Lucene search
K

9950 matches found

Oracle linux
Oracle linux
added yesterday4 views

kernel security, bug fix, and enhancement update

4.18.0-553.141.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

7.8CVSS7AI score0.0031EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/07/03 2:36 p.m.7 views

CVE-2026-55223

A flaw was found in c3p0, a JDBC Connection pooling library. This vulnerability allows a remote attacker to potentially execute arbitrary code by crafting a malicious data source object. When an application deserializes this object and automatically resolves its properties, it can trigger...

7.5CVSS6.3AI score0.00284EPSS
Exploits0References5
OSV
OSV
added 2026/07/02 8:17 p.m.3 views

DEBIAN-CVE-2025-71385

Netdata before 2.3.1 reflects the user-supplied love query parameter of the api/v2/ilove.svg and api/v3/ilove.svg endpoints verbatim into the generated SVG document into a text element without HTML or XML escaping, and serves the response with Content-Type image/svg+xml. An attacker can craft a U...

6.1CVSS5.9AI score0.0024EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/02 7:37 p.m.9 views

CVE-2025-71385

Netdata before 2.3.1 reflects the user-supplied love query parameter of the api/v2/ilove.svg and api/v3/ilove.svg endpoints verbatim into the generated SVG document into a text element without HTML or XML escaping, and serves the response with Content-Type image/svg+xml. An attacker can craft a U...

6.1CVSS5.7AI score0.0024EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/07/01 1:32 p.m.6 views

CVE-2026-53342

In the Linux kernel, the following vulnerability has been resolved: arm64: mm: call pagetable dtor when freeing hot-removed page tables Since 5e8eb9aeeda3 "arm64: mm: always call PTE/PMD ctor in createpgdmapping" page-table allocation on ARM64 always calls pagetablepte,pmd,pud,p4dctor. This sets...

5.7AI score0.00154EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/06/29 5:30 p.m.11 views

CVE-2026-12672

REJECT DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/06/29 8:10 a.m.2 views

OPENSUSE-SU-2026:21163-1 Security update for yt-dlp

This update for yt-dlp fixes the following issues: Changes in yt-dlp: - Update to version 2026.06.09 Fixed CVE-2026-50019: File Downloader cookie leak with curl Fixed CVE-2026-50023: Dangerous file type creation via insufficient filename sanitization Fixed CVE-2026-50574: Arbitrary code execution...

9.6CVSS6.2AI score0.00555EPSS
Exploits1References3
NVD
NVD
added 2026/06/26 8:17 p.m.8 views

CVE-2026-53319

In the Linux kernel, the following vulnerability has been resolved: blk-wbt: remove WARNONONCE from wbtinitenabledefault wbtinitenabledefault uses WARNONONCE to check for failures from wbtalloc and wbtinit. However, both are expected failure paths: - wbtalloc can return NULL under memory pressure...

5.5CVSS0.001EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/26 2:9 a.m.8 views

SUSE CVE-2026-53239

In the Linux kernel, the following vulnerability has been resolved: xfrm: policy: fix use-after-free on inexact bin in xfrmpolicybyselctx Fix the race by pruning the bin while still holding xfrmpolicylock, before dropping it. Use xfrmpolicyinexactprunebin directly since the lock is already held...

7.8CVSS5.8AI score0.00135EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.8 views

SUSE SLES16: postgresql14 / postgresql14-contrib / postgresql14-devel / etc (SUSE-SU-2026:22177-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:22177-1 advisory. This update for postgresql14 fixes the following issues Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on...

8.8CVSS6.1AI score0.00668EPSS
Exploits0References26
OSV
OSV
added 2026/06/25 8:39 a.m.2 views

CVE-2026-53239 xfrm: policy: fix use-after-free on inexact bin in xfrm_policy_bysel_ctx()

In the Linux kernel, the following vulnerability has been resolved: xfrm: policy: fix use-after-free on inexact bin in xfrmpolicybyselctx Fix the race by pruning the bin while still holding xfrmpolicylock, before dropping it. Use xfrmpolicyinexactprunebin directly since the lock is already held...

7.8CVSS5.8AI score0.00135EPSS
Exploits0References11
EUVD
EUVD
added 2026/06/25 8:38 a.m.5 views

EUVD-2026-39272

In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: fix skackbacklog leak on failed handshake When vmcitransportrecvconnectingserver returns an error, vmcitransportrecvlisten calls vsockremovepending but never calls skacceptqremoved. This leaves skackbacklog incremente...

5.8AI score0.00128EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.11 views

PT-2026-52315

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the netfilter component where the ebt redirect tg function dereferences the return value of br port get rcu without a NULL check. This can lead to a kernel panic if a...

6.8CVSS5.9AI score0.00127EPSS
Exploits0References12
CVE
CVE
added 2026/06/24 9:8 p.m.20 views

CVE-2026-55762

Rocket.Chat CVE-2026-55762 concerns an unauthenticated mis-authorization on POST /api/v1/fingerprint. Prior to fixed versions, authenticated users could call the endpoint with {"setDeploymentAs": "new-workspace"} to permanently deregister the workspace from Rocket.Chat Cloud, wiping cloud credent...

8.1CVSS5.9AI score0.00323EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 4:29 p.m.28 views

CVE-2026-52998 netfilter: nfnetlink_osf: fix potential NULL dereference in ttl check

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkosf: fix potential NULL dereference in ttl check The nfosfttl function accessed skb-dev to perform a local interface address lookup without verifying that the device pointer was valid. Additionally, the...

7.5CVSS0.00508EPSS
Exploits0References8
OSV
OSV
added 2026/06/24 4:29 p.m.2 views

CVE-2026-52998 netfilter: nfnetlink_osf: fix potential NULL dereference in ttl check

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkosf: fix potential NULL dereference in ttl check The nfosfttl function accessed skb-dev to perform a local interface address lookup without verifying that the device pointer was valid. Additionally, the...

7.5CVSS5.8AI score0.00508EPSS
Exploits0References11
OSV
OSV
added 2026/06/24 4:28 p.m.5 views

CVE-2026-52966 drm: Replace old pointer to new idr

In the Linux kernel, the following vulnerability has been resolved: drm: Replace old pointer to new idr Commit 5e28b7b94408 introduced a logical error by failing to replace the newly generated IDR pointer to old id's pointer at the correct location within the "change handle" logic; this resulted ...

5.9AI score0.00186EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: spi: spidev: fixed the lock inversion between spilock and buflock. The spidev driver previously used two mutexes, spilock and buflock, but their acquisition was done in different orders depending on the code path: - write/read:...

5.5CVSS5.8AI score0.00094EPSS
Exploits0References2
OSV
OSV
added 2026/06/24 8:16 a.m.4 views

UBUNTU-CVE-2026-52929

In the Linux kernel, the following vulnerability has been resolved: sctp: stream: fully roll back denied add-stream state When ADDOUTSTREAMS is denied, SCTP only shrinks the queued chunks and then lowers outcnt. That leaves removed stream metadata behind, so a later re-add can reuse a stale ext a...

7.5CVSS5.6AI score0.00394EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.7 views

PT-2026-51892

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A potential NULL dereference exists in the nf osf ttl function within the netfilter nfnetlink osf module. The function accessed skb-dev to perform a local interface address lookup withou...

7.5CVSS5.8AI score0.00508EPSS
Exploits0References10
Rows per page
Query Builder