Lucene search
+L

5627 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: dsa: Free routing table on probe failure If complete is set to true in dsatreesetup, it means that we are the last switch in the tree that is being probed successfully. We should then set up all switches along our probe path...

7.8CVSS6.2AI score0.0016EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: KVM: Do not corrupt the irqfd routing entry when deassigning an irqfd When deassigning a KVMIRQFD, do not corrupt the irqfd’s copy of the IRQ routing entry. Doing so will break the kvmarchirqbypassdelproducer function on x86 a...

7.8CVSS5.7AI score0.00124EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fixed out-of-bound access in fib6addrt2node. syzbot reported an out-of-bound read in fib6addrt2node. 0 When an IPv6 route is created with RTANHID, the struct fib6info does not have the trailing struct fib6nh. The referenced...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References2
NVD
NVD
added 2026/06/24 8:16 a.m.10 views

CVE-2026-52925

In the Linux kernel, the following vulnerability has been resolved: vrf: Fix a potential NPD when removing a port from a VRF RCU readers that identified a net device as a VRF port using netifisl3slave assume that a subsequent call to netdevmasterupperdevgetrcu will return a VRF device. They then...

5.5CVSS0.00114EPSS
Exploits0References8
OSV
OSV
added 2026/06/24 8:16 a.m.7 views

UBUNTU-CVE-2026-52925

In the Linux kernel, the following vulnerability has been resolved: vrf: Fix a potential NPD when removing a port from a VRF RCU readers that identified a net device as a VRF port using netifisl3slave assume that a subsequent call to netdevmasterupperdevgetrcu will return a VRF device. They then...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References11
EUVD
EUVD
added 2026/06/24 7:14 a.m.8 views

EUVD-2026-38728

In the Linux kernel, the following vulnerability has been resolved: vrf: Fix a potential NPD when removing a port from a VRF RCU readers that identified a net device as a VRF port using netifisl3slave assume that a subsequent call to netdevmasterupperdevgetrcu will return a VRF device. They then...

5.8AI score0.00114EPSS
Exploits0References8
OSV
OSV
added 2026/06/24 7:14 a.m.2 views

CVE-2026-52925 vrf: Fix a potential NPD when removing a port from a VRF

In the Linux kernel, the following vulnerability has been resolved: vrf: Fix a potential NPD when removing a port from a VRF RCU readers that identified a net device as a VRF port using netifisl3slave assume that a subsequent call to netdevmasterupperdevgetrcu will return a VRF device. They then...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References11
Fedora
Fedora
added 2026/06/24 1:30 a.m.6 views

[SECURITY] Fedora 44 Update: frr-10.6.1-1.fc44

FRRouting is free software that manages TCP/IP based routing protocols. It ta kes a multi-server and multi-threaded approach to resolve the current complexity of the Internet. FRRouting supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. FRRouting is a fork of Quagga...

7.5CVSS5.7AI score0.00389EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.12 views

PT-2026-51718

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Null Pointer Dereference NPD can occur when removing a port from a Virtual Routing and Forwarding VRF instance. RCU readers using netif is l3 slave may incorrectly assume that netdev...

6AI score0.00114EPSS
Exploits0References19
AstraLinux
AstraLinux
added 2026/06/23 11:48 a.m.6 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: ipv6: rpl: Reserve enough headroom for the MAC header when recompressing the SRH. The function ipv6rplsrhrcv decompresses the RFC 6554 Source Routing Header, swaps the next segment into ipv6hdr-daddr, recompresses it, and then...

9.8CVSS6.5AI score0.00475EPSS
Exploits0References3
Arista
Arista
added 2026/06/23 12:0 a.m.11 views

Security Advisory 0142

Security Advisory 0142 PDF Date: June 23, 2026 Revision | Date | Changes ---|---|--- 1.0 | June 23, 2026 | Initial release 1.1 | July 8, 2026 | Updated Resolution and Mitigation sections The CVE-ID tracking this issue: CVE-2026-12546 CVSSv3.1 Base Score: 6.0...

6AI score
Exploits0Affected Software1
Cvelist
Cvelist
added 2026/06/22 3:58 p.m.34 views

CVE-2026-55602 http-proxy-middleware `router` host+path substring matching allows Host-header-driven backend routing bypass

http-proxy-middleware is node.js http-proxy middleware. From 0.16.0 until 2.0.10, 3.0.6, and 4.1.0, http-proxy-middleware documents router proxy-table entries as host, path, or host+path selectors, but the host+path implementation uses unanchored substring matching on attacker-controlled request...

6.9CVSS0.0034EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/06/22 3:58 p.m.5 views

CVE-2026-55602

http-proxy-middleware is node.js http-proxy middleware. From 0.16.0 until 2.0.10, 3.0.6, and 4.1.0, http-proxy-middleware documents router proxy-table entries as host, path, or host+path selectors, but the host+path implementation uses unanchored substring matching on attacker-controlled request...

6.9CVSS5.9AI score0.0034EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/06/22 3:58 p.m.87 views

CVE-2026-55602

The CVE-2026-55602 issue affects http-proxy-middleware (Node.js) versions 0.16.0 through 2.0.10, 3.0.6, and 4.1.0. The host+path router uses unanchored substring matching on attacker-controlled request metadata, enabling a crafted Host header that is a superstring match for a configured key to ro...

8.6CVSS5.9AI score0.0034EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2026/06/22 3:58 p.m.5 views

CVE-2026-55602 http-proxy-middleware `router` host+path substring matching allows Host-header-driven backend routing bypass

http-proxy-middleware is node.js http-proxy middleware. From 0.16.0 until 2.0.10, 3.0.6, and 4.1.0, http-proxy-middleware documents router proxy-table entries as host, path, or host+path selectors, but the host+path implementation uses unanchored substring matching on attacker-controlled request...

6.9CVSS6AI score0.0034EPSS
Exploits1References3
Ubuntu
Ubuntu
added 2026/06/22 1:55 p.m.8 views

USN-8459-1: HAProxy vulnerabilities

It was discovered that HAProxy incorrectly handled the FCGI demultiplexer record length field. A remote attacker could possibly use this issue to cause incorrect request routing, response smuggling, or other memory safety issues. CVE-2026-55203 It was discovered that HAProxy failed to validate th...

9.1CVSS5.9AI score0.00431EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/22 1:3 p.m.9 views

CVE-2026-48772

A flaw was found in ProxySQL, a proxy for MySQL and its forks, as well as PostgreSQL. A remote attacker can exploit this vulnerability by sending a specially crafted PROXY protocol version 1 PP1 header with an 'UNKNOWN' protocol token. Despite the specification requiring these address fields to b...

10CVSS5.8AI score0.00185EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/22 5:29 a.m.17 views

kernel: ipv6: rpl: reserve mac_len headroom when recompressed SRH grows

A flaw was found in the Linux kernel. A local attacker can exploit an out-of-bounds write vulnerability when the kernel recomputes an IPv6 Source Routing Header SRH. This issue occurs because insufficient headroom is reserved during the recompression process, leading to memory corruption...

9.8CVSS6.1AI score0.00475EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/22 5:28 a.m.5 views

kernel: ipv6: rpl: reserve mac_len headroom when recompressed SRH grows

A flaw was found in the Linux kernel. A local attacker can exploit an out-of-bounds write vulnerability when the kernel recomputes an IPv6 Source Routing Header SRH. This issue occurs because insufficient headroom is reserved during the recompression process, leading to memory corruption...

9.8CVSS6.1AI score0.00475EPSS
Exploits0References5
Fedora
Fedora
added 2026/06/21 1:11 a.m.9 views

[SECURITY] Fedora 43 Update: alertmanager-0.33.0-1.fc43

The Alertmanager handles alerts sent by client applications such as the Prometheus server. It takes care of deduplicating, grouping, and routing them to the correct receiver integrations such as email, PagerDuty, or OpsGenie. It a lso takes care of silencing and inhibition of alerts...

5.5CVSS5.8AI score0.00168EPSS
Exploits1
Rows per page
Query Builder