CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

40 matches found

CVE•added 2026/05/27 12:15 p.m.•25 views

CVE-2026-45859

The CVE-2026-45859 entry describes a Linux kernel netfilter nfnetlink_queue issue where a shared-unconfirmed nf_conn entry is not checked before segmentation, causing UDP packets to be dropped instead of queued when F_GSO is not set and a GSO packet arrives. The regression arose due to the check ...

7.5CVSS5.8AI score0.00595EPSS

Exploits0References4

RedHat Linux•added 2026/05/20 1:3 p.m.•11 views

kernel: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit

In the Linux kernel, the following vulnerability has been resolved: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit The following setup can trigger a WARNING in htbactivate due to the condition: !cl-leaf.q-q.qlen tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb...

7.8CVSS6.6AI score0.00168EPSS

Exploits0References5

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fixed the XDPTX path. For the XDPTX action in bnxtrxxdp, clearing the event flags is incorrect. The sequence of calls bnxtpollwork - bnxtrxpkt - bnxtrxxdp may involve looping within the NAPI, and some event flags might be...

5.5AI score0.00166EPSS

Exploits0References2

RedhatCVE•added 2026/05/06 11:24 p.m.•6 views

CVE-2026-43254

A flaw was found in the Linux kernel's handling of OpenVPN ovpn TCP network traffic. This vulnerability occurs when the kernel processes multiple network packets that have been combined into a single stream. An attacker could exploit this by sending specially crafted TCP packets, leading to issue...

7.5CVSS5.8AI score0.00451EPSS

Exploits0References4

CVE•added 2026/05/05 6:19 a.m.•11 views

CVE-2026-6180

PaperCut MF/NG suffers a race condition in processing badge-swipe data from certain HP devices, under dropped/out-of-order packet conditions. The issue can cause a truncated badge ID to be registered, and in environments with custom badge-ID post-processing scripts, the truncated value may map to...

8.1CVSS5.8AI score0.00228EPSS

Exploits0References1Affected Software2

RedHat Linux•added 2026/02/12 3:15 p.m.•5 views

kernel: RDMA/rxe: Fix incomplete state save in rxe_requester

An incorrect state restoration flaw was found in the Linux kernel's RDMA rxe soft-RoCE driver in the requester packet transmission logic. A local user with access to RDMA devices can trigger this issue when network layer packet drops occur during RDMA send operations, causing the work queue eleme...

5.5CVSS7.2AI score0.00143EPSS

Exploits0References5

RedHat Linux•added 2026/01/28 3:14 p.m.•3 views

kernel: RDMA/rxe: Fix incomplete state save in rxe_requester

5.5CVSS7.2AI score0.00143EPSS

Exploits0References5

RedHat Linux•added 2026/01/28 12:33 a.m.•3 views

kernel: RDMA/rxe: Fix incomplete state save in rxe_requester

5.5CVSS7.2AI score0.00143EPSS

Exploits0References5

RedHat Linux•added 2026/01/14 12:36 a.m.•2 views

kernel: RDMA/rxe: Fix incomplete state save in rxe_requester

5.5CVSS7.2AI score0.00143EPSS

Exploits0References5

RedHat Linux•added 2026/01/14 12:13 a.m.•5 views

kernel: RDMA/rxe: Fix incomplete state save in rxe_requester

5.5CVSS7.2AI score0.00143EPSS

Exploits0References5

UbuntuCve•added 2026/01/13 4:15 p.m.•3 views

CVE-2025-68770

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix XDPTX path For XDPTX action in bnxtrxxdp, clearing of the event flags is not correct. bnxtpollwork - bnxtrxpkt - bnxtrxxdp may be looping within NAPI and some event flags may be set in earlier iterations. In particula...

5.8AI score0.00166EPSS

Exploits0References24

RedHat Linux•added 2025/12/08 3:20 a.m.•2 views

kernel: RDMA/rxe: Fix incomplete state save in rxe_requester

5.5CVSS7.2AI score0.00143EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-11236

Malicious code in bioql PyPI...

7.2AI score0.00176EPSS

Exploits0References7

Tenable Nessus•added 2025/09/14 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2025-39797

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfrm: Duplicate SPI Handling The issue originates when Strongswan initiates an XFRMMSGALLOCSPI Netlink message, which triggers the kernel function xfrmallocspi...

7.8CVSS7.3AI score0.00147EPSS

Exploits0References4

Tenable Nessus•added 2025/09/14 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2025-39766

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit The following setup can trigger a WARNING in htbactivate due to the condition:...

7.8CVSS7.1AI score0.00168EPSS

Exploits0References3

SUSE CVE•added 2025/09/13 11:22 p.m.•6 views

SUSE CVE-2025-39797

In the Linux kernel, the following vulnerability has been resolved: xfrm: Duplicate SPI Handling The issue originates when Strongswan initiates an XFRMMSGALLOCSPI Netlink message, which triggers the kernel function xfrmallocspi. This function is expected to ensure uniqueness of the Security...

5.9CVSS6.8AI score0.00147EPSS

Exploits0References43

SUSE CVE•added 2025/09/12 11:24 p.m.•5 views

SUSE CVE-2025-39766

5.5CVSS6.4AI score0.00168EPSS

Exploits0References25

CVE•added 2025/09/12 3:59 p.m.•24 views

CVE-2025-39797

CVE-2025-39797 concerns the Linux kernel xfrm duplicate SPI handling. The vulnerability arises when Strongswan triggers an XFRM_NETLINK_ALLOC_SPI request, enabling xfrm_alloc_spi() to return success for an SPI already in use, causing multiple inbound SAs to share the same SPI (distinguished only ...

7.8CVSS6.3AI score0.00147EPSS

Exploits0References5Affected Software1