Lucene search
K

2133 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: “pipe: wakeup wrwait after setting maxusage” The commit c73be61cede5 “pipe: Add general notification queue support” introduced a regression that could cause pipes with resized sizes to become locked under certain conditions. See...

7CVSS5.4AI score0.00255EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: usb: usbtmc: Fixed a bug in the pipe direction for control transfers. The syzbot fuzzer reported a minor bug in the usbtmc driver: usb 5-1: The BOGUS control direction, pipe 80001e80, does not match bRequestType 0. WARNING: CPU: ...

7.8CVSS6AI score0.0026EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fuse: We are returning to using readaheadfolio for readahead. In commit 3eab9d7bc2f4 “fuse: converting readahead to use folio”, the logic was changed to use the new folio version of readahead. This removes the reference to the...

7.8CVSS5.8AI score0.00198EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: watchqueue: fix pipe accounting mismatch Currently, watchqueuesetsize modifies the pipe buffers allocated to user-pipebufs, without updating the pipe-nraccounted value on the pipe itself. This occurs due to the if...

5.5CVSS6.2AI score0.00174EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: enable basic endpoint checking Syzkaller reports that he encountered a common issue during the URB submission phase, where a wrong USB endpoint type was used. This triggered a warning as follows: For now,...

5.5CVSS6.2AI score0.00191EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: phonet/pep: refusal to enable an unbound pipe The ioctl function implicitly assumed that the socket was already bound to a valid local socket name, i.e., a Phonet object. If the socket was not bound, two problems would occur: 1 W...

5.5CVSS5.3AI score0.00226EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: 9p/transfd: Always use ONONBLOCK for read/write operations. The syzbot report indicates that tasks become hung at p9fdclose, due to p9muxpollstop. This occurs because p9connDestroy fails to interrupt kernelread/kernelwrite that...

5.5CVSS6.2AI score0.00166EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/19 5:22 p.m.16 views

CVE-2026-32134 NanoMQ: NULL Pointer Dereference Crash in tcptran_pipe_peer During Session Restore

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In versions 0.24.10 and below, when NanoMQ handles high-concurrency reconnect traffic using a reconnect-collision payload, the broker can crash due to a NULL pointer dereference during MQTT session resumption for cleanstart=0...

5.9CVSS5.7AI score0.00401EPSS
Exploits0References4
NVD
NVD
added 2026/05/19 4:16 a.m.15 views

CVE-2026-22069

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

0.00106EPSS
Exploits0
EUVD
EUVD
added 2026/05/19 2:47 a.m.14 views

EUVD-2026-30825

A local privilege escalation vulnerability exists in O+ Connect because it fails to validate the identity of the caller on the pipe interface...

7.3CVSS5.8AI score0.00106EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/19 2:47 a.m.7 views

CVE-2026-22069

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.7AI score0.00106EPSS
Exploits0References2
CVE
CVE
added 2026/05/19 2:47 a.m.24 views

CVE-2026-22069

OPPO O+ Connect contains a local privilege escalation vulnerability due to failure to validate the caller’s identity on the pipe interface. Root cause: improper caller authentication on the inter-process pipe. Affected component: O+ Connect (local privilege escalation). Exploitation details are n...

5.8AI score0.00106EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/19 2:47 a.m.42 views

CVE-2026-22069

...

0.00106EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/19 2:47 a.m.17 views

CVE-2026-22069

...

5.8AI score0.00106EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.13 views

PT-2026-41813

A local privilege escalation vulnerability exists in O+ Connect because it fails to validate the identity of the caller on the pipe interface...

7.3CVSS5.8AI score0.00106EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/05/18 12:0 a.m.11 views

Botan C++ Crypto Algorithms Library 3.12.0

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS 10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to...

5.8AI score0.00324EPSS
Exploits0
EUVD
EUVD
added 2026/05/16 1:37 p.m.15 views

EUVD-2026-30672

Net::Statsd::Lite versions before 0.9.0 for Perl allowed metric injections. The metric names were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics...

5.8AI score0.00306EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/05/14 7:16 a.m.15 views

WPS Office improper access restriction to its named pipe

Overview WPS Office provided by WPS SOFTWARE PTE. LTD. contains a service program running background and providing certain functionalities to the other programs. This service program uses a named pipe to communicate with the other programs. The named pipe above is not properly protected and any...

7.8CVSS7.3AI score0.00336EPSS
Exploits2References4
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.9 views

PT-2026-40844

Name of the Vulnerable Software and Affected Versions Argo CD versions prior to 3.2.12 Argo CD versions prior to 3.3.10 Argo CD versions prior to 3.4.2 Description A stored cross-site scripting XSS issue exists in the application Summary tab. A user with application write access developer role ca...

7.3CVSS5.9AI score0.00037EPSS
Exploits0References156
RedHat Linux
RedHat Linux
added 2026/05/11 7:8 a.m.12 views

github.com/sirupsen/logrus: github.com/sirupsen/logrus: Denial-of-Service due to large single-line payload

A denial-of-service vulnerability in github.com/sirupsen/logrus occurs when Entry.Writer processes a single-line payload larger than 64KB with no newline characters. Due to a limitation in Go’s internal bufio.Scanner, the read operation fails with a “token too long” error, causing the underlying...

7.5CVSS7.2AI score0.00585EPSS
Exploits1References12
Rows per page
Query Builder