Lucene search
K

607 matches found

NVD
NVD
added 9 hours ago6 views

CVE-2026-57243

During the process of page opening and form formatting, a JavaScript reentrancy results in an inconsistent document status. Subsequently, with outdated page information, the application attempts to access invalid addresses, causing the application to crash...

6.1CVSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 11 hours ago4 views

CVE-2026-57243

During the process of page opening and form formatting, a JavaScript reentrancy results in an inconsistent document status. Subsequently, with outdated page information, the application attempts to access invalid addresses, causing the application to crash...

6.1CVSS6AI score
Exploits0References2Affected Software2
Cvelist
Cvelist
added 11 hours ago7 views

CVE-2026-57243 Foxit PDF Editor/Reader Page Out-of-bounds Read Vulnerability

During the process of page opening and form formatting, a JavaScript reentrancy results in an inconsistent document status. Subsequently, with outdated page information, the application attempts to access invalid addresses, causing the application to crash...

6.1CVSS
Exploits0References1
CVE
CVE
added 11 hours ago7 views

CVE-2026-57243

CVE-2026-57243 affects Foxit PDF Editor/Reader. A JavaScript reentrancy during page opening and form formatting leads to an inconsistent document status and, with outdated page information, the application accesses invalid addresses, causing a crash. Current details describe the vulnerable operat...

6.1CVSS6AI score
Exploits0References1
EUVD
EUVD
added 11 hours ago6 views

EUVD-2026-42208

During the process of page opening and form formatting, a JavaScript reentrancy results in an inconsistent document status. Subsequently, with outdated page information, the application attempts to access invalid addresses, causing the application to crash...

6.1CVSS6AI score
Exploits0References1
Hacker One
Hacker One
added 2026/06/25 7:56 a.m.12 views

curl: Use-after-free in `mev_forget_socket` when `curl_easy_pause()` is called from a `CURL_POLL_REMOVE` socket callback (incomplete fix of CVE-2026-9080)

Summary libcurl's event interface lets the application's socket callback CURLMOPTSOCKETFUNCTION call curleasypause. CVE-2026-9080 was issued for a use-after-free that this triggers, and the fix added a post-callback re-fetch of the socket-hash entry in the UPDATE leg mevshentryupdate,...

7.3CVSS5.8AI score0.00407EPSS
Exploits1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Qemu

A reentrancy issue was discovered in the NVM Express Controller NVME emulation in QEMU. This CVE is similar to CVE-2021-3750. Just like in that case, when the reentrancy trigger the reset function nvmectrlreset, data structures will be freed, leading to a use-after-free vulnerability. A malicious...

8.2CVSS7.4AI score0.00643EPSS
Exploits2References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Qemu

A reentrancy issue related to DMA was discovered in the USB EHCI controller emulation of QEMU. EHCI does not verify whether the Buffer Pointer overlaps with its MMIO region when transferring USB packets. Crafted content may be written to the controller’s registers, potentially triggering...

8.2CVSS7AI score0.0053EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Qemu

A reentrancy issue related to DMA was discovered in the Tulip device emulation in QEMU. When Tulip reads from or writes to the rx/tx descriptor, or copies a rx/tx frame, it does not check whether the destination address is its own MMIO address. This can cause the device to trigger MMIO handlers...

7.8CVSS6.9AI score0.00411EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.17 views

Astra Linux – Vulnerability in Qemu

A double-free vulnerability was identified in QEMU virtio devices virtio-gpu, virtio-serial-bus, virtio-crypto. The memreentrancyguard flag does not provide sufficient protection against reentrancy issues related to DMA operations. This vulnerability could allow a malicious privileged guest user ...

8.2CVSS7.7AI score0.00278EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/06/08 8:14 a.m.75 views

Smart_Contract_Researcher_POC

Smart Contract Security Research Portfolio hailthelord...

5.6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:26 p.m.12 views

CVE-2026-48066

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/log.c contains a process-wide static pointer that is written on every PAM invocation with the address of a stack-local variable. This violates the PAM re-entrancy requirement and creates a data...

5.7CVSS5.5AI score0.00116EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 12:56 p.m.23 views

CVE-2026-46029

In the Linux kernel, CVE-2026-46029 describes a race within the slab allocator where kmalloc_nolock() called from NMI on uniprocessor (UP) configurations can re-enter the allocator and acquire n->list_lock that the interrupted context already holds, corrupting slab state and potentially causin...

7CVSS5.8AI score0.00143EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.14 views

PT-2026-44090

pam usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/log.c contains a process-wide static pointer that is written on every PAM invocation with the address of a stack-local variable. This violates the PAM re-entrancy requirement and creates a data...

5.7CVSS5.8AI score0.00116EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2026/05/25 3:49 a.m.112 views

CVE-2026-X4992-Uniswap-PoC

CVE-2026-X4992: Uniswap V3 SwapRouter Reentrancy Vulnerability...

5.9AI score
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15, and Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: netsched: qfq: A double addition of a classifier was corrected in the class, where netem is a child qdisc. As described in Gerrard’s report 1, there are use cases where a netem child qdisc can make the parent qdisc’s enqueue...

7.8CVSS6.2AI score0.00176EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/05/02 2:18 p.m.144 views

php-8.5.5-var_destroy-uaf

PHP 8.5.5 — vardestroy destruct reentrancy UAF Siste...

6AI score
Exploits0
Hacker One
Hacker One
added 2026/04/18 11:22 p.m.16 views

curl: Use-after-free in `curl_easy_ssls_export()` during callback re-entrancy

Summary: curleasysslsexport iterates the SSL session list and invokes a caller-provided callback for each entry. If that callback calls curleasysslsimport on the same easy handle, the import path can evict and free the current session node while the export loop still holds it. The subsequent...

5.5AI score
Exploits0
Vulnrichment
Vulnrichment
added 2026/02/24 9:15 p.m.7 views

CVE-2026-27195 Wasmtime is vulnerable to panic when dropping a `[Typed]Func::call_async` future

Wasmtime is a runtime for WebAssembly. Starting with Wasmtime 39.0.0, the component-model-async feature became the default, which brought with it a new implementation of TypedFunc::callasync which made it capable of calling async-typed guest export functions. However, that implementation had a bu...

6.9CVSS5.3AI score0.00362EPSS
Exploits0References6
OSV
OSV
added 2026/02/24 8:44 p.m.7 views

GHSA-XJHV-V822-PF94 Wasmtime is vulnerable to panic when dropping a `[Typed]Func::call_async` future

The affected versions of Wasmtime can panic if the host embedder drops the future returned by wasmtime::component::TypedFunc::callasync before it resolves. Details Starting with Wasmtime 39.0.0, the component-model-async feature became the default, which brought with it a new implementation of...

6.9CVSS5.4AI score0.00362EPSS
Exploits0References9
Rows per page
Query Builder