Lucene search
K

2184 matches found

Debian CVE
Debian CVE
added yesterday4 views

CVE-2026-53340

In the Linux kernel, the following vulnerability has been resolved: i2c: imx: fix clock and pinctrl state inconsistency in runtime PM In i2cimxruntimesuspend, the clock is disabled before switching the pinctrl state to sleep. If pinctrlpmselectsleepstate fails, the runtime suspend is aborted but...

5.7AI score
Exploits0
EUVD
EUVD
added yesterday4 views

EUVD-2026-40974

In the Linux kernel, the following vulnerability has been resolved: i2c: imx: fix clock and pinctrl state inconsistency in runtime PM In i2cimxruntimesuspend, the clock is disabled before switching the pinctrl state to sleep. If pinctrlpmselectsleepstate fails, the runtime suspend is aborted but...

5.8AI score
Exploits0References3
RedHat Linux
RedHat Linux
added 3 days ago3 views

gnutls: gnutls: Use-after-free in gnutls_pkcs11_token_set_pin

A flaw was found in GnuTLS. The gnutlspkcs11tokensetpin function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This occurs when an attacker attempts to change the PIN with a NULL old PIN for a token that lacks a protected authentication path...

6.6CVSS5.7AI score0.0015EPSS
Exploits0References6
OSV
OSV
added 3 days ago5 views

PYSEC-2026-508 Compromise of PyTorch Lightning PyPi Package Versions

Security Advisory: Compromise of PyTorch Lightning PyPI Package Versions Published: 2026-04-30 Last Updated: 2026-05-12 Github Advisory: CVE-2026-44484 We have identified a security incident affecting certain versions of one of our PyPI packages. What happened We have determined that one or more...

9.8CVSS5.9AI score0.00392EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 3 days ago6 views

gnutls: gnutls: Use-after-free in gnutls_pkcs11_token_set_pin

A flaw was found in GnuTLS. The gnutlspkcs11tokensetpin function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This occurs when an attacker attempts to change the PIN with a NULL old PIN for a token that lacks a protected authentication path...

6.6CVSS5.7AI score0.0015EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 3 days ago5 views

gnutls: gnutls: Use-after-free in gnutls_pkcs11_token_set_pin

A flaw was found in GnuTLS. The gnutlspkcs11tokensetpin function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This occurs when an attacker attempts to change the PIN with a NULL old PIN for a token that lacks a protected authentication path...

6.6CVSS5.7AI score0.0015EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 3 days ago4 views

gnutls: gnutls: Use-after-free in gnutls_pkcs11_token_set_pin

A flaw was found in GnuTLS. The gnutlspkcs11tokensetpin function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This occurs when an attacker attempts to change the PIN with a NULL old PIN for a token that lacks a protected authentication path...

6.6CVSS5.7AI score0.0015EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/25 6:37 p.m.6 views

gnutls: gnutls: Use-after-free in gnutls_pkcs11_token_set_pin

A flaw was found in GnuTLS. The gnutlspkcs11tokensetpin function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This occurs when an attacker attempts to change the PIN with a NULL old PIN for a token that lacks a protected authentication path...

6.6CVSS5.7AI score0.0015EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: dpll: Prevent duplicate registrations. The internal registration helper function dpllxarefdpll,pinadd has been modified to reject duplicate registration attempts. Previously, if a caller attempted to register the same pin multipl...

5.5CVSS5.7AI score0.00115EPSS
Exploits0References2
NVD
NVD
added 2026/06/22 12:16 p.m.18 views

CVE-2026-56422

Multiple MISP core controllers and model capture paths accepted client-controlled request fields such as primary keys id and ownership/scope foreign keys eventid, orgid, userid, sharinggroupid, galaxyclusteruuid, organisationuuid, and related nested object identifiers without consistently...

9.4CVSS0.00362EPSS
Exploits0References16
CVE
CVE
added 2026/06/22 11:43 a.m.19 views

CVE-2026-56422

CVE-2026-56422 affects MISP core controllers and models where client-controlled fields (ids and ownership/scope keys such as event_id, org_id, user_id, sharing_group_id, galaxy_cluster_uuid, organisation_uuid, etc.) were not consistently stripped or revalidated, enabling an authenticated user to ...

9.4CVSS6AI score0.00362EPSS
Exploits0References16
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: fix pinassignmentshow This patch fixes the issue of negative indexing of the buf array in pinassignmentshow, especially when getcurrentpinassignments returns 0, indicating that no compatible pin...

6.1AI score0.00173EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel before version 5.16.3, the driver/bluetooth/hciqca.c file misinterprets the return value of devmgpiodgetindexoptional. It expects the return value to be NULL in the error case, but in reality, it is an error pointer...

5.5CVSS6.6AI score0.00246EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Python-Werkzeug

Werkzeug is a comprehensive WSGI web application library. In affected versions of Werkzeug, the debugger can allow an attacker to execute code on a developer’s machine under certain circumstances. This requires the attacker to get the developer to interact with a domain and subdomain that they...

7.5CVSS6.7AI score0.03397EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mshv: Error handling in mshvregionpin has been fixed. The current error handling has two issues: Firstly, the pinuserpagesfast function may return a short pin count less than the requested count but greater than zero when it...

5.5CVSS5.6AI score0.001EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in opensc

A flaw was discovered in OpenSC packages that could allow for a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length PIN is passed. This issue poses a security risk, especially for OS...

6.6CVSS6.9AI score0.00925EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed a NULL pointer dereference in amdgpudmi2cxfer. When ddcserviceconstruct is called, it explicitly checks both the link type and whether there is something on the link that will determine whether the pin is...

5.5CVSS5AI score0.00236EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: gpio: wcd934x – Fixed the out-of-bounds shift error The bit mask for pins 0 to 4 is BIT0 to BIT4, but we actually ended up with BITn – 1, which is incorrect. This issue was detected by the UBSAN check. UBSAN: Out-of-bounds shi...

5.5CVSS5.9AI score0.00225EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: xen/privcmd: fixed the error exit of privcmdioctldmop The error exit of privcmdioctldmop calls unlockpages, potentially with pages being NULL, leading to a NULL dereference. Additionally, lockpages does not check whether...

5.5CVSS6.2AI score0.00197EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: pinctrl: aspeed: Fixed a potential NULL dereferencing in aspeedpinmuxsetmux. pdesc could potentially be null, but still, dereferencing pdesc-name would lead to a NULL pointer access. Therefore, we moved a null check before the...

5.5CVSS6.1AI score0.00236EPSS
Exploits0References1
Rows per page
Query Builder