Lucene search
K

100 matches found

RedHat Linux
RedHat Linux
added 2026/07/08 4:26 a.m.6 views

kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache

A flaw was found in the Linux kernel's NFSv4.0 server nfsd. A remote, unauthenticated attacker can exploit this heap overflow vulnerability in the NFSv4.0 LOCK replay cache. By using two cooperating NFSv4.0 clients, where one sets a lock with a large owner string and another requests a conflictin...

9.8CVSS6.8AI score0.0049EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/08 4:21 a.m.4 views

kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache

A flaw was found in the Linux kernel's NFSv4.0 server nfsd. A remote, unauthenticated attacker can exploit this heap overflow vulnerability in the NFSv4.0 LOCK replay cache. By using two cooperating NFSv4.0 clients, where one sets a lock with a large owner string and another requests a conflictin...

9.8CVSS6.8AI score0.0049EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/08 4:12 a.m.9 views

Important: Red Hat Security Advisory: kpatch-patch-5_14_0-427_100_1, kpatch-patch-5_14_0-427_113_1, kpatch-patch-5_14_0-427_126_1, kpatch-patch-5_14_0-427_68_2, and kpatch-patch-5_14_0-427_84_1 security update

An update for multiple packages is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.8CVSS6AI score0.0049EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/07/08 4:12 a.m.8 views

kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache

A flaw was found in the Linux kernel's NFSv4.0 server nfsd. A remote, unauthenticated attacker can exploit this heap overflow vulnerability in the NFSv4.0 LOCK replay cache. By using two cooperating NFSv4.0 clients, where one sets a lock with a large owner string and another requests a conflictin...

9.8CVSS6.6AI score0.0049EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/08 4:8 a.m.11 views

kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache

A flaw was found in the Linux kernel's NFSv4.0 server nfsd. A remote, unauthenticated attacker can exploit this heap overflow vulnerability in the NFSv4.0 LOCK replay cache. By using two cooperating NFSv4.0 clients, where one sets a lock with a large owner string and another requests a conflictin...

9.8CVSS6.6AI score0.0049EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.11 views

SUSE SLES15: kernel-livepatch-6_4_0-150600_23_95-default / etc (SUSE-SU-2026:2520-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2520-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.95 fixes various security issues The following security issues were fixed: -...

9.8CVSS6.7AI score0.0049EPSS
Exploits8References17
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.26 views

SUSE SLES12 Security Update : kernel (Live Patch 69 for SUSE Linux Enterprise 12 SP5) (SUSE-SU-2026:2494-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2494-1 advisory. This update for the SUSE Linux Enterprise Kernel 4.12.14-122.261 fixes various security issues The following security issues were fixed: -...

9.8CVSS6.7AI score0.0049EPSS
Exploits7References13
OSV
OSV
added 2026/06/25 11:39 a.m.2 views

SUSE-SU-2026:22476-1 Security update for the Linux Kernel (Live Patch 23 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-46.1 fixes various security issues The following security issues were fixed: - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. - CVE-2026-31504: net: fix fanout UAF in packetrelease via NETDEVUP race bsc126308...

9.8CVSS6AI score0.0049EPSS
Exploits8References12
OSV
OSV
added 2026/06/25 11:19 a.m.3 views

SUSE-SU-2026:22390-1 Security update for the Linux Kernel (Live Patch 3 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.8.1 fixes various security issues The following security issues were fixed: - CVE-2026-23278: netfilter: nftables: always walk all pending catchall elements bsc1260907. - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay...

9.8CVSS6.7AI score0.0049EPSS
Exploits8References16
OSV
OSV
added 2026/06/25 11:19 a.m.2 views

SUSE-SU-2026:22388-1 Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.28.1 fixes various security issues The following security issues were fixed: - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. - CVE-2026-31504: net: fix fanout UAF in packetrelease via NETDEVUP race...

9.8CVSS6.7AI score0.0049EPSS
Exploits8References14
RedhatCVE
RedhatCVE
added 2026/06/24 8:44 p.m.10 views

CVE-2026-41000

A flaw was found in Spring Web Services. The security interceptor in the affected component did not properly integrate replay cache mechanisms. This vulnerability could allow a remote attacker to bypass replay protections for security tokens, such as UsernameToken nonces and SAML one-time-use...

3.7CVSS5.8AI score0.00223EPSS
Exploits0References4
OSV
OSV
added 2026/06/24 9:59 a.m.2 views

SUSE-SU-2026:22491-1 Security update for the Linux Kernel RT (Live Patch 23 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-46.1 fixes various security issues The following security issues were fixed: - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. - CVE-2026-31504: net: fix fanout UAF in packetrelease via NETDEVUP race bsc126308...

9.8CVSS6AI score0.0049EPSS
Exploits8References12
OSV
OSV
added 2026/06/24 9:48 a.m.3 views

SUSE-SU-2026:22472-1 Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-35.1 fixes various security issues The following security issues were fixed: - CVE-2026-23278: netfilter: nftables: always walk all pending catchall elements bsc1260907. - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache...

9.8CVSS6AI score0.0049EPSS
Exploits8References14
OSV
OSV
added 2026/06/24 9:39 a.m.5 views

SUSE-SU-2026:22397-1 Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-33.1 fixes various security issues The following security issues were fixed: - CVE-2026-23278: netfilter: nftables: always walk all pending catchall elements bsc1260907. - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache...

9.8CVSS6.2AI score0.0049EPSS
Exploits8References14
OSV
OSV
added 2026/06/23 11:34 a.m.3 views

SUSE-SU-2026:2549-1 Security update for the Linux Kernel (Live Patch 71 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise Kernel 4.12.14-122.269 fixes various security issues The following security issues were fixed: - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. - CVE-2026-31504: net: fix fanout UAF in packetrelease via NETDEVUP race...

9.8CVSS5.9AI score0.0049EPSS
Exploits7References9
OSV
OSV
added 2026/06/23 7:4 a.m.3 views

SUSE-SU-2026:2518-1 Security update for the Linux Kernel (Live Patch 70 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise Kernel 4.12.14-122.266 fixes various security issues The following security issues were fixed: - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. - CVE-2026-31504: net: fix fanout UAF in packetrelease via NETDEVUP race...

9.8CVSS6.4AI score0.0049EPSS
Exploits7References9
OSV
OSV
added 2026/06/23 5:4 a.m.3 views

SUSE-SU-2026:2511-1 Security update for the Linux Kernel (Live Patch 47 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.187 fixes various security issues The following security issues were fixed: - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. - CVE-2026-31504: net: fix fanout UAF in packetrelease via NETDEVUP rac...

9.8CVSS6.4AI score0.0049EPSS
Exploits8References11
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.13 views

PT-2026-51076

Name of the Vulnerable Software and Affected Versions CoreWCF versions prior to 1.8.1 CoreWCF versions prior to 1.9.1 Description SAML token replay protection is inoperative because the DefaultTokenReplayCache.TryAdd function does not reject duplicate tokens when DetectReplayedTokens is enabled...

5.9CVSS5.9AI score0.00268EPSS
Exploits0References12
NVD
NVD
added 2026/06/11 7:16 a.m.14 views

CVE-2026-41000

Wss4jSecurityInterceptor did not consistently wire Apache WSS4J ReplayCache instances into RequestData for validation-time checks. As a result, protections against replay of UsernameToken nonces and creation timestamps, Timestamp elements, and certain SAML one-time-use semantics could be...

3.7CVSS0.00223EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/11 5:4 a.m.11 views

CVE-2026-41000 WSS4J validation does not use configured replay cache

Wss4jSecurityInterceptor did not consistently wire Apache WSS4J ReplayCache instances into RequestData for validation-time checks. As a result, protections against replay of UsernameToken nonces and creation timestamps, Timestamp elements, and certain SAML one-time-use semantics could be...

3.7CVSS5.4AI score0.00223EPSS
Exploits0References1
Rows per page
Query Builder