Lucene search
K

389 matches found

CVE
CVE
added 2026/03/20 8:8 a.m.28 views

CVE-2026-23275

CVE-2026-23275 (Linux kernel, io_uring): The issue arises when DEFER_TASKRUN | SETUP_TASKRUN are used and task work is added while the ring is resized, allowing an overlap window where IORING_SQ_TASKRUN could be OR’ed on the old/new rings during swapping. The fix adds a 2nd rings pointer, →rings_...

7.8CVSS5.6AI score0.00121EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/03/20 8:8 a.m.4 views

CVE-2026-23275 io_uring: ensure ctx->rings is stable for task work flags manipulation

In the Linux kernel, the following vulnerability has been resolved: iouring: ensure ctx-rings is stable for task work flags manipulation If DEFERTASKRUN | SETUPTASKRUN is used and task work is added while the ring is being resized, it's possible for the OR'ing of IORINGSQTASKRUN to happen in the...

7.8CVSS5.7AI score0.00121EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/03/20 8:8 a.m.21 views

CVE-2026-23275 io_uring: ensure ctx->rings is stable for task work flags manipulation

In the Linux kernel, the following vulnerability has been resolved: iouring: ensure ctx-rings is stable for task work flags manipulation If DEFERTASKRUN | SETUPTASKRUN is used and task work is added while the ring is being resized, it's possible for the OR'ing of IORINGSQTASKRUN to happen in the...

7.8CVSS0.00121EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.6 views

PT-2026-26764

Name of the Vulnerable Software and Affected Versions Vikunja versions prior to 2.2.0 Description The software is susceptible to a denial-of-service DoS condition triggered by unbounded image decoding and resizing during preview generation. An attacker can exploit this by providing a highly...

6.5CVSS5.8AI score0.00318EPSS
Exploits1References6
GitLab Advisory Database
GitLab Advisory Database
added 2026/03/20 12:0 a.m.9 views

Vikunja Affected by DoS via Image Preview Generation

Vulnerability: Unbounded image decoding and resizing during preview generation lets an attacker exhaust CPU and memory with highly compressed but extremely large-dimension images. - Affected code: - Decoding without bounds: taskattachment.go:GetPreview - Resizing path: resizeImage - Endpoint...

6.5CVSS5.8AI score0.00318EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2026/02/18 12:0 a.m.8 views

OpenStack Nova 安全漏洞

OpenStack Nova is a core computing service component of the OpenStack open-source framework. Versions of OpenStack Nova prior to 30.2.2, 31.2.1, and 32.1.1 have security vulnerabilities. These vulnerabilities stem from the Flat image backend’s failure to apply format restrictions when processing...

8.2CVSS5.8AI score0.00341EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2026/02/17 4:40 p.m.3 views

USN-8049-1: Nova vulnerability

Dan Smith discovered that Nova incorrectly called qemu-img without a format restriction when resizing disks. An attacker could possibly use this issue to destroy data on the host system...

8.2CVSS5.6AI score0.00341EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/02/17 12:0 a.m.4 views

PT-2026-20566

Dan Smith discovered that Nova incorrectly called qemu-img without a format restriction when resizing disks. An attacker could possibly use this issue to destroy data on the host system...

8.2CVSS5.6AI score0.00341EPSS
Exploits0References3
Fedora
Fedora
added 2026/02/08 1:12 a.m.5 views

[SECURITY] Fedora 43 Update: xorgxrdp-0.10.5-1.fc43

xorgxrdp is a set of X11 modules that make Xorg act as a backend for xrdp. Xorg with xorgxrdp is the most advanced xrdp backend with support for screen resizing and multiple monitors...

9.8CVSS5.2AI score0.01318EPSS
Exploits0
Fedora
Fedora
added 2026/02/08 12:53 a.m.6 views

[SECURITY] Fedora 42 Update: xorgxrdp-0.10.5-1.fc42

xorgxrdp is a set of X11 modules that make Xorg act as a backend for xrdp. Xorg with xorgxrdp is the most advanced xrdp backend with support for screen resizing and multiple monitors...

9.8CVSS5.2AI score0.01318EPSS
Exploits0
OSV
OSV
added 2026/02/04 12:14 a.m.4 views

GHSA-HRR4-3WGR-68X3 Navidrome affected by Denial of Service and disk exhaustion via oversized `size` parameter in `/rest/getCoverArt` and `/share/img/<token>` endpoints

Summary Authenticated users can crash the Navidrome server by supplying an excessively large size parameter to /rest/getCoverArt or to a shared-image URL /share/img/. When processing such requests, the server attempts to create an extremely large resized image, causing uncontrolled memory growth...

9.2CVSS5.5AI score0.00455EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.7 views

MiracleLinux 3 : nss_ldap-253-12AXS3 (AXSA:2008-381:03)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2008-381:03 advisory. The nssldap package contains the nssldap and pamldap modules. The nssldap module is a plug-in which allows applications to retrieve information about users an...

4.3CVSS5.6AI score0.01164EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.10 views

MiracleLinux 8 : kernel-4.18.0-553.66.1.el8_10 (AXSA:2025-10755:54)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10755:54 advisory. kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtphidremove CVE-2025-21928 kernel: memstick: rtsxusbms: Fix slab-use-after-free in...

7.8CVSS6.9AI score0.00203EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.7 views

MiracleLinux 7 : kernel-3.10.0-1160.119.1.0.14.el7.AXS7 (AXSA:2025-10933:76)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10933:76 advisory. x86/kvm: Disable kvmclock on all CPUs on shutdown CVE-2021-47110 posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel...

7.8CVSS7.2AI score0.01345EPSS
Exploits8References42
Tenable Nessus
Tenable Nessus
added 2025/12/30 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992425)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992425 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: avoid resizing to a partial cluster size This patch avoids an attempt to resize the...

5.5CVSS6AI score0.00157EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/11 12:0 a.m.4 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991147)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991147 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: avoid resizing to a partial cluster size This patch avoids an attempt to resize the...

5.5CVSS6AI score0.00157EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/12/10 3:26 a.m.9 views

CVE-2023-53800

In the Linux kernel, the following vulnerability has been resolved: ubi: Fix use-after-free when volume resizing failed There is an use-after-free problem reported by KASAN: ================================================================== BUG: KASAN: use-after-free in ubiebacopytable+0x11f/0x1c...

7CVSS5.7AI score0.00165EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/12/10 12:36 a.m.4 views

SUSE CVE-2023-53800

In the Linux kernel, the following vulnerability has been resolved: ubi: Fix use-after-free when volume resizing failed There is an use-after-free problem reported by KASAN: ================================================================== BUG: KASAN: use-after-free in ubiebacopytable+0x11f/0x1c...

6.5AI score0.00165EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/12/10 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2023-53800

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ubi: Fix use-after-free when volume resizing failed There is an use-after-free problem reported by KASAN:...

6.2AI score0.00165EPSS
Exploits0References3
NVD
NVD
added 2025/12/09 1:16 a.m.3 views

CVE-2023-53800

In the Linux kernel, the following vulnerability has been resolved: ubi: Fix use-after-free when volume resizing failed There is an use-after-free problem reported by KASAN: ================================================================== BUG: KASAN: use-after-free in ubiebacopytable+0x11f/0x1c...

0.00165EPSS
Exploits0References8
Rows per page
Query Builder