CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2026/05/05 7:30 p.m.•1 views

CVE-2026-34462

7.3CVSS6.2AI score0.00006EPSS

Exploits0References2Affected Software1

EUVD•added 2026/05/05 7:28 p.m.•3 views

EUVD-2026-27461

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, the SbieIniServer RunSbieCtrl handler contains a stack buffer overflow. The MSGIDSBIEINIRUNSBIECTRL message is handled before normal sandbox and impersonation checks, and for non-sandbox...

7.3CVSS6.5AI score0.00006EPSS

CNNVD•added 2026/05/05 12:0 a.m.•5 views

Sandboxie-Plus 安全漏洞

Sandboxie-Plus is a sandbox isolation software developed by Sandboxie-Plus Inc. Versions of Sandboxie-Plus 1.17.2 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the use of wcscat to copy the server field in NamedPipeServer::OpenHandler, without verifying the...

8.8CVSS6AI score0.00006EPSS

Positive Technologies•added 2026/05/05 12:0 a.m.•4 views

PT-2026-37227

Name of the Vulnerable Software and Affected Versions Sandboxie-Plus versions prior to 1.17.3 Description The SbieIniServer RunSbieCtrl handler contains a stack buffer overflow. The MSGID SBIE INI RUN SBIE CTRL message is processed before standard sandbox and impersonation checks. For callers not...

7.8CVSS6.5AI score0.00006EPSS

Exploits0References6

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fuse: revert back to readaheadfolio for readahead In commit 3eab9d7bc2f4 "fuse: convert readahead to use folios", the logic was converted to using the new folio readahead code, which drops the reference on the folio once it is...

7.8CVSS6.5AI score0.00228EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•9 views

Astra Linux - уязвимость в linux-5.10

A flaw was discovered in the way the “flags” member of the new pipe buffer structure lacked proper initialization in the copypagetoiterpipe and pushpipe functions of the Linux kernel. As a result, these members could contain stale values. An unprivileged local user could exploit this flaw to writ...

7.8CVSS7.1AI score0.81981EPSS

Exploits99References2

5.5CVSS6.3AI score0.00022EPSS

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed the null check for pipectx-planestate in resourcebuildscalingparams. A null pointer dereference issue could occur when pipectx-planestate is null. The fix adds a check to ensure that ‘pipectx-planestate’ is...

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: 9p/transfd: always use ONONBLOCK read/write syzbot is reporting hung task at p9fdclose 1, for p9muxpollstop from p9conndestroy from p9fdclose is failing to interrupt already started kernelread from p9fdread from p9readwork and/or...

5.5CVSS6.3AI score0.00051EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux - уязвимость в linux-5.10, linux-5.15

A race condition was detected in the Linux kernel’s watch queue due to a missing lock in the piperesizering function. The specific flaw lies in the handling of pipe buffers. The problem arises from the lack of proper locking when performing operations on an object. This flaw allows a local user t...

7CVSS6.7AI score0.00025EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix type confusion via race condition when using ipcmsgsendrequest req-handle is allocated using ksmbdacquireid&ipcida, based on idaalloc. req-handle from ksmbdipcloginrequest and FSCTLPIPETRANSCEIVE ioctl can be same and ...

8.1CVSS6.3AI score0.00019EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Tracing: Fixed a memory leak in iter-temp when reading tracepipe. kmemleak reports: Unreferenced object: 0xffff88814d14e200 size 256 Comm “cat”, pid 336, jiffies 4294871818 age 779.490s Hex dump first 32 bytes: 04 00 01 03 00 00 ...

5.8AI score0.00022EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: phonet/pep: refuse to enable an unbound pipe This ioctl implicitly assumed that the socket was already bound to a valid local socket name, i.e. Phonet object. If the socket was not bound, two separate problems would occur: 1 We'd...

5.5CVSS6.2AI score0.00014EPSS

5.5CVSS6.4AI score0.00029EPSS

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: enable basic endpoint checking Syzkaller reports 1 encountering a common issue of utilizing a wrong usb endpoint type during URB submitting stage. This, in turn, triggers a warning shown below. For now, enable...

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: smb/server: The function ksmbdsessionrpcclose is called on the error path in the createsmb2pipe function. When the ksmbdiovpinrsp function fails, we should call ksmbdsessionrpcclose...

7.8CVSS5.7AI score0.00018EPSS

7.8CVSS6.2AI score0.00014EPSS

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check the pipe offset before setting vblank. The size of pipectx is MAXPIPES; therefore, its index must be checked before accessing the array. This fix addresses an OVERRUN issue reported by Coverity...

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: watchqueue: fix pipe accounting mismatch Currently, watchqueuesetsize modifies the pipe buffers charged to user-pipebufs without updating the pipe-nraccounted on the pipe itself, due to the if !pipehaswatchqueue test in...

5.5CVSS6.3AI score0.00045EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: A NULL check was added for the “timing generator” in dcn21setpipe. In the line of code: u32 otginst = pipectx-streamres.tg-inst; The pipectx-streamres.tg might be NULL. This relies on the caller to ensure that tg...

5.5CVSS6.2AI score0.00009EPSS

7.1CVSS6.8AI score0.00017EPSS

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix deadloop issue on reading tracepipe Soft lockup occurs when reading file 'tracepipe': watchdog: BUG: soft lockup - CPU6 stuck for 22s! cat:4488 ... RIP: 0010:ringbufferemptycpu+0xed/0x170 RSP: 0018:ffff88810dd6fc...

5.5CVSS6.1AI score0.00049EPSS

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Tracing: A memory leak has been fixed in tracingreadpipe. kmemleak reports this issue as follows: Unreferenced object: 0xffff888105a18900 size 128 - Command: “testprogs”, PID: 18933; Jiffies: 4336275356 age: 22801.766 seconds - H...