature sensor introduced internal temperature sensor reading via HWMON...

5.5CVSS6.2AI score0.00112EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/23 3:24 p.m.31 views

CVE-2026-22979 net: fix memory leak in skb_segment_list for GRO packets

In the Linux kernel, the following vulnerability has been resolved: net: fix memory leak in skbsegmentlist for GRO packets When skbsegmentlist is called during packet forwarding, it handles packets that were aggregated by the GRO engine. Historically, the segmentation logic in skbsegmentlist...

0.0012EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.6 views

MiracleLinux 3 : ipsec-tools-0.6.5-8.1AXS3 (AXSA:2008-273:01)

The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2008-273:01 advisory. The ipsec-tools package is used in conjunction with the IPsec functionality in the Linux kernel and includes racoon, an IKEv1 keying daemon...

7.8CVSS5.4AI score0.03435EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.3 views

PT-2026-6174

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description A flaw exists in the Linux kernel's ice driver related to HWMON sysfs attribute handling. A call trace can occur when a devlink reload is used to reinitialize the device, followed by...

5.5CVSS5.5AI score0.00112EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.8 views

PT-2026-27725

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the handling of admin queues during a controller reset. Specifically, when nvme alloc admin tag set is invoked during a controller reset, a...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References164
UbuntuCve
UbuntuCve
added 2025/12/24 11:16 a.m.3 views

CVE-2025-68730

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix page fault in ivpubounbindallbosfromcontext Don't add BO to the vdev-bolist in ivpugemcreateobject. When failure happens inside drmgemshmemcreate, the BO is not fully created and ivpugembofree callback will not be...

5.7AI score0.00155EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2025/11/20 12:23 a.m.6 views

SUSE CVE-2025-61662

A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the applicati...

4.9CVSS7AI score0.0019EPSS
Exploits0References19
EUVD
EUVD
added 2025/11/18 9:32 p.m.4 views

EUVD-2025-198071

A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the applicati...

4.9CVSS6.5AI score0.0019EPSS
Exploits0References4
OSV
OSV
added 2025/11/18 7:15 p.m.3 views

DEBIAN-CVE-2025-61662

A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the applicati...

7.8CVSS5.4AI score0.0019EPSS
Exploits0References1
OSV
OSV
added 2025/11/18 7:15 p.m.4 views

CVE-2025-61662

A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the applicati...

7.8CVSS5.8AI score0.0019EPSS
Exploits0References4
OSV
OSV
added 2025/11/18 7:15 p.m.7 views

AZL-70565 CVE-2025-61662 affecting package grub2 for versions less than 2.06-26

A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the applicati...

7.8CVSS5.7AI score0.0019EPSS
Exploits0References1
OSV
OSV
added 2025/11/18 7:15 p.m.5 views

UBUNTU-CVE-2025-61662

A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the applicati...

7.8CVSS5.8AI score0.0019EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/11/18 6:20 p.m.5 views

CVE-2025-61662 Grub2: missing unregister call for gettext command may lead to use-after-free

A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the applicati...

7.8CVSS6.6AI score0.0019EPSS
Exploits0References24
ATTACKERKB
ATTACKERKB
added 2025/11/18 6:20 p.m.5 views

CVE-2025-61662

A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the applicati...

7.8CVSS5.8AI score0.0019EPSS
Exploits0References25
CVE
CVE
added 2025/11/18 6:20 p.m.53 views

CVE-2025-61662

CVE-2025-61662 involves a Use-After-Free in GRUB2’s gettext module where the gettext command remains registered after unloading, enabling an attacker to invoke an orphaned command and crash grub (DoS). The Initial Description notes potential data integrity/confidentiality risks but provides no pa...

7.8CVSS6.6AI score0.0019EPSS
Exploits0References25Affected Software1
RedhatCVE
RedhatCVE
added 2025/11/18 6:20 p.m.6 views

CVE-2025-61662

A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the applicati...

4.9CVSS6.8AI score0.0019EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/18 12:0 a.m.6 views

PT-2025-47380

Name of the Vulnerable Software and Affected Versions GRUB affected versions not specified Description A Use-After-Free issue exists in GRUB's gettext module. This occurs because the gettext command remains registered in memory after its module is unloaded. Exploitation involves invoking the...

7.8CVSS6.6AI score0.00386EPSS
Exploits0References122
RedhatCVE
RedhatCVE
added 2025/11/09 9:56 a.m.12 views

CVE-2025-11980

The Quick Featured Images plugin for WordPress is vulnerable to SQL Injection via the 'deleteorphaned' function in all versions up to, and including, 13.7.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

4.9CVSS6.5AI score0.00301EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/08 12:30 p.m.7 views

EUVD-2025-38374

The Quick Featured Images plugin for WordPress is vulnerable to SQL Injection via the 'deleteorphaned' function in all versions up to, and including, 13.7.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

4.9CVSS6AI score0.00301EPSS
Exploits0References5
CVE
CVE
added 2025/11/08 9:28 a.m.14 views

CVE-2025-11980

CVE-2025-11980 affects the WordPress Quick Featured Images plugin prior to 13.7.4. The vulnerability is an SQL Injection in the delete_orphaned function due to insufficient escaping and unsafe SQL construction. Exploitation requires Editor+ privileges and user interaction (an author-level user mu...

4.9CVSS6.1AI score0.00301EPSS
Exploits0References4
Rows per page
Query Builder