Lucene search
K

485 matches found

Snyk
Snyk
added 5 days ago3 views

Incorrect Authorization

Overview snipe/snipe-it is an asset management system built on Laravel. Affected versions of this package are vulnerable to Incorrect Authorization due to improper authorization in the legacy license checkin process. An attacker can reclaim license seats assigned to other users or assets by...

5.3CVSS6.1AI score0.00238EPSS
Exploits0References2
EUVD
EUVD
added 5 days ago7 views

EUVD-2026-42998

Snipe-IT is an IT asset/license management system. Prior to 8.6.2, the legacy single-seat license checkin flow authorizes the action with the checkout permission instead of the checkin permission, allowing a user who can assign licenses but not unassign them to directly access the old checkin...

5.3CVSS6.1AI score0.00238EPSS
Exploits0References3
CVE
CVE
added 5 days ago6 views

CVE-2026-55479

Snipe-IT before 8.6.2 contains a logic flaw in the legacy single-seat license checkin flow: the action is authorized with checkout permission instead of checkin permission, allowing a user who can assign licenses (but not unassign them) to access the old checkin endpoint and reclaim a license sea...

5.3CVSS6.1AI score0.00238EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 5 days ago31 views

CVE-2026-55479 Snipe-IT: Incorrect permission for legacy license checkin API

Snipe-IT is an IT asset/license management system. Prior to 8.6.2, the legacy single-seat license checkin flow authorizes the action with the checkout permission instead of the checkin permission, allowing a user who can assign licenses but not unassign them to directly access the old checkin...

5.3CVSS0.00238EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/07/01 7:52 p.m.7 views

CVE-2026-53334

A flaw was found in the Linux kernel's Data Access Monitor DAMON reclaim and Least Recently Used LRU sort mechanisms. This vulnerability arises from an incorrect assumption that a memory allocation will always succeed. If the allocation fails, a NULL pointer is dereferenced, which can lead to...

5.8AI score0.00166EPSS
Exploits0References4
NVD
NVD
added 2026/07/01 2:16 p.m.6 views

CVE-2026-53334

In the Linux kernel, the following vulnerability has been resolved: mm/damon/reclaim: handle ctx allocation failure Patch series "mm/damon/reclaim,lrusort: handle ctx allocation failures". DAMONRECLAIM and DAMONLRUSORT could dereference NULL pointers if their damonctx object allocations fail. The...

0.00166EPSS
Exploits0References3
OSV
OSV
added 2026/07/01 2:16 p.m.3 views

UBUNTU-CVE-2026-53334

In the Linux kernel, the following vulnerability has been resolved: mm/damon/reclaim: handle ctx allocation failure Patch series "mm/damon/reclaim,lrusort: handle ctx allocation failures". DAMONRECLAIM and DAMONLRUSORT could dereference NULL pointers if their damonctx object allocations fail. The...

6.2AI score0.00166EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/01 1:32 p.m.8 views

EUVD-2026-40968

In the Linux kernel, the following vulnerability has been resolved: mm/damon/reclaim: handle ctx allocation failure Patch series "mm/damon/reclaim,lrusort: handle ctx allocation failures". DAMONRECLAIM and DAMONLRUSORT could dereference NULL pointers if their damonctx object allocations fail. The...

6.2AI score0.00166EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/07/01 1:32 p.m.8 views

CVE-2026-53334

In the Linux kernel, the following vulnerability has been resolved: mm/damon/reclaim: handle ctx allocation failure Patch series "mm/damon/reclaim,lrusort: handle ctx allocation failures". DAMONRECLAIM and DAMONLRUSORT could dereference NULL pointers if their damonctx object allocations fail. The...

6.2AI score0.00166EPSS
Exploits0
OSV
OSV
added 2026/07/01 1:32 p.m.4 views

CVE-2026-53334 mm/damon/reclaim: handle ctx allocation failure

In the Linux kernel, the following vulnerability has been resolved: mm/damon/reclaim: handle ctx allocation failure Patch series "mm/damon/reclaim,lrusort: handle ctx allocation failures". DAMONRECLAIM and DAMONLRUSORT could dereference NULL pointers if their damonctx object allocations fail. The...

6.2AI score0.00166EPSS
Exploits0References6
CVE
CVE
added 2026/07/01 1:32 p.m.24 views

CVE-2026-53334

The CVE-2026-53334 entry concerns the Linux kernel’s DAMON subsystem (mm/damon/reclaim). Concrete details show that if damon_ctx allocations fail, code paths may dereference a NULL ctx pointer in the reclaim path, leading to a NULL dereference. The fix patches the init flow so that damon_reclaim_...

6.2AI score0.00166EPSS
Exploits0References3
CVE
CVE
added 2026/06/30 11:40 p.m.30 views

CVE-2026-54902

CVE-2026-54902 affects the Ruby gem Oj (Optimized JSON). In SAJ mode prior to 3.17.2, the parser’s key caching can be GC’d while the C parser still references it, causing a Use-After-Free and a segfault when a freed VALUE is accessed. The issue is fixed in version 3.17.2. Exploitation details are...

6.3CVSS5.7AI score0.00253EPSS
Exploits0References1
OSV
OSV
added 2026/06/30 5:41 p.m.2 views

SUSE-SU-2026:22433-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. - CVE-2025-38549: efivarfs: Fix memory leak of efivarfsfsinfo in...

9.8CVSS7.4AI score0.93235EPSS
Exploits56References350
NVD
NVD
added 2026/06/24 5:17 p.m.12 views

CVE-2026-53087

In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: fix leaking freebds While reclaiming the tx queue we fast forward the write pointer to drop any data in flight. These dropped frames are not added back to the pool of free bds. We also need to tell the netdev that ...

7.5CVSS0.00376EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/24 4:30 p.m.7 views

EUVD-2026-38955

In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: fix leaking freebds While reclaiming the tx queue we fast forward the write pointer to drop any data in flight. These dropped frames are not added back to the pool of free bds. We also need to tell the netdev that ...

5.8AI score0.00376EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: gfs2: Prevent recursive memory reclamation The new inode function returns a new inode with inode-imapping-gfpmask set to GFPHIGHUSERMOVABLE. This value includes the GFPFS flag, allowing allocations in that address space to...

6AI score0.00176EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: NFS: Fixed a deadlock involving nfsreleasefolio Wang Zhaolong reported a deadlock involving NFSv4.1 state recovery, waiting on kthreadd, which attempts to reclaim memory by calling nfsreleasefolio. The latter cannot proceed due t...

5.8AI score0.00168EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fixed the WQMEMRECLAIM warning When sunrpc is used, if a reset occurs, our workqueue may result in the following call trace: workqueue: WQMEMRECLAIM xprtiod: xprtrdmaconnectworker rpcrdma is being flushed! WQMEMRECLAIM...

7.5CVSS5.7AI score0.00371EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mm: slub: Fix the invocation of flushcpuslab and freeslab in the task context. The commit 5a836bf6b09f “mm: slub: Move the invocation of flushcpuslab and freeslab out of the IRQ context” fixes this issue by moving all invocations...

7.8CVSS6AI score0.00242EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/04 2:21 a.m.9 views

SUSE CVE-2026-46256

In the Linux kernel, the following vulnerability has been resolved: NFS/localio: prevent direct reclaim recursion into NFS via nfswritepages LOCALIO is an NFS loopback mount optimization that avoids using the network for READ, WRITE and COMMIT if the NFS client and server are determined to be on...

5.8AI score0.00099EPSS
Exploits0References3
Rows per page
Query Builder