Lucene search
K

271 matches found

NVD
NVD
added 2026/01/13 4:16 p.m.14 views

CVE-2025-71078

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s/slb: Fix SLB multihit issue during SLB preload On systems using the hash MMU, there is a software SLB preload cache that mirrors the entries loaded into the hardware SLB buffer. This preload cache is subject to period...

7.8CVSS0.0012EPSS
Exploits0References7
OSV
OSV
added 2026/01/13 4:16 p.m.9 views

AZL-74309 CVE-2025-71078 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s/slb: Fix SLB multihit issue during SLB preload On systems using the hash MMU, there is a software SLB preload cache that mirrors the entries loaded into the hardware SLB buffer. This preload cache is subject to period...

7.8CVSS5.6AI score0.0012EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/01/13 4:16 p.m.5 views

CVE-2025-71078

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s/slb: Fix SLB multihit issue during SLB preload On systems using the hash MMU, there is a software SLB preload cache that mirrors the entries loaded into the hardware SLB buffer. This preload cache is subject to period...

7.8CVSS5.7AI score0.0012EPSS
Exploits0References36
OSV
OSV
added 2026/01/13 4:16 p.m.4 views

UBUNTU-CVE-2025-71078

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s/slb: Fix SLB multihit issue during SLB preload On systems using the hash MMU, there is a software SLB preload cache that mirrors the entries loaded into the hardware SLB buffer. This preload cache is subject to period...

7.8CVSS5.7AI score0.0012EPSS
Exploits0References38
ATTACKERKB
ATTACKERKB
added 2026/01/13 3:34 p.m.4 views

CVE-2025-71078

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s/slb: Fix SLB multihit issue during SLB preload On systems using the hash MMU, there is a software SLB preload cache that mirrors the entries loaded into the hardware SLB buffer. This preload cache is subject to period...

5.3AI score0.0012EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/01/13 3:34 p.m.24 views

CVE-2025-71078 powerpc/64s/slb: Fix SLB multihit issue during SLB preload

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s/slb: Fix SLB multihit issue during SLB preload On systems using the hash MMU, there is a software SLB preload cache that mirrors the entries loaded into the hardware SLB buffer. This preload cache is subject to period...

0.0012EPSS
Exploits0References7
CVE
CVE
added 2026/01/13 3:34 p.m.18 views

CVE-2025-71078

CVE-2025-71078 describes a Linux kernel fix for a SLB multihit issue on hash MMU POWERPC 64s. The root cause is a mismatch between the hardware SLB and the software preload cache when the kernel optimizes switch_mm_irqs_off by not calling switch_mmu_context() if prev and next mm_struct are the sa...

7.8CVSS5.9AI score0.0012EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2026/01/13 3:34 p.m.5 views

CVE-2025-71078 powerpc/64s/slb: Fix SLB multihit issue during SLB preload

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s/slb: Fix SLB multihit issue during SLB preload On systems using the hash MMU, there is a software SLB preload cache that mirrors the entries loaded into the hardware SLB buffer. This preload cache is subject to period...

7.8CVSS6.2AI score0.0012EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.5 views

PT-2026-2599

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the powerpc/64s/slb subsystem related to the SLB preload cache on systems utilizing a hash MMU. Specifically, inconsistencies can arise between the...

7.8CVSS5.4AI score0.0012EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-71078

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - powerpc/64s/slb: Fix SLB multihit issue during SLB preload On systems using the hash MMU, there is a software SLB preload cache that mirrors the entries loaded...

7.8CVSS7.1AI score0.0012EPSS
Exploits0References4
OSV
OSV
added 2026/01/07 10:15 p.m.1 views

DEBIAN-CVE-2026-21441

urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP...

7.5CVSS6.7AI score0.02667EPSS
Exploits0References1
OSV
OSV
added 2026/01/07 10:15 p.m.8 views

AZL-73734 CVE-2026-21441 affecting package python-urllib3 for versions less than 1.26.19-3

urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP...

8.9CVSS6.7AI score0.02667EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/07 10:9 p.m.25 views

CVE-2026-21441 urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)

urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP...

8.9CVSS0.02667EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/07 10:9 p.m.8 views

CVE-2026-21441 urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)

urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP...

8.9CVSS6.1AI score0.02667EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/07 12:0 a.m.6 views

PT-2026-2060

Name of the Vulnerable Software and Affected Versions urllib3 versions 1.22 through 2.6.2 Description urllib3 is a Python HTTP client library. Its streaming API is designed for efficient handling of large HTTP responses by reading content in chunks. The library decompresses content based on the...

8.9CVSS6.5AI score0.02667EPSS
Exploits0References268
OSV
OSV
added 2025/12/11 9:47 p.m.5 views

CVE-2025-66446 MaxKB has a Python sandbox LD_PRELOAD bypass

MaxKB is an open-source AI assistant for enterprise. Versions 2.3.1 and below have improper file permissions which allow attackers to overwrite the built-in dynamic linker and other critical files, potentially resulting in privilege escalation. This issue is fixed in version 2.4.0...

8.8CVSS6.9AI score0.00306EPSS
Exploits0References4
CVE
CVE
added 2025/12/11 9:47 p.m.12 views

CVE-2025-66446

MaxKB (enterprise AI assistant) versions 2.3.1 and earlier are affected by improper file permissions that allow overwriting the built-in dynamic linker and other critical files, potentially enabling privilege escalation. The issue is fixed in version 2.4.0. Affected component: file permissions go...

8.8CVSS6.5AI score0.00306EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/12/11 9:47 p.m.21 views

CVE-2025-66446 MaxKB has a Python sandbox LD_PRELOAD bypass

MaxKB is an open-source AI assistant for enterprise. Versions 2.3.1 and below have improper file permissions which allow attackers to overwrite the built-in dynamic linker and other critical files, potentially resulting in privilege escalation. This issue is fixed in version 2.4.0...

8.8CVSS0.00306EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/12/04 3:36 p.m.6 views

CVE-2025-13401

The Autoptimize plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the LCP Image to preload metabox in all versions up to, and including, 3.1.13 due to insufficient input sanitization and output escaping on user-supplied image attributes in the "createimgpreloadtag" function...

6.4CVSS5AI score0.00271EPSS
Exploits0References1
NVD
NVD
added 2025/12/03 2:15 p.m.8 views

CVE-2025-13401

The Autoptimize plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the LCP Image to preload metabox in all versions up to, and including, 3.1.13 due to insufficient input sanitization and output escaping on user-supplied image attributes in the "createimgpreloadtag" function...

6.4CVSS0.00271EPSS
Exploits0References2
Rows per page
Query Builder