Lucene search
+L

2187 matches found

OSV
OSV
added 2026/05/07 3:16 p.m.19 views

USN-8257-1 linux-raspi vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

9.8CVSS6.6AI score0.00788EPSS
Exploits1References142
RedhatCVE
RedhatCVE
added 2026/05/07 8:20 a.m.14 views

CVE-2026-39849

Pi-hole FTL is the core engine of the Pi-hole network-level advertisement and tracker blocker. In versions before 6.6.1, the dns.interface configuration field in Pi-hole FTL accepted newline characters without validation, allowing an attacker to inject arbitrary directives into the generated...

8.8CVSS6.1AI score0.00956EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/07 12:0 a.m.10 views

XMLDOM 安全漏洞

XMLDOM is a JavaScript implementation of the W3C DOM for Node developed by jindw. Versions of XMLDOM prior to 0.9.10, 0.8.13, and xmldom 0.6.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from improper validation or neutralization of the PI end sequence when...

8.7CVSS5.9AI score0.00408EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/05 8:50 p.m.20 views

EUVD-2026-27498

Pi-hole FTL is the core engine of the Pi-hole network-level advertisement and tracker blocker. In versions before 6.6.1, the dns.interface configuration field in Pi-hole FTL accepted newline characters without validation, allowing an attacker to inject arbitrary directives into the generated...

8.7CVSS6.1AI score0.00956EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/05/05 8:50 p.m.8 views

CVE-2026-39849 Pi-hole FTL remote code execution via newline injection in dns.interface configuration

Pi-hole FTL is the core engine of the Pi-hole network-level advertisement and tracker blocker. In versions before 6.6.1, the dns.interface configuration field in Pi-hole FTL accepted newline characters without validation, allowing an attacker to inject arbitrary directives into the generated...

8.7CVSS6.1AI score0.00956EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/05/05 8:50 p.m.46 views

CVE-2026-39849 Pi-hole FTL remote code execution via newline injection in dns.interface configuration

Pi-hole FTL is the core engine of the Pi-hole network-level advertisement and tracker blocker. In versions before 6.6.1, the dns.interface configuration field in Pi-hole FTL accepted newline characters without validation, allowing an attacker to inject arbitrary directives into the generated...

8.7CVSS0.00956EPSS
Exploits1References3
OSV
OSV
added 2026/05/05 8:50 p.m.4 views

CVE-2026-39849 Pi-hole FTL remote code execution via newline injection in dns.interface configuration

Pi-hole FTL is the core engine of the Pi-hole network-level advertisement and tracker blocker. In versions before 6.6.1, the dns.interface configuration field in Pi-hole FTL accepted newline characters without validation, allowing an attacker to inject arbitrary directives into the generated...

8.7CVSS6.2AI score0.00956EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.9 views

Pi-hole 注入漏洞

Pi-hole is a web-level ad blocking application developed by Pi-hole Inc. Versions of Pi-hole prior to 6.6.1 had a injection vulnerability. This vulnerability stemmed from the lack of validation of line breaks in the dns.interface configuration field, allowing attackers to inject arbitrary command...

8.8CVSS6AI score0.00956EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.19 views

PT-2026-37240

Name of the Vulnerable Software and Affected Versions Pi-hole FTL versions prior to 6.6.1 Description The dns.interface configuration field in Pi-hole FTL accepts newline characters without validation, which allows an attacker to inject arbitrary directives into the generated dnsmasq configuratio...

8.8CVSS6AI score0.00956EPSS
Exploits1References9
Snyk
Snyk
added 2026/05/04 1:43 a.m.8 views

Malicious Package

Overview pi-exa-mcp is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/04 1:43 a.m.11 views

Malicious code in pi-exa-mcp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 75549c181fe30d370fa436cfe9a04d0df8fa0270b0d022bd5e69b780fc5c10ea The package pi-exa-mcp was found to contain malicious code. Source: ghsa-malware 8b7369c9538e4cea56d92cc659b74b1243d5fd03b619c23d32a85c21b5c8981a Any...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/04 1:43 a.m.7 views

MAL-2026-3280 Malicious code in pi-exa-mcp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 75549c181fe30d370fa436cfe9a04d0df8fa0270b0d022bd5e69b780fc5c10ea The package pi-exa-mcp was found to contain malicious code. Source: ghsa-malware 8b7369c9538e4cea56d92cc659b74b1243d5fd03b619c23d32a85c21b5c8981a Any...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/04/25 5:48 a.m.4 views

OESA-2026-2023 openjpeg2 security update

OpenJPEG is an open-source JPEG 2000 codec written in C language. It has been developed in order to promote the use of JPEG 2000, a still-image compression standard from the Joint Photographic Experts Group JPEG. Since April 2015, it is officially recognized by ISO/IEC and ITU-T as a JPEG 2000...

4.8CVSS5.3AI score0.00112EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/24 5:25 p.m.7 views

CVE-2026-31555

A flaw was found in the Linux kernel. A local user could exploit a race condition within the futexlockpi retry path. This vulnerability occurs because a stale pointer to an exiting process is not cleared, leading to a kernel warning. Successful exploitation of this flaw could result in a system...

5.5CVSS5.4AI score0.00129EPSS
Exploits0References4
NVD
NVD
added 2026/04/24 3:16 p.m.8 views

CVE-2026-31555

In the Linux kernel, the following vulnerability has been resolved: futex: Clear stale exiting pointer in futexlockpi retry path Fuzzying/stressing futexes triggered: WARNING: kernel/futex/core.c:825 at waitforownerexiting+0x7a/0x80, CPU11: futexlockpis/524 When futexlockpiatomic sees the owner i...

5.5CVSS0.00129EPSS
Exploits0References10
Cvelist
Cvelist
added 2026/04/24 2:35 p.m.36 views

CVE-2026-31555 futex: Clear stale exiting pointer in futex_lock_pi() retry path

In the Linux kernel, the following vulnerability has been resolved: futex: Clear stale exiting pointer in futexlockpi retry path Fuzzying/stressing futexes triggered: WARNING: kernel/futex/core.c:825 at waitforownerexiting+0x7a/0x80, CPU11: futexlockpis/524 When futexlockpiatomic sees the owner i...

0.00129EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/04/24 2:35 p.m.5 views

CVE-2026-31555

In the Linux kernel, the following vulnerability has been resolved: futex: Clear stale exiting pointer in futexlockpi retry path Fuzzying/stressing futexes triggered: WARNING: kernel/futex/core.c:825 at waitforownerexiting+0x7a/0x80, CPU11: futexlockpis/524 When futexlockpiatomic sees the owner i...

5.5CVSS5.2AI score0.00129EPSS
Exploits0
EUVD
EUVD
added 2026/04/24 2:35 p.m.18 views

EUVD-2026-25448

In the Linux kernel, the following vulnerability has been resolved: futex: Clear stale exiting pointer in futexlockpi retry path Fuzzying/stressing futexes triggered: WARNING: kernel/futex/core.c:825 at waitforownerexiting+0x7a/0x80, CPU11: futexlockpis/524 When futexlockpiatomic sees the owner i...

5.4AI score0.00129EPSS
Exploits0References8
OSV
OSV
added 2026/04/24 2:35 p.m.3 views

CVE-2026-31555 futex: Clear stale exiting pointer in futex_lock_pi() retry path

In the Linux kernel, the following vulnerability has been resolved: futex: Clear stale exiting pointer in futexlockpi retry path Fuzzying/stressing futexes triggered: WARNING: kernel/futex/core.c:825 at waitforownerexiting+0x7a/0x80, CPU11: futexlockpis/524 When futexlockpiatomic sees the owner i...

5.5CVSS5.8AI score0.00129EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.13 views

PT-2026-34907

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the futex subsystem where the futex lock pi retry path fails to clear a stale exiting pointer. When futex lock pi atomic detects that an owner is exiting, it returns...

5.5CVSS5.8AI score0.00129EPSS
Exploits0
Rows per page
Query Builder