Lucene search
K

275 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-53228

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv6: sit: reload inner IPv6 header after GSO offloads ipip6tunnelxmit caches the inner IPv6 header pointer at function entry and continues using it after...

9.8CVSS6AI score0.00559EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 8:39 a.m.4 views

EUVD-2026-39319

In the Linux kernel, the following vulnerability has been resolved: ipv6: sit: reload inner IPv6 header after GSO offloads ipip6tunnelxmit caches the inner IPv6 header pointer at function entry and continues using it after iptunnelhandleoffloads. For GSO skbs, iptunnelhandleoffloads calls...

5.7AI score0.00559EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.29 views

CVE-2026-53228 ipv6: sit: reload inner IPv6 header after GSO offloads

In the Linux kernel, the following vulnerability has been resolved: ipv6: sit: reload inner IPv6 header after GSO offloads ipip6tunnelxmit caches the inner IPv6 header pointer at function entry and continues using it after iptunnelhandleoffloads. For GSO skbs, iptunnelhandleoffloads calls...

9.8CVSS0.00559EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.5 views

CVE-2026-53228

In the Linux kernel, the following vulnerability has been resolved: ipv6: sit: reload inner IPv6 header after GSO offloads ipip6tunnelxmit caches the inner IPv6 header pointer at function entry and continues using it after iptunnelhandleoffloads. For GSO skbs, iptunnelhandleoffloads calls...

9.8CVSS5.6AI score0.00559EPSS
Exploits0
CVE
CVE
added 2026/06/25 8:39 a.m.36 views

CVE-2026-53228

The CVE-2026-53228 entry documents a vulnerability in the Linux kernel SIT IPv6 tunnel driver. When GSO offloads are used, the code may keep a stale pointer to the inner IPv6 header after skb header unclone and potential headroom reallocation, leading to reads from freed memory. A fix reloads the...

9.8CVSS5.7AI score0.00559EPSS
Exploits0References8Affected Software1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ipv6/sit: Use DEVSTATSINC to avoid data races. syzbot/KCSAN reported that multiple CPUs are updating dev-stats.txerror concurrently. This occurs because sit tunnels use NETIFFLLTX, which means their ndostartxmit function is not...

5.6AI score0.00209EPSS
Exploits0References2
NVD
NVD
added 2026/05/21 6:16 p.m.23 views

CVE-2026-48233

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/sitincidents.php where the offset GET parameter is concatenated into the LIMIT clause of a SELECT statement without sanitization. Authenticated attackers can craft requests that alter query semantics to read, modify, o...

7.1CVSS0.00214EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/21 5:10 p.m.7 views

CVE-2026-48233 Open ISES Tickets < 3.44.2 SQL Injection via ajax/sit_incidents.php offset Parameter

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/sitincidents.php where the offset GET parameter is concatenated into the LIMIT clause of a SELECT statement without sanitization. Authenticated attackers can craft requests that alter query semantics to read, modify, o...

7.1CVSS5.9AI score0.00214EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/21 5:10 p.m.10 views

EUVD-2026-31313

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/sitincidents.php where the offset GET parameter is concatenated into the LIMIT clause of a SELECT statement without sanitization. Authenticated attackers can craft requests that alter query semantics to read, modify, o...

7.1CVSS5.9AI score0.00214EPSS
Exploits0References3
CVE
CVE
added 2026/05/21 5:10 p.m.19 views

CVE-2026-48233

The CVE-2026-48233 issue affects Open ISES Tickets prior to 3.44.2, where the GET offset parameter is concatenated into the LIMIT clause in ajax/sit_incidents.php, enabling SQL injection. This requires authentication and is exploitable via crafted requests over the network, potentially allowing a...

7.1CVSS5.9AI score0.00214EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/21 5:10 p.m.40 views

CVE-2026-48233 Open ISES Tickets < 3.44.2 SQL Injection via ajax/sit_incidents.php offset Parameter

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/sitincidents.php where the offset GET parameter is concatenated into the LIMIT clause of a SELECT statement without sanitization. Authenticated attackers can craft requests that alter query semantics to read, modify, o...

7.1CVSS0.00214EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.9 views

tickets SQL注入漏洞

Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of tickets prior to 3.44.2 contained a SQL injection vulnerability. This vulnerability stemmed from the offset GET parameters in the ajax/sitincidents.php file being directly concatenated...

7.1CVSS5.9AI score0.00214EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.18 views

PT-2026-42511

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/sit incidents.php where the offset GET parameter is concatenated into the LIMIT clause of a SELECT statement without sanitization. Authenticated attackers can craft requests that alter query semantics to read, modify, ...

7.1CVSS5.9AI score0.00214EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: f2fs: A sanity check was added for the block address in the f2fsdozerorange function. As reported by Yanming in Bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215894 I have encountered a bug in the F2FS file system in the...

5.5CVSS5.9AI score0.00247EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: sit: Do not call ipip6devfree from sitinitnet. ipip6devfree is a member function of dev-privdestructor; it has already been called by registernetdevice in case of errors. An alternative approach would be to make ipip6devfree...

5.5CVSS6.1AI score0.00253EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: f2fs: A fix was made to perform a sanity check on totaldatablocks. As reported by Yanming in Bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215916 The kernel message is as follows: Kernel BUG at fs/f2fs/segment.c:2560! Call...

5.5CVSS6AI score0.00245EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.5 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013078)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013078 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv4: route: Prevent rtbindexception from rebinding stale fnhe The sit driver's packet transmissi...

5.9AI score0.00165EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.7 views

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011394)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011394 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv4: route: Prevent rtbindexception from rebinding stale fnhe The sit driver's packet transmissi...

5.9AI score0.00165EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/04 12:0 a.m.4 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005711)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005711 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on sitbitmapsize w/ below testcase, resize will generate a corrupted...

5.5CVSS6.8AI score0.00146EPSS
Exploits0References4
Redos
Redos
added 2026/02/20 12:0 a.m.9 views

ROS-20260220-73-0034

Vulnerability in the buildsitentries function of the Linux operating system kernel with incorrect resource sweep or release. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS5.6AI score0.00146EPSS
Exploits0
Rows per page
Query Builder