Lucene search
K

649 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: hns3 – Fixed the double-free issue with the tx spare buffer. In the function hns3setringparam, a temporary copy of the ring structure tmprings is created for rollback purposes. However, the txspare pointer in the original ri...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/06/09 10:46 a.m.72 views

Exploit for Use After Free in Linux Linux_Kernel

🐧 CVE-2026-23111 - Linux Kernel nftables Use-After-Free Vulne...

7.8CVSS5.6AI score0.00344EPSS
Exploits7
EUVD
EUVD
added 2026/05/29 4:40 p.m.10 views

EUVD-2026-33361

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.19.0 and earlier, the protectedProcedure middleware only verifies the user is authenticated - it does NOT enforce organization scoping. Each endpoint must individually verify the resource's org matches the session's...

5.3CVSS5.8AI score0.00225EPSS
Exploits0References1
CVE
CVE
added 2026/05/29 4:40 p.m.25 views

CVE-2026-43917

CVE-2026-43917 (Dokploy) describes an IDOR due to a missing organization scoping check in the protectedProcedure middleware prior to 0.19.0. The middleware only validates authentication, not that the resource’s organization matches the session’s activeOrganizationId, enabling cross-organization a...

5.3CVSS5.8AI score0.00225EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.13 views

PT-2026-44929

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.19.0 and earlier, the protectedProcedure middleware only verifies the user is authenticated - it does NOT enforce organization scoping. Each endpoint must individually verify the resource's org matches the session's...

5.3CVSS5.8AI score0.00225EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-45891

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: hns3: fix double free issue for tx spare buffer In hns3setringparam, a temporary copy tmprings of the ring structure is created for rollback. However, the...

7.8CVSS6.2AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:56 a.m.15 views

SUSE CVE-2026-45891

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix double free issue for tx spare buffer In hns3setringparam, a temporary copy tmprings of the ring structure is created for rollback. However, the txspare pointer in the original ring handle is incorrectly left...

7.8CVSS5.9AI score0.00129EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/27 3:33 p.m.14 views

EUVD-2026-32357

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix double free issue for tx spare buffer In hns3setringparam, a temporary copy tmprings of the ring structure is created for rollback. However, the txspare pointer in the original ring handle is incorrectly left...

5.9AI score0.00129EPSS
Exploits0References8
NVD
NVD
added 2026/05/27 2:17 p.m.12 views

CVE-2026-45891

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix double free issue for tx spare buffer In hns3setringparam, a temporary copy tmprings of the ring structure is created for rollback. However, the txspare pointer in the original ring handle is incorrectly left...

7.8CVSS0.00129EPSS
Exploits0References7
OSV
OSV
added 2026/05/27 2:17 p.m.5 views

UBUNTU-CVE-2026-45891

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix double free issue for tx spare buffer In hns3setringparam, a temporary copy tmprings of the ring structure is created for rollback. However, the txspare pointer in the original ring handle is incorrectly left...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References9
OSV
OSV
added 2026/05/27 2:17 p.m.6 views

UBUNTU-CVE-2026-46040

In the Linux kernel, the following vulnerability has been resolved: inotify: fix watch count leak when fsnotifyaddinodemarklocked fails When fsnotifyaddinodemarklocked fails in inotifynewwatch, the error path calls inotifyremovefromidr but does not call decinotifywatches to undo the preceding...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/05/27 12:56 p.m.40 views

CVE-2026-46040 inotify: fix watch count leak when fsnotify_add_inode_mark_locked() fails

In the Linux kernel, the following vulnerability has been resolved: inotify: fix watch count leak when fsnotifyaddinodemarklocked fails When fsnotifyaddinodemarklocked fails in inotifynewwatch, the error path calls inotifyremovefromidr but does not call decinotifywatches to undo the preceding...

0.00123EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/27 12:56 p.m.13 views

EUVD-2026-32421

In the Linux kernel, the following vulnerability has been resolved: inotify: fix watch count leak when fsnotifyaddinodemarklocked fails When fsnotifyaddinodemarklocked fails in inotifynewwatch, the error path calls inotifyremovefromidr but does not call decinotifywatches to undo the preceding...

5.8AI score0.00123EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/27 12:17 p.m.38 views

CVE-2026-45891 net: hns3: fix double free issue for tx spare buffer

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix double free issue for tx spare buffer In hns3setringparam, a temporary copy tmprings of the ring structure is created for rollback. However, the txspare pointer in the original ring handle is incorrectly left...

0.00129EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.11 views

PT-2026-43758

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A double-free issue exists in the hns3 network driver. In the hns3 set ringparam function, a temporary copy tmp rings of the ring structure is created for rollback purposes, but the tx...

7.8CVSS5.6AI score0.00129EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/22 2:20 a.m.12 views

SUSE CVE-2026-43499

In the Linux kernel, the following vulnerability has been resolved: rtmutex: Use waiter::task instead of current in removewaiter removewaiter is used by the slowlock paths, but it is also used for proxy-lock rollback in rtmutexstartproxylock when invoked from futexrequeue. In the latter case...

7.8CVSS5.8AI score0.00125EPSS
Exploits2References24
GithubExploit
GithubExploit
added 2026/05/21 7:16 p.m.123 views

Exploit for Link Following in Microsoft

🛡️ CVE-2026-41091 - RedSun Microsoft Defender Elevation...

7.8CVSS6.9AI score0.08371EPSS
Exploits4
RedhatCVE
RedhatCVE
added 2026/05/21 3:29 p.m.13 views

CVE-2026-43499

A flaw was found in the Linux kernel. When the kernel's real-time mutex rtmutex component performs a specific operation called 'proxy-lock rollback' during futex requeue, it incorrectly handles task pointers. This can lead to a 'Use-After-Free' UAF vulnerability, where the system attempts to use...

7.8CVSS5.8AI score0.00125EPSS
Exploits2References4
UbuntuCve
UbuntuCve
added 2026/05/21 1:16 p.m.11 views

CVE-2026-43499

In the Linux kernel, the following vulnerability has been resolved: rtmutex: Use waiter::task instead of current in removewaiter removewaiter is used by the slowlock paths, but it is also used for proxy-lock rollback in rtmutexstartproxylock when invoked from futexrequeue. In the latter case...

7.8CVSS5.8AI score0.00125EPSS
Exploits2References7
CVE
CVE
added 2026/05/21 12:17 p.m.400 views

CVE-2026-43499

The CVE-2026-43499 issue concerns the Linux kernel rtmutex path where remove_waiter() operated on current during dequeue in rt_mutex_start_proxy_lock() via futex_requeue(). This caused: (1) rbtree dequeue without waiter::task::pi_lock, (2) waiter task pi_blocked_on not cleared (dangling pointer, ...

7.8CVSS5.8AI score0.00125EPSS
Exploits2References6Affected Software1
Rows per page
Query Builder