Lucene search
K

626 matches found

RedHat Linux
RedHat Linux
added 2026/06/17 9:22 a.m.9 views

kernel: sctp: fix a potential overflow in sctp_ifwdtsn_skip

In the Linux kernel, the following vulnerability has been resolved: sctp: fix a potential overflow in sctpifwdtsnskip Currently, when traversing ifwdtsn skips with sctpwalkifwdtsn, it only checks the pos against the end of the chunk. However, the data left for the last pos may be sizeofstruct...

7.8CVSS5.9AI score0.00155EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/12 7:56 p.m.12 views

kernel: sctp: fix a potential overflow in sctp_ifwdtsn_skip

In the Linux kernel, the following vulnerability has been resolved: sctp: fix a potential overflow in sctpifwdtsnskip Currently, when traversing ifwdtsn skips with sctpwalkifwdtsn, it only checks the pos against the end of the chunk. However, the data left for the last pos may be sizeofstruct...

7.8CVSS5.9AI score0.00155EPSS
Exploits0References5
NVD
NVD
added 2026/06/11 7:16 p.m.10 views

CVE-2026-47250

mcp-server-kubernetes is a Model Context Protocol server for Kubernetes cluster management. Prior to version 3.7.0, the kubectlgeneric tool in mcp-server-kubernetes passes user-supplied flags directly to kubectl without any allowlist, enabling a privilege escalation attack within Kubernetes...

6.1CVSS0.00267EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 a.m.11 views

CVE-2026-9748

The $internalConvertBucketIndexStats stage used PauseExecution as a way to signal "skip this document" when an index stats conversion failed. But PauseExecution is not a general purpose skip mechanism, but rather a TeeBuffer-internal signal used solely by $facet to coordinate its sub-pipelines...

7.1CVSS5.5AI score0.00323EPSS
Exploits0References1
OSV
OSV
added 2026/06/10 2:46 p.m.6 views

OPENSUSE-SU-2026:20942-1 Security update for apptainer

This update for apptainer fixes the following issues: Changes in apptainer: - Update apptainer to version v1.5.1 Security fix bsc1267982: Fix for CVE-2026-48785 / GHSA-cr2j-534f-mf3g. Incorrect path matching for limit container paths directive. This is only applicable to SUID installations that...

5.4AI score
Exploits0References2
OSV
OSV
added 2026/06/09 11:17 p.m.7 views

UBUNTU-CVE-2026-9748

The $internalConvertBucketIndexStats stage used PauseExecution as a way to signal "skip this document" when an index stats conversion failed. But PauseExecution is not a general purpose skip mechanism, but rather a TeeBuffer-internal signal used solely by $facet to coordinate its sub-pipelines...

7.1CVSS5.3AI score0.00323EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:44 p.m.13 views

CVE-2026-8669

Imager versions through 1.030 for Perl allow a heap out of bounds OOB write on crafted multi-frame GIF files. Imager::File::GIF's ireadgifmultilow allocates a single per-row buffer GifRow sized for the GIF's global screen width 'SWidth' and reuses it across every image in the file. The page-match...

6.5CVSS5.7AI score0.00321EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 7:16 a.m.14 views

CVE-2026-49194

The debugging routine SCREENCLICK5053 enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface...

9.4CVSS0.00232EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/02 10:2 p.m.12 views

CVE-2026-47674

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.21, the ip-restriction middleware hono/ip-restriction compares incoming IP addresses against configured deny and allow rules using string equality after partial normalization. Non-canonical IPv6...

5.3CVSS5.8AI score0.00244EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/02 6:0 a.m.45 views

CVE-2026-8293 Really Simple Security < 9.5.10.1 - Authentication Bypass via Two-Factor OTP Skip

The Really Simple Security WordPress plugin before 9.5.10.1 does not enforce the second-factor challenge in two of its two-factor authentication REST endpoints, allowing an attacker who knows a user's password to obtain a WordPress authentication session for that user without completing the email...

0.00236EPSS
Exploits0References1
CVE
CVE
added 2026/06/02 6:0 a.m.37 views

CVE-2026-8293

CVE-2026-8293 affects the WordPress plugin Really Simple Security (before 9.5.10.1). The issue: two-factor authentication REST endpoints do not enforce the second-factor challenge, allowing an attacker who knows a user’s password to obtain a WordPress authentication session without completing the...

7.5CVSS5.8AI score0.00236EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/28 3:29 p.m.11 views

CVE-2026-47674

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.21, the ip-restriction middleware hono/ip-restriction compares incoming IP addresses against configured deny and allow rules using string equality after partial normalization. Non-canonical IPv6...

5.3CVSS5.8AI score0.00244EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/27 12:18 p.m.22 views

CVE-2026-45979

CVE-2026-45979 affects the Linux kernel amdgpu driver. The issue arises in drm/amdgpu: clean up the amdgpu_cs_parser_bos where, under low memory conditions, kmalloc can fail and the mutex may not be unlocked, leading to resource contention. The patch/fix exits cleanly by unlocking the mutex, and ...

5.5CVSS5.8AI score0.00107EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.11 views

CVE-2026-45919

sched/rt: Skip currently executing CPU in rtonextcpu...

5.8AI score0.0013EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.15 views

CVE-2026-46045

md/md-llbitmap: skip reading rdevs that are not insync...

5.8AI score0.00127EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rustbinder: Properly handles FDA objects of length zero. A bug has been fixed where an empty FDA fd array object with 0 fds could cause an out-of-bounds error. The previous implementation used skip == 0 to indicate “this is a...

7.8CVSS6AI score0.00112EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Golang-1.15

In Go, encoding/xml in versions prior to 1.15.9 and 1.16.x prior to 1.16.1 can lead to an infinite loop if a custom TokenReader used for xml.NewTokenDecoder returns EOF midway through an element. This issue can occur in the Decode, DecodeElement, or Skip methods...

7.5CVSS7.1AI score0.02543EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables – Do not compare internal table flags during updates. If a table update does not modify the flags, skip the transaction...

7.8CVSS6.2AI score0.00263EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: sctp: A potential overflow issue in sctpifwdtsnskip has been fixed. Currently, when using sctpwalkifwdtsn to traverse ifwdtsnskip, it only checks the position pos against the end of the chunk. However, the data remaining at the...

7.8CVSS5.9AI score0.00155EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/19 7:54 p.m.13 views

Wire: skipGroup() missing negative-length check allows 10-byte payload to crash any Wire-decoding service

CVE-2026-45799 Maintainer summary Wire's protobuf group-skipping logic did not reject negative lengths before skipping a length-delimited field inside a group. A crafted protobuf payload could cause Wire to throw an unchecked runtime exception during decoding instead of the documented IOException...

5.8AI score0.00055EPSS
Exploits0References4Affected Software2
Rows per page
Query Builder