Lucene search
+L

465 matches found

CNNVD
CNNVD
added 2026/05/27 12:0 a.m.18 views

pam_usb 安全漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.9.0 contain security vulnerabilities; these vulnerabilities stem from the lack of mandatory verification of the system-side pad file, which could allow...

7.1CVSS5.8AI score0.00119EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.17 views

PT-2026-43741

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference occurs in the Linux kernel during the probe process. If the fsl,refclk-pad-mode property is not defined in the devicetree node, the refclk pad pointer is set t...

5.5AI score0.00155EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.17 views

PT-2026-44111

Name of the Vulnerable Software and Affected Versions pam usb versions prior to 0.8.7 Description pam usb provides hardware authentication for Linux using ordinary removable media. Symlink attacks on the pad directory and pad files allow for authentication bypass and corruption of root files...

7.9CVSS5.8AI score0.00166EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.12 views

CVE-2026-46043

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Validate pad and ICRC before payloadsize in rxercv rxercv currently checks only that the incoming packet is at least headersizepkt bytes long before payloadsize is used. However, payloadsize subtracts both the...

9.1CVSS6.4AI score0.00514EPSS
Exploits0References27
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel. This vulnerability stems from the refclkpad pointer in the imx8qm-hsio PHY driver being set to NULL when it is not defin...

5.8AI score0.00155EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

pam_usb 授权问题漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.8.7 have a vulnerability related to authorization issues. This vulnerability stems from symbolic link attacks involving the pad directory and pad files,...

7.9CVSS5.8AI score0.00166EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.18 views

PT-2026-44085

pam usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, the pusb pad compare function in src/pad.c only verified that the user-side pad /.pamusb/device.pad could be read, but did not enforce that the system-side pad the pad file on the USB device was als...

7.1CVSS5.9AI score0.00119EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.19 views

PT-2026-43910

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description An issue exists in the RDMA/rxe component where the rxe rcv function fails to properly validate the incoming packet length before calculating the payload size. The payload size calculation...

9.3CVSS6AI score0.00514EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.21 views

Linux Distros Unpatched Vulnerability : CVE-2026-46043

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/rxe: Validate pad and ICRC before payloadsize in rxercv rxercv currently checks only that the incoming packet is at least headersizepkt bytes long before...

9.1CVSS6.7AI score0.00514EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.14 views

PT-2026-43220

NASA openVSP 3.16.1 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the geometry name field. Attackers can trigger a denial of service by pasting a 5000-byte payload into the name input field within the Geom...

6.9CVSS6AI score0.00168EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.0 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking The current implementation uses biasPadEnable as a reference count to manage the shared bias pad for all UTMI PHYs. However, during system suspension with connecte...

5.5CVSS6.5AI score0.00159EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: ath9khtc: fixed uninitialized values issues Syzbot reported 2 KMSAN bugs in ath9k. All of these bugs are caused by missing field initialization. In htcconnectservice, svcmetalen and pad are not initialized. Based on the code, ...

5.5CVSS6.3AI score0.00259EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: nxp: imx8-isi: Check whether the crossbar pad is non-NULL before accessing it. When translating source streams to sink streams in the crossbar subdev mechanism, the driver attempts to locate the remote subdev connected to...

5.5CVSS5.4AI score0.00222EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/05/10 1:52 p.m.122 views

cybersec-hw2

cybersec-hw2 Homework 2 for Introduction to Computer Securi...

5.9AI score
Exploits0
Debian CVE
Debian CVE
added 2026/05/01 2:15 p.m.8 views

CVE-2026-43040

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: ndisc: fix ndiscrauseropt to initialize nduseroptpadX fields to zero to prevent an info-leak When processing Router Advertisements with user options the kernel builds an RTMNEWNDUSEROPT netlink message. The nduseroptms...

7.1CVSS5.7AI score0.00122EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/29 2:49 p.m.5 views

CVE-2026-7230

A vulnerability was found in SourceCodester Safety Anger Pad 1.0. The affected element is an unknown function. The manipulation of the argument angerDisplay results in cross site scripting. The attack may be performed from remote. The exploit has been made public and could be used...

5.3CVSS3.6AI score0.00263EPSS
Exploits0References1
NVD
NVD
added 2026/04/28 7:16 a.m.5 views

CVE-2026-7230

A vulnerability was found in SourceCodester Safety Anger Pad 1.0. The affected element is an unknown function. The manipulation of the argument angerDisplay results in cross site scripting. The attack may be performed from remote. The exploit has been made public and could be used...

5.3CVSS0.00263EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/28 5:45 a.m.5 views

CVE-2026-7230

A vulnerability was found in SourceCodester Safety Anger Pad 1.0. The affected element is an unknown function. The manipulation of the argument angerDisplay results in cross site scripting. The attack may be performed from remote. The exploit has been made public and could be used...

5.3CVSS3.9AI score0.00263EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/28 5:45 a.m.4 views

CVE-2026-7230 SourceCodester Safety Anger Pad cross site scripting

A vulnerability was found in SourceCodester Safety Anger Pad 1.0. The affected element is an unknown function. The manipulation of the argument angerDisplay results in cross site scripting. The attack may be performed from remote. The exploit has been made public and could be used...

5.3CVSS3.6AI score0.00263EPSS
Exploits0References4
CVE
CVE
added 2026/04/28 5:45 a.m.16 views

CVE-2026-7230

Affected software: SourceCodester Safety Anger Pad 1.0. Vulnerability: An unspecified function vulnerable to manipulation of the angerDisplay argument, causing cross-site scripting. Impact/consequences: Remote attacker could trigger XSS in victims’ browsers; exploit has been publicly released (pr...

5.3CVSS3.7AI score0.00263EPSS
Exploits0References4
Rows per page
Query Builder