Lucene search
K

1127 matches found

Debian CVE
Debian CVE
added 2026/06/29 7:38 p.m.6 views

CVE-2026-56018

JavaScript::Minifier::XS versions before 0.16 for Perl leak memory on every call to minify, allowing unbounded memory growth. In JsMinify XS.xs the cleanup frees only the NodeSet structures and never the per-token contents buffers allocated in JsSetNodeContents; JsDiscardNode unlinks nodes withou...

7.5CVSS5.9AI score0.00609EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Timers: A race condition involving NULL function pointers was fixed in timershutdownsync. There is a race condition between timershutdownsync and timerexpiration, which can lead to a WARNON being triggered in expiretimers. The...

4.7CVSS6AI score0.00117EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/16 9:6 a.m.12 views

Important: Red Hat Security Advisory: General availability of the satellite/iop-host-inventory-rhel9 container image

A new satellite/iop-host-inventory-rhel9 container image is now generally available in the Red Hat container registry. Red Hat Lightspeed in Satellite analyzes system health and configuration by applying predefined rules to a small set of local data, such as installed packages, running services,...

8.2CVSS6.6AI score0.01438EPSS
Exploits4References9
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.12 views

CVE-2026-5834

A vulnerability was detected in code-projects Online Shoe Store 1.0. Affected is an unknown function of the file /admin/adminrunning.php. Performing a manipulation of the argument productname results in cross site scripting. It is possible to initiate the attack remotely. The exploit is now publi...

4.8CVSS3.9AI score0.00206EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 2:45 p.m.37 views

CVE-2026-45287

OpenTelemetry-Go (Go implementation) prior to version 0.0.17 leaks one file descriptor per successful ParseFile call when parsing go.opentelemetry.io/otel/schema/v1.0 and v1.1. In long-running processes, repeated schema parsing without proper file closure can exhaust the process file descriptor l...

5.5CVSS5.8AI score0.00168EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.17 views

PT-2026-46233

Name of the Vulnerable Software and Affected Versions API Platform Core versions 2.6.0 through 4.1.28 API Platform Core versions 4.2.0 through 4.2.25 API Platform Core versions 4.3.0 through 4.3.11 Description A missing isCacheKeySafe gate in the JSON:API and HAL item normalizers leads to a...

5.9CVSS5.6AI score0.00197EPSS
Exploits0References10
OSV
OSV
added 2026/05/28 5:19 p.m.11 views

GHSA-995V-FVRW-C78M opentelemetry-go's Schema ParseFile leaks file descriptors on each parse

Summary go.opentelemetry.io/otel/schema/v1.0 and go.opentelemetry.io/otel/schema/v1.1 leaks one file descriptor on each successful ParseFile call. ParseFile opens the schema file and passes it to Parse without closing it; repeated parsing in a long-running process can exhaust the process file...

2.1CVSS5.9AI score0.00168EPSS
Exploits1References5
NVD
NVD
added 2026/05/27 2:17 p.m.12 views

CVE-2026-45968

In the Linux kernel, the following vulnerability has been resolved: cpuidle: Skip governor when only one idle state is available On certain platforms PowerNV systems without a power-mgt DT node, cpuidle may register only a single idle state. In cases where that single state is a polling state sta...

5.5CVSS0.0013EPSS
Exploits0References8
OSV
OSV
added 2026/05/27 2:17 p.m.7 views

UBUNTU-CVE-2026-45917

In the Linux kernel, the following vulnerability has been resolved: ipvs: do not keep destdst if dev is going down There is race between the netdev notifier ipvsdstevent and the code that caches dst with dev that is going down. As the FIB can be notified for the closed device after our handler...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References11
OSV
OSV
added 2026/05/27 12:17 p.m.2 views

CVE-2026-45917 ipvs: do not keep dest_dst if dev is going down

In the Linux kernel, the following vulnerability has been resolved: ipvs: do not keep destdst if dev is going down There is race between the netdev notifier ipvsdstevent and the code that caches dst with dev that is going down. As the FIB can be notified for the closed device after our handler...

5.5CVSS6AI score0.00122EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.23 views

PT-2026-43784

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists between the netdev notifier ip vs dst event and the code responsible for caching the destination dst when a device is going down. Because the Forwarding Informati...

5.5CVSS5.5AI score0.00122EPSS
Exploits0
Metasploit
Metasploit
added 2026/05/21 7:1 p.m.326 views

Ollama Scanner

This module identifies ollama instances and enumerates the LLM models which have been loaded and are running. Module Options msf use auxiliary/scanner/http/ollamainfo msf auxiliaryollamainfo show actions ...actions... msf auxiliaryollamainfo set ACTION msf auxiliaryollamainfo show options ...show...

5.9AI score
Exploits0
OSV
OSV
added 2026/05/20 6:14 p.m.7 views

MAL-2026-4193 Malicious code in private-next-pages (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 00c6505c70734328f859fa758ad45ba680403a4cfeedd60d2f9e035b026bd45c package.json declares a postinstall script that uses Node's childprocess to execute reconnaissance commands including whoami and beacon results out v...

5.9AI score
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: scsi: pm8001: Fixed the runningreq for internal abort commands Disabling the remote PHY for a SATA disk causes a hang: bash root@none$ more /sys/class/sasPhy/phy-0:0:8/targetPortProtocols sata root@none$ echo 0...

5.6AI score0.00203EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10, Linux

A use-after-free flaw was identified due to a race between the superblock operations in the gadgetfs Linux driver. This flaw could be triggered by removing a device that is running the gadgetfs side...

6.4CVSS6.6AI score0.00484EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: OpenVSwitch: fixed the issue where locking occurred when trying to unregister a netdev with a carrier. The commit in the “fixes” tag attempted to fix this issue through the following sequence of calls: dooutput → ovsvportsend →...

5.5CVSS6.3AI score0.002EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: w1: fixed the warning that appeared after calling w1process. I received the following warning message while removing the driver ds2482: ------------ cut here ------------ Do not call blocking operations when the !TASKRUNNING;...

5.5CVSS6.3AI score0.00178EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: posix-timers: A situation where livelock occurs in itimerdelete has been addressed. Itimerdelete includes a retry loop when the timer expires simultaneously. On non-RT kernels, this simply involves waiting until the timer callbac...

5.9AI score0.00167EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: mmc: vub300: fix warning – do not call blocking ops when !TASKRUNNING vub300enablesdioirq works with a mutex and requires TASKRUNNING to function properly. Ensure that we mark the current context as TASKRUNNING for sleepable...

5.5CVSS6.1AI score0.00149EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: In devcom, fix the error flow in mlx5devcomregisterdevice. In the event of a failure in devcom allocation, mlx5 always releases the private memory. However, this private memory might have been allocated by a different...

5.9AI score0.00173EPSS
Exploits0References1
Rows per page
Query Builder