Lucene search
K

625 matches found

CVE
CVE
added 2026/07/06 8:9 p.m.12 views

CVE-2026-21383

CVE-2026-21383 describes a cryptographic issue in which AES-GCM key wrapping uses a static initialization vector (IV). The static IV conflicts with the requirement for a unique IV per operation, which can undermine confidentiality and integrity. The CVSS 3.1 metrics provided indicate a high impac...

7.1CVSS6AI score0.00069EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.10 views

SUSE SLES12 Security Update : opensc (SUSE-SU-2026:2678-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2678-1 advisory. This update for opensc fixes the following issues - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses...

6.8CVSS6.3AI score0.00296EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.8 views

SUSE SLES15 Security Update : opensc (SUSE-SU-2026:2657-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2657-1 advisory. This update for opensc fixes the following issues - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device...

7.8CVSS6.2AI score0.00296EPSS
Exploits2References19
OSV
OSV
added 2026/06/26 12:25 p.m.2 views

SUSE-SU-2026:2657-1 Security update for opensc

This update for opensc fixes the following issues - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. - CVE-2025-66037: crafted input can cause an out-of-bounds read bsc1261218. - CVE-2025-66038: improper compact-TLV length validation can lead to cra...

7.8CVSS6.2AI score0.00296EPSS
Exploits2References13
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/rxe: Fixed a race condition in QP timer handlers I encountered the following warning: WARNING: drivers/infiniband/sw/rxe/rxetask.c:249 at rxeschedtask+0x1c8/0x238 rdmarxe, CPU0: swapper/0/0 … libsha1 last unloaded:...

7.8CVSS6.5AI score0.00102EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.14 views

PT-2026-51949

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the hisilicon/sec2 crypto component. Under heavy load during packet transmission, the hardware may complete packet processing and free the request memory...

9.8CVSS5.7AI score0.00435EPSS
Exploits0References7
CVE
CVE
added 2026/06/23 8:12 p.m.24 views

CVE-2026-47386

CVE-2026-47386 affects NocoDB’s OAuth token-exchange flow. Before 2026.05.1, two concurrent token-exchange requests could use the same OAuth authorization code to mint two valid token pairs, breaking PKCE’s single-use guarantee. The issue is mitigated by a fix in 2026.05.1, which introduces atomi...

6.3CVSS5.9AI score0.00197EPSS
Exploits0References1
OSV
OSV
added 2026/06/16 9:44 a.m.3 views

SUSE-SU-2026:22139-1 Security update for opensc

This update for opensc fixes the following issues - CVE-2026-10275: global buffer overflow during key pair generation tests due to missing input validation bsc1267246. - CVE-2026-40528: stack and heap buffer overrun in the dokeyvalue function due to missing length check allows for memory corrupti...

7.8CVSS5.8AI score0.00296EPSS
Exploits0References5
Snyk
Snyk
added 2026/06/15 5:15 p.m.9 views

Inefficient Algorithmic Complexity

Overview js-yaml is a human-friendly data serialization language. Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity in the storeMappingPair function in loader.js when handling repeated aliases in merge sequences. An attacker can exhaust CPU resources and...

6.9CVSS5.3AI score0.00259EPSS
Exploits1References2
OSV
OSV
added 2026/06/15 8:50 a.m.3 views

SUSE-SU-2026:22103-1 Security update for opensc

This update for opensc fixes the following issues - CVE-2026-10275: global buffer overflow during key pair generation tests due to missing input validation bsc1267246. - CVE-2026-40528: stack and heap buffer overrun in the dokeyvalue function due to missing length check allows for memory corrupti...

7.8CVSS5.8AI score0.00296EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/03 6:51 p.m.14 views

CVE-2026-46265

A flaw was found in the Linux kernel's RDMA/hns component. When the sunrpc Sun Remote Procedure Call is in use and a reset is triggered, a workqueue dependency issue can occur during Queue Pair QP destruction. This can lead to a kernel warning related to memory reclaim, potentially causing system...

7.5CVSS5.8AI score0.00371EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/03 3:50 p.m.46 views

CVE-2026-46265 RDMA/hns: Fix WQ_MEM_RECLAIM warning

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix WQMEMRECLAIM warning When sunrpc is used, if a reset triggered, our wq may lead the following trace: workqueue: WQMEMRECLAIM xprtiod:xprtrdmaconnectworker rpcrdma is flushing !WQMEMRECLAIM...

7.5CVSS0.00371EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.20 views

PT-2026-46028

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the RDMA/hns component where a reset triggered while using sunrpc can lead to a WQ MEM RECLAIM warning. This occurs because the hns roce irq workq workqueue lacks the ...

7.5CVSS5.8AI score0.00371EPSS
Exploits0
NVD
NVD
added 2026/05/29 1:16 p.m.17 views

CVE-2026-49323

Weak authentication between the Wireless Control Module WCM and the Engine Control Module ECM of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker with read access to the in-vehicle network to recover the per-vehicle ECM immobilizer secret by passively...

4.3CVSS0.00107EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/05/29 8:7 a.m.8 views

RDMA/hns: Fix unlocked call to hns_roce_qp_remove()

...

7.8CVSS5.4AI score0.001EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/29 1:17 a.m.12 views

SUSE CVE-2026-46112

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix unlocked call to hnsroceqpremove Sashiko points out that hnsroceqpremove requires the caller to hold locks. The error flow in hnsrocecreateqpcommon doesn't hold those locks for the error unwind so it risks corruptin...

5.3CVSS5.8AI score0.001EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2026/05/29 1:16 a.m.12 views

SUSE CVE-2026-46144

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Fix error unwind in manaibcreateqprss Sashiko points out that manaibcfgvportsteering is leaked, the normal destroy path cleans it up...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-45910

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/rxe: Fix race condition in QP timer handlers I encontered the following warning: WARNING: drivers/infiniband/sw/rxe/rxetask.c:249 at...

7.8CVSS6.7AI score0.00102EPSS
Exploits0References3
NVD
NVD
added 2026/05/28 10:16 a.m.10 views

CVE-2026-46117

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Remove user triggerable WARNON in manaibcreateqprss Sashiko points out that the user can specify WQs sharing the same CQ as a part of the uAPI and this will trigger the WARNON then go on to corrupt the kernel. Just...

7.8CVSS0.00129EPSS
Exploits0References9
OSV
OSV
added 2026/05/28 10:16 a.m.17 views

UBUNTU-CVE-2026-46144

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Fix error unwind in manaibcreateqprss Sashiko points out that manaibcfgvportsteering is leaked, the normal destroy path cleans it up...

5.5CVSS5.7AI score0.00127EPSS
Exploits0References8
Rows per page
Query Builder