Lucene search
K

65 matches found

RedhatCVE
RedhatCVE
added 2026/06/01 4:3 p.m.16 views

CVE-2026-45151

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In 0.24.8 and earlier, quicstreamrecv can dereference a null substream pointer when a substream is in reopen state. The code finishes the AIO with error but does not return before locking c-mtx...

6.3CVSS5.9AI score0.00227EPSS
Exploits0References1
NVD
NVD
added 2026/05/29 8:16 p.m.20 views

CVE-2026-45151

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In 0.24.8 and earlier, quicstreamrecv can dereference a null substream pointer when a substream is in reopen state. The code finishes the AIO with error but does not return before locking c-mtx...

6.3CVSS0.00227EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/29 7:30 p.m.12 views

CVE-2026-45151

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In 0.24.8 and earlier, quicstreamrecv can dereference a null substream pointer when a substream is in reopen state. The code finishes the AIO with error but does not return before locking c-mtx...

6.3CVSS5.9AI score0.00227EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/05/29 7:30 p.m.4 views

CVE-2026-45151 NanoMQ: NULL Pointer Dereference

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In 0.24.8 and earlier, quicstreamrecv can dereference a null substream pointer when a substream is in reopen state. The code finishes the AIO with error but does not return before locking c-mtx...

6.3CVSS6AI score0.00227EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/29 7:30 p.m.42 views

CVE-2026-45151 NanoMQ: NULL Pointer Dereference

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In 0.24.8 and earlier, quicstreamrecv can dereference a null substream pointer when a substream is in reopen state. The code finishes the AIO with error but does not return before locking c-mtx...

6.3CVSS0.00227EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/29 7:30 p.m.10 views

CVE-2026-45151 NanoMQ: NULL Pointer Dereference

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In 0.24.8 and earlier, quicstreamrecv can dereference a null substream pointer when a substream is in reopen state. The code finishes the AIO with error but does not return before locking c-mtx...

6.3CVSS5.9AI score0.00227EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/29 7:30 p.m.14 views

EUVD-2026-33429

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In 0.24.8 and earlier, quicstreamrecv can dereference a null substream pointer when a substream is in reopen state. The code finishes the AIO with error but does not return before locking c-mtx...

6.3CVSS5.9AI score0.00227EPSS
Exploits0References1
CVE
CVE
added 2026/05/29 7:30 p.m.45 views

CVE-2026-45151

NanoMQ (0.24.8 and earlier) contains a NULL substream pointer dereference in quic_stream_recv when a substream is reopening. The vulnerable code finishes AIO with an error but does not return before locking c->mtx, indicating a potential NULL dereference and an unlocked/locked state issue in t...

6.3CVSS5.9AI score0.00227EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.26 views

PT-2026-44986

Name of the Vulnerable Software and Affected Versions NanoMQ versions prior to 0.24.9 Description NanoMQ is an Edge Messaging Platform. A null pointer dereference can occur in the quic stream recv function when a substream is in a reopen state. The system completes the Asynchronous I/O AIO...

6.3CVSS5.8AI score0.00227EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.12 views

NanoMQ 代码问题漏洞

NanoMQ is an open-source IoT edge platform broker developed by EMQ in the United States. Versions of NanoMQ prior to 0.24.8 have code vulnerabilities. These vulnerabilities stem from the quicstreamrecv function, which cancels references to empty substream pointers when the substream is reopened,...

6.3CVSS5.9AI score0.00227EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: cachefiles: Cyclic allocation of msgid to avoid reuse. Reusing the msgid after a maliciously completed reopen request may cause a read request to remain unprocessed, resulting in a hung task, as shown below: t1 | t2 | t3...

7.8CVSS6.3AI score0.00282EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/06 12:30 p.m.7 views

EUVD-2026-27797

In the Linux kernel, the following vulnerability has been resolved: drm/atmel-hlcdc: fix use-after-free of drmcrtccommit after release The atmelhlcdcplaneatomicduplicatestate callback was copying the atmelhlcdcplane state structure without properly duplicating the drmplanestate. In particular,...

5.8AI score0.00135EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2026/05/02 1:25 a.m.12 views

SUSE CVE-2026-31718

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbdclosefd via durable scavenger When a durable file handle survives session disconnect TCP close without SMB2LOGOFF, sessionfdcheck sets fp-conn = NULL to preserve the handle for later reconnection...

7.5CVSS5.7AI score0.00356EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/01 1:56 p.m.36 views

CVE-2026-31718 ksmbd: fix use-after-free in __ksmbd_close_fd() via durable scavenger

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbdclosefd via durable scavenger When a durable file handle survives session disconnect TCP close without SMB2LOGOFF, sessionfdcheck sets fp-conn = NULL to preserve the handle for later reconnection...

9.8CVSS0.00356EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/01 1:56 p.m.10 views

CVE-2026-31718

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbdclosefd via durable scavenger When a durable file handle survives session disconnect TCP close without SMB2LOGOFF, sessionfdcheck sets fp-conn = NULL to preserve the handle for later reconnection...

9.8CVSS5.7AI score0.00356EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.11 views

PT-2026-36348

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the ksmbd module of the Linux kernel. When a durable file handle persists after a session disconnect TCP close without SMB2 LOGOFF, the session fd check...

9.8CVSS5.8AI score0.00817EPSS
Exploits10References374
OSV
OSV
added 2026/04/29 1:21 p.m.8 views

JLSEC-2026-314

HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5Tcopyreopen in H5T.c, resulting in the corruption of the instruction pointer...

7.4CVSS8.2AI score0.00239EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/03/20 8:1 a.m.4 views

media: dvb-core: fix wrong reinitialization of ringbuffer on reopen

...

7.8CVSS5.8AI score0.00129EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2026/03/18 6:16 p.m.4 views

CVE-2026-23253

In the Linux kernel, the following vulnerability has been resolved: media: dvb-core: fix wrong reinitialization of ringbuffer on reopen dvbdvropen calls dvbringbufferinit when a new reader opens the DVR device. dvbringbufferinit calls initwaitqueuehead, which reinitializes the waitqueue list head...

7.8CVSS5.9AI score0.00129EPSS
Exploits0References6
OSV
OSV
added 2026/03/18 5:1 p.m.3 views

CVE-2026-23253 media: dvb-core: fix wrong reinitialization of ringbuffer on reopen

In the Linux kernel, the following vulnerability has been resolved: media: dvb-core: fix wrong reinitialization of ringbuffer on reopen dvbdvropen calls dvbringbufferinit when a new reader opens the DVR device. dvbringbufferinit calls initwaitqueuehead, which reinitializes the waitqueue list head...

7.8CVSS5.9AI score0.00129EPSS
Exploits0References11
Rows per page
Query Builder