Lucene search
+L

56 matches found

attackerkb
attackerkb
added 2026/06/24 4:28 p.m.6 views

CVE-2026-52975

In the Linux kernel, the following vulnerability has been resolved: bonding: 3ad: implement proper RCU rules for port-aggregator syzbot found a data-race in bond3adgetactiveagginfo / bond3adstatemachinehandler 1 which hints at lack of proper RCU implementation. Add rcu qualifier to port-aggregato...

7.8CVSS5.7AI score0.00138EPSS
Exploits0References7Affected Software1
cvelist
cvelist
added 2026/06/24 7:14 a.m.33 views

CVE-2026-52935 xfrm: espintcp: do not reuse an in-progress partial send

In the Linux kernel, the following vulnerability has been resolved: xfrm: espintcp: do not reuse an in-progress partial send espintcp keeps a single in-flight transmit in ctx-partial. Before building a new skmsg, espintcpsendmsg first tries to flush that state through espintcppushmsgs. For blocki...

7.8CVSS0.0012EPSS
Exploits0References8
nessus
nessus
added 2026/06/08 12:0 a.m.16 views

SUSE SLES16 Security Update : kernel (SUSE-SU-2026:21845-1)

The remote SUSE Linux SLES16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21845-1 advisory. The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-2058:...

9.8CVSS7AI score0.0138EPSS
Exploits19References659
ptsecurity
ptsecurity
added 2026/05/29 12:0 a.m.17 views

PT-2026-44930

Name of the Vulnerable Software and Affected Versions liboqs versions prior to 0.16.0 Description An out-of-bounds read exists in the XMSS and XMSS^MT stateful signature verification code. This occurs when the verification function is called with a signature buffer shorter than the expected size...

5.3CVSS5.7AI score0.00305EPSS
Exploits0References6
osv
osv
added 2026/05/15 5:53 p.m.34 views

GHSA-FGQV-JH4G-PVG2 Budibase: SSRF Bypass via HTTP Redirect in REST Datasource Integration

Summary The REST datasource integration follows HTTP redirects without re-checking the IP blacklist, allowing an authenticated Builder to access internal services cloud metadata, databases by redirecting through an attacker-controlled server. The same vulnerability class was already patched in...

7.7CVSS5.8AI score0.00258EPSS
Exploits0References4
nessus
nessus
added 2026/05/12 12:0 a.m.46 views

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2026-50262)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50262 advisory. - xfrm: esp: avoid in-place decrypt on shared skb frags Kuan-Ting Chen Orabug: 39344527 CVE-2026-43284 - x86/CPU/AMD: Add a fix for AMD-SB-7052...

8.8CVSS6.9AI score0.96267EPSS
Exploits257References10
osv
osv
added 2026/05/06 11:27 a.m.2 views

CVE-2026-43171 EFI/CPER: don't dump the entire memory region

In the Linux kernel, the following vulnerability has been resolved: EFI/CPER: don't dump the entire memory region The current logic at cperprintfwerr doesn't check if the error record length is big enough to handle offset. On a bad firmware, if the ofset is above the actual record, length -= offs...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References11
osv
osv
added 2026/05/05 8:45 p.m.9 views

SUSE-SU-2026:21526-1 Security update for the Linux Kernel RT (Live Patch 3 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.8.1 fixes various security issues The following security issues were fixed: - CVE-2025-39977: futex: Prevent use-after-free during requeue-PI bsc1252048. - CVE-2025-71066: net/sched: ets: Always remove class from active list before...

7.8CVSS7AI score0.96267EPSS
Exploits230References15
cvelist
cvelist
added 2026/05/01 2:14 p.m.34 views

CVE-2026-31766 drm/amdgpu: validate doorbell_offset in user queue creation

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate doorbelloffset in user queue creation amdgpuuserqgetdoorbellindex passes the user-provided doorbelloffset to amdgpudoorbellindexonbar without bounds checking. An arbitrarily large doorbelloffset can cause the...

7.1CVSS0.00124EPSS
Exploits0References3
suse
suse
added 2026/04/14 5:15 p.m.16 views

Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues: CVE-2026-33999: XKB integer underflow in XkbSetCompatMap bsc1260922. CVE-2026-34000: XKB out-of-bounds read in CheckSetGeom bsc1260923. CVE-2026-34001: XSYNC use-after-free in miSyncTriggerFence bsc1260924. CVE-2026-34002: XKB...

7.3CVSS6.1AI score0.00489EPSS
Exploits0References20
ubuntucve
ubuntucve
added 2026/04/09 7:16 p.m.4 views

CVE-2026-34987

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime with its Winch baseline non-default compiler backend may allow properly constructed guest Wasm to access host memory outside of its linear-memory sandbox. This vulnerability requires use of the Winch...

9.9CVSS5.8AI score0.00278EPSS
Exploits0References2
suse
suse
added 2026/03/26 12:43 p.m.11 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-50453: gpiolib: cdev: fix NULL-pointer dereferences bsc1250887. CVE-2023-53794: cifs: fix session state check in reconnect to avoid use-after-free issue...

8.5CVSS6.6AI score0.0071EPSS
Exploits0References288
cvelist
cvelist
added 2026/03/25 10:27 a.m.22 views

CVE-2026-23355 ata: libata: cancel pending work after clearing deferred_qc

In the Linux kernel, the following vulnerability has been resolved: ata: libata: cancel pending work after clearing deferredqc Syzbot reported a WARNON in atascsideferredqcwork, caused by ap-ops-qcdefer returning non-zero before issuing the deferred qc. atascsischeduledeferredqc is called during...

0.00122EPSS
Exploits0References4
attackerkb
attackerkb
added 2026/03/25 12:32 a.m.4 views

CVE-2026-28832

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to disclose kernel memory...

5.8AI score0.00196EPSS
Exploits0References4
nessus
nessus
added 2026/03/04 12:0 a.m.5 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005755)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005755 advisory. In the Linux kernel, the following vulnerability has been resolved: fs/aio: Check IOCBAIORW before the struct aiokiocb conversion The first kiocbsetcancelfn argument...

5.5CVSS6.5AI score0.00247EPSS
Exploits0References4
redhat
redhat
added 2026/01/26 7:50 a.m.11 views

kernel: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping

A flaw was found in the Linux kernel’s ASoC Intel bytcrrt5640 driver. When an invalid value is passed via the driver’s “quirk” input option, the driver merely logs an error and retains the invalid value, rather than correcting it. This can result in out-of-bounds OOB memory access...

5.8AI score0.00193EPSS
Exploits0References5
nessus
nessus
added 2026/01/22 12:0 a.m.6 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-37780)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37780 advisory. - In the Linux kernel, the following vulnerability has been resolved: isofs: Prevent the use of too small fid...

7.1CVSS6.7AI score0.00174EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/01/21 7:25 p.m.3 views

CVE-2026-23955

EVerest is an EV charging software stack. Prior to version 2025.9.0, in several places, integer values are concatenated to literal strings when throwing errors. This results in pointers arithmetic instead of printing the integer value as expected, like most of interpreted languages. This can be...

4.2CVSS5.4AI score0.00164EPSS
Exploits1References2Affected Software1
nessus
nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : thunderbird-102.4.0-1.el8.ML.1 (AXSA:2022-3945:15)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3945:15 advisory. Mozilla: Matrix SDK bundled with Thunderbird vulnerable to an impersonation attack by malicious server administrators CVE-2022-39249 Mozilla: Matrix...

8.8CVSS5.8AI score0.01047EPSS
Exploits0References9
nvd
nvd
added 2025/12/30 1:16 p.m.13 views

CVE-2023-54269

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: double free xprtctxt while still in use When an RPC request is deferred, the rqxprtctxt pointer is moved out of the svcrqst into the svcdeferredreq. When the deferred request is revisited, the pointer is copied into the n...

0.00168EPSS
Exploits0References4
Rows per page
Query Builder