Lucene search
K

826 matches found

Nuclei
Nuclei
added 3 days ago68 views

Rebuild <= 3.5.5 - Server-Side Request Forgery

There is a security vulnerability in Rebuild 3.5.5, which is due to a server-side request forgery vulnerability in the URL parameter of the readRawText function of the HTTP Request Handler component. id: CVE-2024-1021 info: name: Rebuild = 3.5.5 - Server-Side Request Forgery author: BMCel severit...

9.8CVSS6.7AI score0.34955EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 3 days ago6 views

SUSE CVE-2026-53289

In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL pointer dereference in iceresetallvfs iceresetallvfs ignores the return value of icevfrebuildvsi. When the VSI rebuild fails e.g. during NVM firmware update via nvmupdate64e, icevsirebuild tears down the VSI on its...

5.8AI score0.00172EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 3 days ago11 views

Linux Distros Unpatched Vulnerability : CVE-2026-53289

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ice: fix NULL pointer dereference in iceresetallvfs iceresetallvfs ignores the return value of icevfrebuildvsi. When the VSI rebuild fails e.g. during NVM...

5.8AI score0.00172EPSS
Exploits0References3
NVD
NVD
added 5 days ago5 views

CVE-2026-53289

In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL pointer dereference in iceresetallvfs iceresetallvfs ignores the return value of icevfrebuildvsi. When the VSI rebuild fails e.g. during NVM firmware update via nvmupdate64e, icevsirebuild tears down the VSI on its...

0.00172EPSS
Exploits0References6
OSV
OSV
added 5 days ago2 views

UBUNTU-CVE-2026-53289

In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL pointer dereference in iceresetallvfs iceresetallvfs ignores the return value of icevfrebuildvsi. When the VSI rebuild fails e.g. during NVM firmware update via nvmupdate64e, icevsirebuild tears down the VSI on its...

5.7AI score0.00172EPSS
Exploits0References9
EUVD
EUVD
added 5 days ago4 views

EUVD-2026-39894

In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL pointer dereference in iceresetallvfs iceresetallvfs ignores the return value of icevfrebuildvsi. When the VSI rebuild fails e.g. during NVM firmware update via nvmupdate64e, icevsirebuild tears down the VSI on its...

5.8AI score0.00172EPSS
Exploits0References6
CVE
CVE
added 5 days ago8 views

CVE-2026-53289

In the Linux kernel ice driver, CVE-2026-53289 describes a NULL pointer dereference in ice_reset_all_vfs caused by ignoring the return value of ice_vf_rebuild_vsi(). If a VSI rebuild fails (e.g., during NVM firmware update), ice_vsi_rebuild_vsi leaves txq_map/rxq_map NULL and ice_vf_post_vsi_rebu...

5.8AI score0.00172EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 5 days ago8 views

PT-2026-52928

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference exists in the ice reset all vfs function. The issue occurs because ice reset all vfs ignores the return value of ice vf rebuild vsi. If the VSI rebuild...

5.8AI score0.00172EPSS
Exploits0References9
NVD
NVD
added last week8 views

CVE-2026-52924

In the Linux kernel, the following vulnerability has been resolved: sctp: purge outqueue on stale COOKIE-ECHO handling sctpstreamupdate is only invoked when the association is moved into COOKIEWAIT during association setup/reconfiguration. In this path, the outbound stream scheduler state...

9.8CVSS0.00265EPSS
Exploits0References11
EUVD
EUVD
added last week8 views

EUVD-2026-38727

In the Linux kernel, the following vulnerability has been resolved: sctp: purge outqueue on stale COOKIE-ECHO handling sctpstreamupdate is only invoked when the association is moved into COOKIEWAIT during association setup/reconfiguration. In this path, the outbound stream scheduler state...

5.8AI score0.00265EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.5 views

Oracle Linux 9 : libtiff (ELSA-2026-19363)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-19363 advisory. 4.4.0-18 - rebuild 4.4.0-15.3 - fix CVE-2026-4775: signed integer overflow in putcontig8bitYCbCr44tile RHEL-159331 Tenable has extracted the preceding...

7.8CVSS6.7AI score0.00553EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/19 7:46 p.m.5 views

CVE-2026-48787

gin-vue-admin is an AI-assisted basic development platform. In version 2.9.1, an authenticated attacker with access to the code-generation feature and MCP management interface can exploit this vulnerability by injecting attacker-controlled Go source code through POST /autoCode/addFunc, and then...

8.7CVSS6.6AI score0.0047EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.12 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Ice: Avoid bpfprog refcount underflow The Ice driver includes routines for managing XDP resources that are shared between the ndobpf operation and the VSI rebuild flow. The latter occurs, for example, when the user changes the...

5.5CVSS5.9AI score0.0021EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Ice: Fixed a NULL pointer dereferencing during VSI rebuild. Fixed a race condition where PTP periodic work ran while VSI was being rebuilt, potentially leading to access to NULL vsi-rxrings. The sequence was as follows: 1...

4.7CVSS5.7AI score0.00106EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.19 views

PT-2026-50608

Name of the Vulnerable Software and Affected Versions Drupal core affected versions not specified Description The rebuild.php front controller, used to clear caches and rebuild the container when a site is in an unexpected condition, fails to correctly validate the Host header against trusted hos...

5.2AI score
Exploits0References3
OSV
OSV
added 2026/06/12 12:33 a.m.6 views

OPENSUSE-SU-2026:20947-1 Security update for java-21-openj9

This update for java-21-openj9 fixes the following issues: Changes in java-21-openj9: - Make post scripts less noisy bsc1267355 - Use libalternatives instead of update-alternatives for distributions where libalternatives is available - Update to OpenJDK 21.0.11 with OpenJ9 0.59.0 virtual machine ...

9.8CVSS7AI score0.01157EPSS
Exploits2References59
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.10 views

Fedora 44 : rust-sequoia-cert-store / rust-sequoia-chameleon-gnupg / etc (2026-5c5f4f40a4)

The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-5c5f4f40a4 advisory. - Update the sequoia-wot crate to version 0.15.2. - Update the sequoia-keystore crate to version 0.7.3. This includes a rebuild of all dependent applications...

5.6AI score
Exploits0References1
EUVD
EUVD
added 2026/06/04 5:47 p.m.9 views

EUVD-2026-34313

Froxlor is open source server administration software. Prior to version 2.3.7, the DomainZones.add API endpoint does not sanitize newline characters in TXT record content. An authenticated customer with DNS editing enabled can inject newlines into TXT record values, which break out of the record...

8.8CVSS5.9AI score0.00544EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2026/06/01 10:35 p.m.10 views

kernel: Linux kernel: Denial of Service in ice driver due to race condition during VSI rebuild

A flaw was found in the Linux kernel's ice network driver. A local attacker could exploit a race condition during the Virtual Station Interface VSI rebuild process. This flaw occurs when the Precision Time Protocol PTP periodic work attempts to access uninitialized memory, leading to a NULL point...

4.7CVSS5.8AI score0.00106EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.13 views

PT-2026-44907

Name of the Vulnerable Software and Affected Versions Froxlor version 2.3.6 Description A symlink-following flaw exists in the root-owned SSH key synchronization path used for customer FTP users. The provisioning code appends public keys to /.ssh/authorized keys within a customer-controlled home...

8.8CVSS5.9AI score0.00366EPSS
Exploits0References8
Rows per page
Query Builder