Lucene search
K

6096 matches found

Debian CVE
Debian CVE
added 2026/06/24 4:28 p.m.3 views

CVE-2026-52971

In the Linux kernel, the following vulnerability has been resolved: net: ena: PHC: Fix potential use-after-free in gettimestamp Move the phc-active check and resp pointer assignment to after acquiring the spinlock. Previously, phc-active was checked without holding the lock, and resp was cached...

7.8CVSS5.6AI score0.00133EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/24 4:28 p.m.4 views

CVE-2026-52966

In the Linux kernel, the following vulnerability has been resolved: drm: Replace old pointer to new idr Commit 5e28b7b94408 introduced a logical error by failing to replace the newly generated IDR pointer to old id's pointer at the correct location within the "change handle" logic; this resulted ...

5.8AI score0.00186EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/24 4:28 p.m.4 views

CVE-2026-52961

In the Linux kernel, the following vulnerability has been resolved: ceph: fix BUGON in cephbuildxattrsblob due to stale blob size The generic/642 test-case can reproduce the kernel crash: 40243.605254 ------------ cut here ------------ 40243.605956 kernel BUG at fs/ceph/xattr.c:918! 40243.607142...

5.7AI score0.00198EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/24 4:28 p.m.5 views

CVE-2026-52957

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential null-ptr-deref in decodechooseargs A message of type CEPHMSGOSDMAP contains an OSD map that itself contains a CRUSH map. When decoding this CRUSH map in crushdecode, an array of maxbuckets CRUSH buckets is...

7.5CVSS5.6AI score0.0053EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/24 4:28 p.m.5 views

CVE-2026-52958

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in osdmapdecode When decoding osdstate and osdweight from an incoming osdmap in osdmapdecode, both are decoded for each osd, i.e., map-maxosd times. The cephdecodeneed check only accoun...

9.1CVSS5.7AI score0.00544EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/24 4:28 p.m.4 views

CVE-2026-52956

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in cephxdecrypt In cephxdecrypt, a part of the buffer p is interpreted as a cephxencryptheader, and the magic field of this struct is accessed. This happens without any guarantee that t...

7.5CVSS5.8AI score0.00359EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/24 4:28 p.m.5 views

CVE-2026-52952

In the Linux kernel, the following vulnerability has been resolved: iommu: Fix WARNON in iommugroupsetdomainnofail due to reset In iommugroupsetdomaininternal, concurrent domain attachments are rejected when any device in the group is recovering. This is necessary to fence concurrent attachments ...

8.8CVSS5.6AI score0.00131EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/24 4:28 p.m.5 views

CVE-2026-52949

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Fix ttmboshrink infinite LRU walk on backup failure Apply the same fix as b2ed01e7ad "drm/ttm: Fix ttmboswapout infinite LRU walk on swapout failure" to the ttmboshrink path. Move delbulkmove from before the backup to...

5.7AI score0.00162EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/24 4:26 p.m.3 views

CVE-2026-52945

In the Linux kernel, the following vulnerability has been resolved: Revert "wireguard: device: enable threaded NAPI" This reverts commit 933466fc50a8e4eb167acbd0d8ec96a078462e9c which is commit db9ae3b6b43c79b1ba87eea849fd65efa05b4b2e upstream. We have had three independent production user report...

7.5CVSS5.7AI score0.00307EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/22 6:28 a.m.8 views

kernel: libceph: prevent potential out-of-bounds reads in handle_auth_done()

In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in handleauthdone Perform an explicit bounds check on payloadlen to avoid a possible out-of-bounds access in the callout. idryomov: changelog...

9.8CVSS5.7AI score0.00351EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/06/19 2:43 p.m.12 views

CVE-2026-52909

In the Linux kernel, the following vulnerability has been resolved: ip6vti: set netnsimmutable on the fallback device. john1988 and Noam Rathaus reported that vti6initnet does not set the netnsimmutable flag on the per-netns fallback tunnel device ip6vti0. Other similar tunnel drivers like...

7.8CVSS5.7AI score0.0012EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/19 2:43 p.m.5 views

CVE-2026-52910

In the Linux kernel, the following vulnerability has been resolved: bpf: Free reuseport cBPF prog after RCU grace period. Eulgyu Kim reported the splat below with a repro. 0 The repro sets up a UDP reuseport group with a cBPF prog and replaces it with a new one while another thread is sending a U...

7.8CVSS5.6AI score0.00102EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: PM: sleep: Fixed possible deadlocks in the system-wide PM code. It is reported that in low-memory situations, the system-wide resume core code may lead to deadlocks. This occurs because asyncscheduledev executes its argument...

5.5CVSS5.6AI score0.00238EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mm: slub: Fix the invocation of flushcpuslab and freeslab in the task context. The commit 5a836bf6b09f “mm: slub: Move the invocation of flushcpuslab and freeslab out of the IRQ context” fixes this issue by moving all invocations...

7.8CVSS6AI score0.00242EPSS
Exploits0References2
Circl
Circl
added 2026/06/17 1:56 a.m.6 views

CVE-2026-12447

creationtimestamp| type| source ---|---|--- 2026-06-17 01:56:44+00:00| seen| https://www.acn.gov.it/portale/w/risolte-vulnerabilita-in-google-chrome-56 2026-06-21 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260622 2026-06-21 18:00:00+00:0...

8.8CVSS5.9AI score0.00417EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/06/16 7:9 p.m.9 views

Deno: Node TCPWrap numeric hostname aliases bypass --deny-net resolved-IP deny checks

Summary Deno's network permission model is designed so that --deny-net rules apply to the resolved IP address of a destination, not just the literal string supplied by the caller. That means --deny-net=127.0.0.1 or --deny-net=127.0.0.0/8 is expected to block any attempt to reach loopback,...

6.5CVSS5.5AI score0.00111EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/06/16 8:16 a.m.5 views

UBUNTU-CVE-2026-46331

In the Linux kernel, the following vulnerability has been resolved: net/sched: fix pedit partial COW leading to page cache corruption tcfpeditact computes the COW range for skbensurewritable once before the key loop using tcfpoffmaxhint, but the hint does not account for the runtime header offset...

8.5CVSS5.7AI score0.00259EPSS
Exploits9References3
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.18 views

PT-2026-50153

Name of the Vulnerable Software and Affected Versions Deno versions prior to 2.8.1 Description When the fetch function is called, the runtime validates the destination hostname against --deny-net rules but fails to re-verify the IP addresses that the hostname resolves to. This allows an...

5.2CVSS5.9AI score0.00101EPSS
Exploits0References4
Snyk
Snyk
added 2026/06/15 8:38 p.m.6 views

Use of Incorrectly-Resolved Name or Reference

Overview starlette is a The little ASGI library that shines. Affected versions of this package are vulnerable to Use of Incorrectly-Resolved Name or Reference in the reconstruction of request.url when the HTTP request path does not begin with /. An attacker can mislead the application into trusti...

8.3CVSS5.3AI score0.00187EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/08 3:50 p.m.11 views

CVE-2026-46314

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Reject empty multisync extension to prevent infinite loop v3dgetextensions walks a userspace-provided singly-linked list of ioctl extensions without any bound on the chain length. A local user can craft a self-referentia...

5.4AI score0.00157EPSS
Exploits0
Rows per page
Query Builder