Lucene search
+L

1388 matches found

mscve
mscve
added 2026/06/27 8:4 a.m.8 views

xfrm: policy: fix use-after-free on inexact bin in xfrm_policy_bysel_ctx()

...

7.8CVSS5.8AI score0.00135EPSS
Exploits0
nvd
nvd
added 2026/06/25 9:16 a.m.5 views

CVE-2026-53162

In the Linux kernel, the following vulnerability has been resolved: memcg: use round-robin victim selection in refillstock Harry Yoo reported that getrandomu32below is not safe to call in the nmi context and memcg charge draining can happen in nmi context. More specifically getrandomu32below is...

7.8CVSS0.00136EPSS
Exploits0References3
osv
osv
added 2026/06/25 9:16 a.m.4 views

UBUNTU-CVE-2026-53162

In the Linux kernel, the following vulnerability has been resolved: memcg: use round-robin victim selection in refillstock Harry Yoo reported that getrandomu32below is not safe to call in the nmi context and memcg charge draining can happen in nmi context. More specifically getrandomu32below is...

7.8CVSS5.8AI score0.00136EPSS
Exploits0References6
debiancve
debiancve
added 2026/06/25 8:39 a.m.7 views

CVE-2026-53239

In the Linux kernel, the following vulnerability has been resolved: xfrm: policy: fix use-after-free on inexact bin in xfrmpolicybyselctx Fix the race by pruning the bin while still holding xfrmpolicylock, before dropping it. Use xfrmpolicyinexactprunebin directly since the lock is already held...

7.8CVSS5.6AI score0.00135EPSS
Exploits0
osv
osv
added 2026/06/25 8:38 a.m.2 views

CVE-2026-53162 memcg: use round-robin victim selection in refill_stock

In the Linux kernel, the following vulnerability has been resolved: memcg: use round-robin victim selection in refillstock Harry Yoo reported that getrandomu32below is not safe to call in the nmi context and memcg charge draining can happen in nmi context. More specifically getrandomu32below is...

7.8CVSS5.8AI score0.00136EPSS
Exploits0References6
euvd
euvd
added 2026/06/25 8:38 a.m.6 views

EUVD-2026-39253

In the Linux kernel, the following vulnerability has been resolved: memcg: use round-robin victim selection in refillstock Harry Yoo reported that getrandomu32below is not safe to call in the nmi context and memcg charge draining can happen in nmi context. More specifically getrandomu32below is...

5.8AI score0.00136EPSS
Exploits0References3
osv
osv
added 2026/06/22 12:26 p.m.3 views

OPENSUSE-SU-2026:21005-1 Security update for openssl-3

This update for openssl-3 fixes the following issues - CVE-2026-2673: TLS 1.3 servers may choose unexpected key agreement group bsc1259652. - CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion bsc1266340. - CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based...

9.1CVSS7.1AI score0.02719EPSS
Exploits0References30
mageia
mageia
added 2026/06/18 9:28 p.m.13 views

Updated ruby-rack packages fix security vulnerabilities

CVE-2026-26961 Greedy multipart boundary parsing can cause parser differentials and WAF bypass. Forwarded header semicolon injection enables Host and Scheme spoofing. CVE-2026-34230 Quadratic complexity in Rack::Utils.selectbestencoding via wildcard Accept-Encoding header. CVE-2026-34763 Root...

7.5CVSS5AI score0.00475EPSS
Exploits2References13
osv
osv
added 2026/06/07 12:2 a.m.9 views

OSV-2026-868 Use-of-uninitialized-value in vp8_regular_quantize_b_sse4_1

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=520318421 Crash type: Use-of-uninitialized-value Crash state: vp8regularquantizebsse41 macroblockyrd vp8rdpickintramode...

5.4AI score
Exploits0References1
packetstormnews
packetstormnews
added 2026/06/07 12:0 a.m.25 views

NCMD: Benign-Anchored Feature Selection for Imbalanced Network Intrusion Detection

Feature selection is critical for network intrusion detection systems NIDS operating under high-dimensional, highly imbalanced traffic, as found in operational and defense networks. Traditional filter methods rank features using global statistics computed symmetrically across classes and thus fai...

5.5AI score
Exploits0
nessus
nessus
added 2026/06/06 12:0 a.m.13 views

FreeBSD : PowerDNS -- Multiple vulnerabilities (0823ac26-6040-11f1-ba4a-50ebf6bdf8e9)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 0823ac26-6040-11f1-ba4a-50ebf6bdf8e9 advisory. PowerDNS Team reports: 2025-07: Internal logic flaw in cache management can lead to a denial o...

8.6CVSS5.7AI score0.00365EPSS
Exploits0References7
redhatcve
redhatcve
added 2026/06/05 7:42 p.m.11 views

CVE-2026-8123

A vulnerability was determined in Open5GS up to 2.7.7. This impacts the function ogssbidiscoveryoptionaddsnssais in the library /lib/sbi/message.c of the component NSSF. This manipulation causes denial of service. It is possible to initiate the attack remotely. The exploit has been publicly...

6.5CVSS5.1AI score0.00372EPSS
Exploits1References1
nvd
nvd
added 2026/06/04 3:16 p.m.16 views

CVE-2026-10864

A vulnerability in the MISP dashboard widgets allowed an authenticated user to manipulate the fields option and influence which fields were returned by the New Users and New Organisations widgets. In some cases, requesting a field set that became empty after validation or redaction could cause th...

5.3CVSS0.00176EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/06/04 1:54 p.m.7 views

CVE-2026-10864

A vulnerability in the MISP dashboard widgets allowed an authenticated user to manipulate the fields option and influence which fields were returned by the New Users and New Organisations widgets. In some cases, requesting a field set that became empty after validation or redaction could cause th...

5.3CVSS5.8AI score0.00176EPSS
Exploits0References2
packetstormnews
packetstormnews
added 2026/05/31 12:0 a.m.21 views

Needles at Scale: LLM-Assisted Target Selection for Windows Vulnerability Research

The attack surface of a modern operating system is a haystack: thousands of signed binaries and millions of functions, almost none relevant to any given vulnerability. A human analyst or an LLM agent must pick the function worth reading before analyzing it. At whole-OS scope, this target selectio...

5.8AI score
Exploits0
osv
osv
added 2026/05/28 10:16 a.m.8 views

UBUNTU-CVE-2026-46166

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: use safe list iteration in radar detect work The call to ieee80211dfscaccancel can cause the iterated chanctx to be freed and removed from the list. Guard against this to avoid a slab-use-after-free error...

8.8CVSS5.7AI score0.00203EPSS
Exploits0References7
cvelist
cvelist
added 2026/05/27 7:49 a.m.32 views

CVE-2026-40819 Unauthenticated SQLi in sync_data24 task

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the syncdata24 task due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

8.7CVSS0.0032EPSS
Exploits0References1
packetstormnews
packetstormnews
added 2026/05/24 12:0 a.m.11 views

MemMorph: Tool Hijacking in LLM Agents Via Memory Poisoning

LLM-driven agents are capable of selecting external tools to complete users' tasks. However, attackers could compromise such process, steering agents toward inappropriate/wrong tools and enabling malicious actions. Most existing attacks primarily manipulate the tool metadata, which is easily...

5.7AI score
Exploits0
ptsecurity
ptsecurity
added 2026/05/21 12:0 a.m.18 views

PT-2026-42473

Name of the Vulnerable Software and Affected Versions gdk-pixbuf-loader-libheif versions prior to 1.22.2-1.1 Description An integer underflow leads to an out-of-bounds OOB memory access. This issue was discovered using AI-assisted fuzzing, a technique that uses artificial intelligence to...

7.1CVSS5.8AI score0.00343EPSS
Exploits0References62
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ipu3-imgu: A NULL pointer dereferencing occurred in imgusubdevsetselection. Calling v4l2subdevgettrycrop and v4l2subdevgettrycompose with a subdev state of NULL leads to a NULL pointer dereferencing. This issue can occur in...

5.8AI score0.00206EPSS
Exploits0References1
Rows per page
Query Builder