Lucene search
+L

10222 matches found

NVD
NVD
added yesterday6 views

CVE-2026-62994

CoreDNS is a DNS server written in Go. From 1.9.4 until 1.14.5, a network DNS client allowed to request AXFR for a CoreDNS zone can trigger a panic when CoreDNS is configured with k8sexternal headless-service zone transfers and Kubernetes contains a headless service endpoint with no declared port...

3.7CVSS
Exploits0References4
CVE
CVE
added yesterday4 views

CVE-2026-62299

CoreDNS (rewrite plugin, edns0.go) prior to version 1.14.5 could panic when a downstream plugin returns a response with no OPT record. The code path in edns0.go dereferenced a DNS OPT without a nil check, triggered by a query matching a rewrite edns0 rule (local/nsid/subnet with set/append/replac...

5.3CVSS6.1AI score
Exploits0References4
CVE
CVE
added yesterday6 views

CVE-2026-62994

CoreDNS vulnerability CVE-2026-62994 affects the Go-based DNS server in versions 1.9.4 through 1.14.5. When a network DNS client uses AXFR for a CoreDNS zone and CoreDNS is configured with the k8s_external headless-service zone transfers feature, and Kubernetes contains a headless service endpoin...

3.7CVSS6.1AI score
Exploits0References4
Cvelist
Cvelist
added yesterday26 views

CVE-2026-62994 CoreDNS `k8s_external` headless AXFR can emit an empty transfer batch that panics the `transfer` plugin

CoreDNS is a DNS server written in Go. From 1.9.4 until 1.14.5, a network DNS client allowed to request AXFR for a CoreDNS zone can trigger a panic when CoreDNS is configured with k8sexternal headless-service zone transfers and Kubernetes contains a headless service endpoint with no declared port...

3.7CVSS
Exploits0References4
NVD
NVD
added yesterday7 views

CVE-2026-6424

Use-after-free vulnerability in ESET Linux products potentially allowed an attacker to trigger kernel panic on the system...

6.7CVSS0.00112EPSS
Exploits0References1
CVE
CVE
added yesterday15 views

CVE-2026-6424

Technical details on CVE-2026-6424 are not publicly available in the provided documents. No information on affected products, versions, root cause, or mitigations. Monitor for updates.

6.7CVSS6.1AI score0.00112EPSS
Exploits0References1
EUVD
EUVD
added yesterday8 views

EUVD-2026-44903

Use-after-free vulnerability in ESET Linux products potentially allowed an attacker to trigger kernel panic on the system...

6.7CVSS6.1AI score0.00112EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday32 views

CVE-2026-6424 Use-after-free vulnerability in ESET security products for Linux

Use-after-free vulnerability in ESET Linux products potentially allowed an attacker to trigger kernel panic on the system...

6.7CVSS0.00112EPSS
Exploits0References1
OSV
OSV
added 2 days ago7 views

GHSA-7GCF-G7XR-8HXJ serde_with: KeyValueMap serialization panics on empty sequence or map entries

Summary The public KeyValueMap serializer assumes that each mapped element has at least one field or item to use as the map key, but it subtracts 1 from the caller-visible length before validating that assumption. An application that serializes attacker-controlled data through serdeasas =...

5.1CVSS6.1AI score
Exploits0References5
Rockylinux
Rockylinux
added 3 days ago7 views

kernel security, bug fix, and enhancement update

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

7.8CVSS6.2AI score0.0014EPSS
Exploits24
OSV
OSV
added 3 days ago4 views

RLSA-2026:38491 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Memory leak in networking due to incorrect GRO packet handling CVE-2026-22979 kernel: rtmutex: Use waiter::task instead of current in removewaiter CVE-2026-43499 kernel: net...

7.8CVSS6.6AI score0.0014EPSS
Exploits24References6
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-43634

In Eclipse KUKSA Databroker version 0.6.1, the kuksa.val.v2.VAL/PublishValue gRPC handler fails to validate the existence of the optional datapoint field in PublishValueRequest. When a request contains a valid signalid but omits datapoint, the server directly calls unwrap on request.datapoint,...

6.5CVSS6.1AI score0.00237EPSS
Exploits0References1
CVE
CVE
added 3 days ago12 views

CVE-2026-13699

CVE-2026-13699 affects Eclipse KUKSA Databroker 0.6.1. The gRPC handler kuksa.val.v2.VAL/PublishValue fails to validate the optional data_point in PublishValueRequest; if signal_id is valid but data_point is omitted, the code dereferences request.data_point (unwrap) and panics in the Tokio worker...

6.5CVSS6.1AI score0.00237EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 3 days ago6 views

CVE-2026-13699

In Eclipse KUKSA Databroker version 0.6.1, the kuksa.val.v2.VAL/PublishValue gRPC handler fails to validate the existence of the optional datapoint field in PublishValueRequest. When a request contains a valid signalid but omits datapoint, the server directly calls unwrap on request.datapoint,...

4.3CVSS6.1AI score0.00237EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 3 days ago6 views

PT-2026-57985

Name of the Vulnerable Software and Affected Versions Eclipse KUKSA Databroker version 0.6.1 Description The kuksa.val.v2.VAL/PublishValue gRPC handler fails to validate the existence of the optional data point field in PublishValueRequest. If a request includes a valid signal id but omits data...

6.5CVSS6.1AI score0.00237EPSS
Exploits0References3
CVE
CVE
added 4 days ago25 views

CVE-2026-57433

CVE-2026-57433 affects Perl’s Storable before 3.41. A signed 32-bit item count read from an SX_HOOK record is added to one and then fed to av_extend; when the count equals I32_MAX the addition overflows to negative, causing av_extend to panic during thaw/retrieve and terminate deserialization. Mu...

9.8CVSS6.2AI score0.00345EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 4 days ago4 views

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.8CVSS6.2AI score0.0014EPSS
Exploits24References6
AlmaLinux
AlmaLinux
added 4 days ago8 views

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Memory leak in networking due to incorrect GRO packet handling CVE-2026-22979 kernel: rtmutex: Use waiter::task instead of current in removewaiter CVE-2026-43499 kernel: net...

7.8CVSS6.6AI score0.0014EPSS
Exploits24References12
OSV
OSV
added 4 days ago6 views

ALSA-2026:38491 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Memory leak in networking due to incorrect GRO packet handling CVE-2026-22979 kernel: rtmutex: Use waiter::task instead of current in removewaiter CVE-2026-43499 kernel: net...

7.8CVSS6.6AI score0.0014EPSS
Exploits24References12
NVD
NVD
added last week8 views

CVE-2026-54063

Excelize is a Go language library for reading and writing Microsoft Excel spreadsheets. Prior to 2.11.0, the checkSheet function in github.com/xuri/excelize/v2 uses an attacker-controlled XML attribute value directly as the length argument to makexlsxRow, row without validating it against the Exc...

7.5CVSS0.00575EPSS
Exploits1References2
Rows per page
Query Builder