Lucene search
K

1096 matches found

Cvelist
Cvelist
added 2026/05/01 2:14 p.m.30 views

CVE-2026-31769 gpib: fix use-after-free in IO ioctl handlers

In the Linux kernel, the following vulnerability has been resolved: gpib: fix use-after-free in IO ioctl handlers The IBRD, IBWRT, IBCMD, and IBWAIT ioctl handlers use a gpibdescriptor pointer after board-biggpibmutex has been released. A concurrent IBCLOSEDEV ioctl can free the descriptor via...

7.8CVSS0.00131EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/05/01 2:14 p.m.3 views

CVE-2026-31769

In the Linux kernel, the following vulnerability has been resolved: gpib: fix use-after-free in IO ioctl handlers The IBRD, IBWRT, IBCMD, and IBWAIT ioctl handlers use a gpibdescriptor pointer after board-biggpibmutex has been released. A concurrent IBCLOSEDEV ioctl can free the descriptor via...

7.8CVSS5.7AI score0.00131EPSS
Exploits0
CVE
CVE
added 2026/05/01 2:14 p.m.13 views

CVE-2026-31760

The CVE-2026-31760 issue affects the Linux kernel GPIB gpib: lpvo_usb driver, where the driver incorrectly retains references to USB devices during GPIB attach, causing a memory leak on disconnect. The root cause is not releasing those references after attaching, leading to resource retention. Th...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.9 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the gpib driver's use of the gpibdescriptor pointer after releasing a lock in the IO ioctl handler, which...

7.8CVSS5.8AI score0.00131EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/27 5:20 a.m.10 views

Malicious code in bytedmlp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 747ac5ba3db3b0d1cc24dcec3ffa5c068394edf57bf11d5f28b03526a4eda95d Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.5AI score
Exploits0References1
OSV
OSV
added 2026/04/27 5:14 a.m.8 views

MAL-2026-3088 Malicious code in bytedbackground (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ab2e307770a6b144edad3254d316375ed3cdad0a56f21438b28bcc0f1a17fcb9 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/27 5:9 a.m.7 views

Malicious code in bytedmem (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 410777f44f683eff2ab28c9dc499058d36f39204f834dd2040ed9b5bbf628174 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.5AI score
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/04/24 12:0 a.m.9 views

Libgcrypt 1.12.2

Libgcrypt is a general-purpose cryptographic library based on the code from GnuPG. It provides functions for all cryptographic building blocks: symmetric ciphers AES, DES, Blowfish, CAST5, Twofish, and Arcfour, hash algorithms MD4, MD5, RIPE-MD160, SHA-1, and TIGER-192, MACs HMAC for all hash...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/15 12:0 a.m.5 views

RealVuln: Benchmarking Rule-Based, General-Purpose LLM, and Security-Specialized Scanners on Real-World Code

How do security scanners perform on real-world code? We present RealVuln, the first open-source benchmark comparing Rule-Based SAST, General-Purpose LLMs, and Security-Specialized scanners on 26 intentionally vulnerable Python repositories educational and Capture-The-Flag applications with 796...

5.8AI score
Exploits0
OSV
OSV
added 2026/03/31 9:26 a.m.5 views

MAL-2026-2311 Malicious code in officepyai (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 563256c9d63fdb25dd344ade9c0df9605a7b22e3fc849f2512f5366e557e562c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/25 5:4 a.m.8 views

Malicious code in sonic-platform-common (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0b7ad70e46087b1ffe41c3d0670c24c58b38e72344c958458af49a25541778b4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
OSV
OSV
added 2026/03/24 10:23 p.m.8 views

MAL-2026-2150 Malicious code in snooty (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f8ab89ca752c54d473b700a5521cb00a7d1d54a50debaa5be8be438c778a5f6b Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
NVD
NVD
added 2026/03/24 3:16 a.m.6 views

CVE-2026-33308

Modgnutls is a TLS module for Apache HTTPD based on GnuTLS. Prior to version 0.13.0, code for client certificate verification did not check the key purpose as set in the Extended Key Usage extension. An attacker with access to the private key for a valid certificate issued by a CA trusted for TLS...

6.8CVSS0.00205EPSS
Exploits0References1
OSV
OSV
added 2026/03/24 3:16 a.m.16 views

UBUNTU-CVE-2026-33308

Modgnutls is a TLS module for Apache HTTPD based on GnuTLS. Prior to version 0.13.0, code for client certificate verification did not check the key purpose as set in the Extended Key Usage extension. An attacker with access to the private key for a valid certificate issued by a CA trusted for TLS...

6.8CVSS5.8AI score0.00205EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/24 1:36 a.m.1 views

CVE-2026-33308 mod_gnutls missing key purpose check in client certificate verification

Modgnutls is a TLS module for Apache HTTPD based on GnuTLS. Prior to version 0.13.0, code for client certificate verification did not check the key purpose as set in the Extended Key Usage extension. An attacker with access to the private key for a valid certificate issued by a CA trusted for TLS...

6.8CVSS5.9AI score0.00205EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/24 1:36 a.m.25 views

CVE-2026-33308 mod_gnutls missing key purpose check in client certificate verification

Modgnutls is a TLS module for Apache HTTPD based on GnuTLS. Prior to version 0.13.0, code for client certificate verification did not check the key purpose as set in the Extended Key Usage extension. An attacker with access to the private key for a valid certificate issued by a CA trusted for TLS...

6.8CVSS0.00205EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/24 1:36 a.m.4 views

CVE-2026-33308

Modgnutls is a TLS module for Apache HTTPD based on GnuTLS. Prior to version 0.13.0, code for client certificate verification did not check the key purpose as set in the Extended Key Usage extension. An attacker with access to the private key for a valid certificate issued by a CA trusted for TLS...

6.8CVSS5.9AI score0.00205EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/03/24 1:36 a.m.6 views

EUVD-2026-14694

Modgnutls is a TLS module for Apache HTTPD based on GnuTLS. Prior to version 0.13.0, code for client certificate verification did not check the key purpose as set in the Extended Key Usage extension. An attacker with access to the private key for a valid certificate issued by a CA trusted for TLS...

6.8CVSS5.9AI score0.00205EPSS
Exploits0References1
CVE
CVE
added 2026/03/24 1:36 a.m.16 views

CVE-2026-33308

CVE-2026-33308 affects mod_gnutls, a TLS module for Apache HTTPD based on GnuTLS. Prior to 0.13.0, the client-certificate verification code did not enforce the Extended Key Usage EKU key purpose; if an attacker possessed the private key of a valid certificate from a trusted CA but intended for a ...

6.8CVSS5.9AI score0.00205EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/03/24 1:36 a.m.3 views

CVE-2026-33308 mod_gnutls missing key purpose check in client certificate verification

Modgnutls is a TLS module for Apache HTTPD based on GnuTLS. Prior to version 0.13.0, code for client certificate verification did not check the key purpose as set in the Extended Key Usage extension. An attacker with access to the private key for a valid certificate issued by a CA trusted for TLS...

6.8CVSS5.9AI score0.00205EPSS
Exploits0References3
Rows per page
Query Builder