Lucene search
+L

2100 matches found

astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: rcv: move memblockallowresize after linear mapping is ready The initial memblock metadata is accessed from the kernel image mapping. The regions arrays need to be “reallocated” from memblock and accessed through linear mapping to...

5.7AI score0.00195EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Change AMDGPUVARESERVEDTRAPSIZE to 64KB Currently, AMDGPUVARESERVEDTRAPSIZE is hardcoded to 8KB, while KFDCWSRTBATMASIZE is defined as 2 PAGESIZE. On systems with 4K pages, both values match 8KB, so allocation and...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: mm,hugetlb: Take the hugetlblock before decrementing h-resvhugepages. The h-hugepages counters are protected by the hugetlblock, but allochugepage has a corner-case scenario where it can decrement the counter outside of the lock...

5.5CVSS5.9AI score0.00147EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: sdm845-db845c: Marking the splash memory region as reserved. A reserved memory region was added for the framebuffer memory the splash memory region set up by the bootloader. This fix resolves a kernel panic...

5.5CVSS5.6AI score0.00225EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: “arm64: zynqmp: Add an OP-TEE node to the device tree” This issue has been resolved through the commit 06d22ed6b6635b17551f386b50bb5aaff9b75fbe. OP-TEE logic in U-Boot automatically inserts a reserved-memory node along with the...

5.5CVSS6AI score0.00138EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: ext4: Add a check for reserved GDT blocks We have identified a NULL pointer issue when resizing a corrupted ext4 image that has recently had the resize inode feature disabled without running e2fsck. This issue can be reproduced b...

5.5CVSS6.1AI score0.00272EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: NVMe: Fixed the failure to reconnect due to reserved tag allocation. We identified an issue in a production environment while using NVMe over RDMA. The reconnection of adminq failed indefinitely, even when the remote target and...

5.5CVSS6.3AI score0.00174EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in p7zip

7-Zip 22.01 does not report an error for certain invalid xz files that involve block flags and reserved bits. Some later versions are unaffected...

3.3CVSS4.7AI score0.00216EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fixed the kernel stack leak in irdmacreateuserah. struct irdmacreateahresp // 8 bytes, no padding u32 ahid; // Offset 0 – SET uresp.ahid = ah-scah.ahinfo.ahidx u8 rsvd4; // Offset 4 – NEVER SET - LEAK ; The rsvd4 fiel...

5.5CVSS5.3AI score0.00125EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: LoongArch: All reserved memblocks on Node0 are set at initialization. After the commit 61167ad5fecdea "mm: pass nid to reservebootmemregion", a panic occurs if DEFERREDSTRUCTPAGEINIT is enabled: 0.000000 CPU 0 Unable to handle...

5.5CVSS5.9AI score0.00222EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses Since commit a4d5613c4dc6 “arm: extend pfnvalid to take into account freed memory map alignment” changes the semantics of pfnvalid to check the presence ...

5.5CVSS5.6AI score0.0023EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9k – Do not allow overwriting of ENDPOINT0 attributes A malicious USB device can construct a service connection response message with the target endpoint being ENDPOINT0, which is reserved for HTCCTRLRSVDSVC and should n...

5.5CVSS5.9AI score0.00149EPSS
Exploits0References2
mariadbunix
mariadbunix
added 2026/05/18 12:0 a.m.17 views

CVE-2026-44171

Disclaimer: This data contains information about vulnerable...

5.7AI score0.00135EPSS
Exploits0
mariadbunix
mariadbunix
added 2026/05/18 12:0 a.m.11 views

CVE-2026-44170

Disclaimer: This data contains information about vulnerable...

5.7AI score0.00797EPSS
Exploits0
ptsecurity
ptsecurity
added 2026/05/18 12:0 a.m.16 views

PT-2026-41772

Name of the Vulnerable Software and Affected Versions parse-nested-form-data versions prior to 1.0.1 Description The parseFormData function processes bracket and dot-notation FormData field names into nested objects without filtering reserved property keys. An attacker can use a FormData field na...

8.2CVSS5.8AI score0.00315EPSS
Exploits0References6
cvelist
cvelist
added 2026/05/15 7:22 p.m.50 views

CVE-2026-45331 Open WebUI: Full SSRF Vulnerability in the RAG Web Search Feature

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, validateurl in backend/openwebui/retrieval/web/utils.py calls validators.ipv6ip, private=True, but the validators library does NOT implement the private keyword for IPv6 — the call...

8.5CVSS0.00286EPSS
Exploits1References1
redhatcve
redhatcve
added 2026/05/15 1:57 p.m.10 views

CVE-2026-45391

A command injection vulnerability in Cribl Edge for Linux versions 3.2.0 through 4.17.0 allows a local unprivileged user to execute arbitrary commands in the context of the Cribl Edge service account...

9.8CVSS6.1AI score0.00889EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/05/15 1:57 p.m.10 views

CVE-2026-45392

DOM-based cross-site scripting XSS in Cribl Stream before 4.17.1 allows a remote attacker to execute arbitrary JavaScript in the browser of an authenticated user who is tricked into visiting a crafted URL and interacting with the page...

9.8CVSS5.9AI score0.00281EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/05/15 1:57 p.m.10 views

CVE-2026-45393

A vulnerability chain in Cribl Edge for Windows before 4.17.1 allows a local authenticated user to escalate privileges to NT AUTHORITY\SYSTEM. Incorrect default permissions on the Windows installer's authentication directory CWE-276 expose a cryptographic secret used for JWT signing and...

9.8CVSS5.8AI score0.00221EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/15 12:0 a.m.14 views

Open WebUI 代码问题漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.9.0 had code vulnerabilities. These vulnerabilities stemmed from the validators.ipv6 function in validateurl, which did not implement the private keyword for IPv6. A...

8.5CVSS5.9AI score0.00286EPSS
Exploits1References1
Rows per page
Query Builder