Lucene search
K

2091 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in p7zip

7-Zip 22.01 does not report an error for certain invalid xz files that involve block flags and reserved bits. Some later versions are unaffected...

3.3CVSS4.7AI score0.00215EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: ext4: Add a check for reserved GDT blocks We have identified a NULL pointer issue when resizing a corrupted ext4 image that has recently had the resize inode feature disabled without running e2fsck. This issue can be reproduced b...

5.5CVSS6.1AI score0.00272EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: NVMe: Fixed the failure to reconnect due to reserved tag allocation. We identified an issue in a production environment while using NVMe over RDMA. The reconnection of adminq failed indefinitely, even when the remote target and...

5.5CVSS6.3AI score0.00174EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: LoongArch: All reserved memblocks on Node0 are set at initialization. After the commit 61167ad5fecdea "mm: pass nid to reservebootmemregion", a panic occurs if DEFERREDSTRUCTPAGEINIT is enabled: 0.000000 CPU 0 Unable to handle...

5.5CVSS5.9AI score0.00222EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm – Requesting a reserved interrupt for the virtual function The device interrupt vector 3 is an error interrupt for physical functions, and it is also a reserved interrupt for virtual functions. However, the...

5.7AI score0.00182EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: riscv: fixed the reserved memory setup Currently, RISC-V sets up reserved memory using the “early” copy of the device tree. As a result, when trying to access a reserved memory region using ofreservedmemlookup, the pointer to the...

7.1CVSS6.2AI score0.00171EPSS
Exploits0References2
MariaDBUnix
MariaDBUnix
added 2026/05/18 12:0 a.m.12 views

CVE-2026-44171

Disclaimer: This data contains information about vulnerable...

5.7AI score0.00135EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/18 12:0 a.m.14 views

PT-2026-41772

Name of the Vulnerable Software and Affected Versions parse-nested-form-data versions prior to 1.0.1 Description The parseFormData function processes bracket and dot-notation FormData field names into nested objects without filtering reserved property keys. An attacker can use a FormData field na...

8.2CVSS5.8AI score0.00315EPSS
Exploits0References6
MariaDBUnix
MariaDBUnix
added 2026/05/18 12:0 a.m.11 views

CVE-2026-44170

Disclaimer: This data contains information about vulnerable...

5.7AI score0.00797EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/15 7:22 p.m.50 views

CVE-2026-45331 Open WebUI: Full SSRF Vulnerability in the RAG Web Search Feature

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, validateurl in backend/openwebui/retrieval/web/utils.py calls validators.ipv6ip, private=True, but the validators library does NOT implement the private keyword for IPv6 — the call...

8.5CVSS0.00286EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/05/15 1:57 p.m.9 views

CVE-2026-45392

DOM-based cross-site scripting XSS in Cribl Stream before 4.17.1 allows a remote attacker to execute arbitrary JavaScript in the browser of an authenticated user who is tricked into visiting a crafted URL and interacting with the page...

9.8CVSS5.9AI score0.00281EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/15 1:57 p.m.10 views

CVE-2026-45391

A command injection vulnerability in Cribl Edge for Linux versions 3.2.0 through 4.17.0 allows a local unprivileged user to execute arbitrary commands in the context of the Cribl Edge service account...

9.8CVSS6.1AI score0.00889EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/15 1:57 p.m.9 views

CVE-2026-45393

A vulnerability chain in Cribl Edge for Windows before 4.17.1 allows a local authenticated user to escalate privileges to NT AUTHORITY\SYSTEM. Incorrect default permissions on the Windows installer's authentication directory CWE-276 expose a cryptographic secret used for JWT signing and...

9.8CVSS5.8AI score0.00221EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.14 views

Open WebUI 代码问题漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.9.0 had code vulnerabilities. These vulnerabilities stemmed from the validators.ipv6 function in validateurl, which did not implement the private keyword for IPv6. A...

8.5CVSS5.9AI score0.00286EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2026/05/12 3:34 a.m.15 views

SUSE CVE-2025-71300

In the Linux kernel, the following vulnerability has been resolved: Revert "arm64: zynqmp: Add an OP-TEE node to the device tree" This reverts commit 06d22ed6b6635b17551f386b50bb5aaff9b75fbe. OP-TEE logic in U-Boot automatically injects a reserved-memory node along with optee firmware node to...

5.5CVSS5.8AI score0.00138EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/12 3:31 a.m.9 views

EUVD-2026-29355

Reserved. Details will be published at disclosure...

5.8AI score0.00889EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/12 3:31 a.m.10 views

EUVD-2026-29357

Reserved. Details will be published at disclosure...

5.8AI score0.00281EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/12 3:31 a.m.11 views

EUVD-2026-29358

Reserved. Details will be published at disclosure...

5.8AI score0.00221EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/12 3:30 a.m.8 views

SUSE CVE-2026-43347

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: monaco: Reserve full Gunyah metadata region We observe spurious "Synchronous External Abort" exceptions ESR=0x96000010 and kernel crashes on Monaco-based platforms. These faults are caused by the kernel...

7.5CVSS5.8AI score0.00335EPSS
Exploits0References3
NVD
NVD
added 2026/05/12 2:16 a.m.18 views

CVE-2026-45391

A command injection vulnerability in Cribl Edge for Linux versions 3.2.0 through 4.17.0 allows a local unprivileged user to execute arbitrary commands in the context of the Cribl Edge service account...

9.8CVSS0.00889EPSS
Exploits0References2
Rows per page
Query Builder