Lucene search
K

197 matches found

Microsoft CVE
Microsoft CVE
added 2026/06/27 8:4 a.m.6 views

netfilter: nf_queue: hold bridge skb->dev while queued

...

7.8CVSS5.8AI score0.00142EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/24 8:39 p.m.6 views

CVE-2026-52912

A flaw was found in the Linux kernel's netfilter component. This vulnerability occurs because a queued bridge packet can retain a freed bridge master in its skb-dev field until it is reinjected. When the packet is later reinjected, the system attempts to use the freed bridge master, leading to a...

7.8CVSS5.8AI score0.00142EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 6:32 p.m.4 views

EUVD-2026-38813

In the Linux kernel, the following vulnerability has been resolved: Revert "wireguard: device: enable threaded NAPI" This reverts commit 933466fc50a8e4eb167acbd0d8ec96a078462e9c which is commit db9ae3b6b43c79b1ba87eea849fd65efa05b4b2e upstream. We have had three independent production user report...

5.8AI score0.00307EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 4:26 p.m.29 views

CVE-2026-52945 Revert "wireguard: device: enable threaded NAPI"

In the Linux kernel, the following vulnerability has been resolved: Revert "wireguard: device: enable threaded NAPI" This reverts commit 933466fc50a8e4eb167acbd0d8ec96a078462e9c which is commit db9ae3b6b43c79b1ba87eea849fd65efa05b4b2e upstream. We have had three independent production user report...

7.5CVSS0.00307EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/06/24 7:14 a.m.6 views

CVE-2026-52912

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfqueue: hold bridge skb-dev while queued brpassframeup rewrites skb-dev from the ingress port to the bridge master before queueing bridge LOCALIN packets. NFQUEUE only holds references on state.in/out and bridge...

7.8CVSS5.7AI score0.00142EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerabilities have been resolved: locking/qrwlock: Fixed the ordering in queuedwritelockslowpath While this code is executed with waitlock held, a reader can acquire the lock without holding waitlock. The writer side loops checking the value using...

5.5CVSS6.4AI score0.00228EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.11 views

PT-2026-49587

Name of the Vulnerable Software and Affected Versions AIOHTTP versions prior to 3.14.1 Description AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. The software lacked a limit on the number of pipelined requests that could be queued. An attacker could exploit this b...

8.7CVSS5.9AI score0.00279EPSS
Exploits0References18
NVD
NVD
added 2026/06/12 9:16 p.m.10 views

CVE-2026-44780

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, ReviewableQueuedPostSerializer unconditionally included payload"rawemail" for posts that arrived via incoming email...

4.3CVSS0.00189EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/12 8:22 p.m.27 views

CVE-2026-44780 Discourse: Category queue reviewers can read raw incoming emails from queued posts

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, ReviewableQueuedPostSerializer unconditionally included payload"rawemail" for posts that arrived via incoming email...

4.3CVSS0.00189EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/12 8:22 p.m.8 views

CVE-2026-44780 Discourse: Category queue reviewers can read raw incoming emails from queued posts

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, ReviewableQueuedPostSerializer unconditionally included payload"rawemail" for posts that arrived via incoming email...

4.3CVSS5.2AI score0.00189EPSS
Exploits0References1
CVE
CVE
added 2026/06/12 8:22 p.m.17 views

CVE-2026-44780

Summary of CVE-2026-44780 (Discourse) : The flaw arises in the ReviewableQueuedPostSerializer where, for posts arriving via incoming email, payload["raw_email"] was unconditionally included. This allowed category moderation group members in the review queue to access the full inbound email conten...

4.3CVSS5.2AI score0.00189EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/12 8:22 p.m.8 views

EUVD-2026-36584

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, ReviewableQueuedPostSerializer unconditionally included payload"rawemail" for posts that arrived via incoming email...

4.3CVSS5.2AI score0.00189EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/28 3:57 a.m.12 views

SUSE CVE-2026-45855

In the Linux kernel, the following vulnerability has been resolved: ata: libata-scsi: avoid Non-NCQ command starvation When a non-NCQ command is issued while NCQ commands are being executed, atascsiqcissue indicates to the SCSI layer that the command issuing should be deferred by returning...

5.9AI score0.00164EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/27 3:33 p.m.15 views

EUVD-2026-32321

In the Linux kernel, the following vulnerability has been resolved: ata: libata-scsi: avoid Non-NCQ command starvation When a non-NCQ command is issued while NCQ commands are being executed, atascsiqcissue indicates to the SCSI layer that the command issuing should be deferred by returning...

5.9AI score0.00164EPSS
Exploits0References5
CVE
CVE
added 2026/05/27 12:15 p.m.30 views

CVE-2026-45855

The CVE-2026-45855 issue affects the Linux kernel’s libata-scsi component, where NCQ command traffic could starve non-NCQ commands in multi-queue hosts. Root cause: mixing NCQ and non-NCQ can delay non-NCQ execution when NCQ is in-flight. The fix implements forward progress for non-NCQ commands b...

5.5CVSS5.9AI score0.00164EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ata/libata-scsi module potentially causing non-NCQ command starvation under continuous load o...

5.8AI score0.00164EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/22 2:20 a.m.10 views

SUSE CVE-2026-43502

In the Linux kernel, the following vulnerability has been resolved: net/rds: handle zerocopy send cleanup before the message is queued A zerocopy send can fail after user pages have been pinned but before the message is attached to the sending socket. The purge path currently infers zerocopy stat...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/21 12:17 p.m.53 views

CVE-2026-43502 net/rds: handle zerocopy send cleanup before the message is queued

In the Linux kernel, the following vulnerability has been resolved: net/rds: handle zerocopy send cleanup before the message is queued A zerocopy send can fail after user pages have been pinned but before the message is attached to the sending socket. The purge path currently infers zerocopy stat...

7.8CVSS0.00123EPSS
Exploits0References8
CVE
CVE
added 2026/05/21 12:17 p.m.27 views

CVE-2026-43502

The CVE-2026-43502 vulnerability affects the Linux kernel net/rds zerocopy send path. The root cause is incorrect cleanup logic: zerocopy ownership is determined by op_mmp_znotifier, but purge uses rm->m_rs, risking unqueued messages being cleaned up as if they owned normal payload pages. The ...

7.8CVSS5.7AI score0.00123EPSS
Exploits0References8Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: netfs: Fixed a race condition between cache write completion and the setting of ALLQUEUED. When netfslib issues subrequests, these subrequests start processing immediately and may complete before we reach the end of the issuing...

4.7CVSS5.8AI score0.00087EPSS
Exploits0References2
Rows per page
Query Builder