Lucene search
K

7124 matches found

Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-51720

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds read exists in the compat mtw from user function within the netfilter ebtables component. The issue occurs because the function fails to properly validate the...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References12
Debian CVE
Debian CVE
added 2026/06/23 7:53 p.m.7 views

CVE-2026-12891

A flaw was found in the GStreamer gst-plugins-bad package. When processing a malformed H.266/VVC video stream with a crafted aspect ratio indicator value, the H.266 parser performs an out-of-bounds read of up to 8 bytes from adjacent memory. This flaw allows an attacker to craft a malicious H.266...

4.3CVSS5.7AI score0.00276EPSS
Exploits0
NVD
NVD
added 2026/06/23 5:17 p.m.11 views

CVE-2026-55450

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.1, unauthenticated users can upload any amount of data to the server without any limitations. No need for any prior knowledge, only network access to Langflow. This can lead to space exhaustion on the...

9.3CVSS0.00332EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/23 4:17 p.m.41 views

CVE-2026-55450 Langflow: Unauthenticated file upload leads to DoS (space exhaustion) and information leak

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.1, unauthenticated users can upload any amount of data to the server without any limitations. No need for any prior knowledge, only network access to Langflow. This can lead to space exhaustion on the...

9.3CVSS0.00332EPSS
Exploits1References2
CVE
CVE
added 2026/06/23 4:17 p.m.40 views

CVE-2026-55450

Langflow prior to 1.9.1 allows unauthenticated uploads via the /upload/{flow_id} endpoint, enabling unlimited data transfer, which can cause server disk-space exhaustion (DoS). The response also leaks the absolute path of the uploaded file, an information leak that could aid further attacks. The ...

9.3CVSS5.9AI score0.00332EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2026/06/22 10:16 p.m.7 views

CVE-2026-48500

Filament is a collection of full-stack components for accelerated Laravel development. From 3.0.0 until 3.3.52, 4.11.5, and 5.6.5, any schema can contain a file upload form field, so Filament applies Livewire's WithFileUploads trait to the Livewire component the schema is embedded in. However, so...

6.5CVSS0.00207EPSS
Exploits0References1
OSV
OSV
added 2026/06/22 5:47 a.m.5 views

BIT-NGINX-GATEWAY-2026-42530 NGINX Open-Source ngx_http_v3_module vulnerability

NGINX Open Source has a vulnerability in the ngxhttpv3module module. When NGINX Open Source is configured to use the HTTP/3 QUIC module, a remote unauthenticated attacker along with conditions beyond their control can use a specially crafted HTTP/3 session to reopen a QPACK encoder stream. This m...

9.2CVSS6.1AI score0.03225EPSS
Exploits3References5
RedHat Linux
RedHat Linux
added 2026/06/22 5:28 a.m.6 views

kernel: RDMA/rxe: Fix double free in rxe_srq_from_init

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA subsystem, specifically within the rxe driver. An error in the rxesrqfrominit function's memory management can lead to a double free vulnerability. This occurs when an attempt to copy data to user space fails, causing the sam...

7.8CVSS5.8AI score0.00175EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/19 2:16 p.m.9 views

EUVD-2016-10902

Iperius Remote 1.7.0 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with SYSTEM privileges by exploiting the service installation path. When installed from directories containing spaces, attackers can place malicious executables in the path to be...

8.5CVSS6.2AI score0.00122EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: tee: added a overflow check in registershmhelper When special lengths are provided by the user space, registershmhelper may cause an integer overflow when calculating the number of pages covered by a given user space memory regio...

5.5CVSS6.2AI score0.00223EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Locking external INTx masking operations Masking operations through changes to the config space for DisINTx may cause races with INTx configuration changes via ioctl. Create wrappers that add locking mechanisms for path...

4.4CVSS6.1AI score0.00192EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: tpm: Clean up the TPM space after a command failure The tpmdevtransmit function prepares the TPM space before attempting to transmit a command. However, if the command fails, no rollback of this preparation occurs. This can lead ...

5.5CVSS6.4AI score0.00219EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fixed an out-of-band issue in ntfslistxattr. The length of a name cannot exceed the space occupied by “ea”...

7.1CVSS6.1AI score0.00244EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: fix warning in ‘ext4dareleasespace’ The Syzkaller report describes the issue as follows: EXT4-fs loop0: Details of free/dirty blocks EXT4-fs loop0: freeblocks=0 EXT4-fs loop0: dirtyblocks=0 EXT4-fs loop0: Details of block...

5.5CVSS6.2AI score0.00186EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Skipping the “reserved bytes” warning after unmounting after a log cleanup failure. After the recent changes made by commit c2e39305299f01 “btrfs: clearing the extent buffer when writing fails” and its follow-up fix,...

5.5CVSS6.2AI score0.00237EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: f2fs: A fix was made to perform a sanity check on the inlinedots inode. As Wenqing reported in Bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215765 This issue causes a kernel panic when performing the following actions: -...

5.5CVSS5.9AI score0.00245EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: calling btrfsremovefreespacecachelocked on cache load failure Now that lockdep is kept enabled throughout our CI processes, I noticed the following stack trace in generic/475: ------------ Cut here --- WARNING: CPU: 1 PID:...

5.4AI score0.00181EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm, swap: restore swapspace attribute to avoid kernel panic The commit 8b47299a411a “mm, swap: mark swap address space as read-only and add context debug check” made the swap address space read-only. This could lead to kernel pan...

5.5CVSS5.7AI score0.001EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.15

A flaw was discovered in vDPA with the VDUSE backend. Currently, there are no checks in the VDUSE kernel driver to ensure that the size of the device configuration space is consistent with the features advertised by the VDUSE user-space application. In the event of a mismatch, the Virtio driver...

6.5CVSS6.6AI score0.00225EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: fixed an issue where rebuilding the free space tree using multiple transactions might fail. When rebuilding the free space tree, and while modifying the free space tree, we may need to allocate a new metadata block group. ...

5.5CVSS6AI score0.00129EPSS
Exploits0References2
Rows per page
Query Builder