Lucene search
K

911 matches found

EUVD
EUVD
added 6 days ago13 views

EUVD-2026-31654

Cargo can be coerced to share credentials between registries...

6.5CVSS7.1AI score0.00328EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/25 6:18 p.m.7 views

CVE-2026-53027

A flaw was found in the Linux kernel's fs/ntfs3 component. When handling compressed or sparse attributes with frame-aligned clusters, a missing run load for vcn0 can occur if vcn0 resides in a different attribute segment. This oversight can lead to a kernel warning WARNON1 during a run lookup,...

5.8AI score0.00155EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/25 11:0 a.m.4 views

golang: archive/tar: Unbounded allocation when parsing GNU sparse map

A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go...

4.3CVSS7.1AI score0.00419EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/06/25 9:3 a.m.10 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.12.92 packages and security update

Red Hat OpenShift Container Platform release 4.12.92 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a...

10CVSS6.9AI score0.01945EPSS
Exploits3References6
RedHat Linux
RedHat Linux
added 2026/06/25 9:3 a.m.4 views

golang: archive/tar: Unbounded allocation when parsing GNU sparse map

A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go...

4.3CVSS7.1AI score0.00419EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/06/24 8:45 p.m.6 views

CVE-2026-52944

A flaw was found in the Linux kernel's ksmbd component. This vulnerability allows a client to bypass intended permission restrictions by using the FSCTLSETSPARSE operation. Specifically, a client on a read-only share can modify a file's sparse attribute, and clients on writable shares can modify...

5.8AI score0.00165EPSS
Exploits0References4
CVE
CVE
added 2026/06/24 4:29 p.m.7 views

CVE-2026-53027

The CVE concerns the Linux kernel ntfs3 code path in attr_data_get_block_locked, where a compressed or sparse attribute with frame-aligned clusters can cause vcn to be misaligned (vcn != vcn0). If vcn0 resides in a different attribute segment than vcn, the in-memory run list may not have loaded t...

5.8AI score0.00155EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: libceph: The state of sparse-read was reset in osdfault. When a fault occurs, the connection is abandoned, re-established, and any pending operations are retried. The OSD client tracks the progress of a sparse-read reply using a...

7.5CVSS5.7AI score0.0028EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: Ceph: fixed a crash in processv2sparseread for encrypted directories. A crash in processv2sparseread for fscrypt-encrypted directories has been reported. This issue occurs in the Ceph msgr2 protocol in secure mode. It can be...

5.9AI score0.00176EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/24 9:59 a.m.7 views

CVE-2026-52944

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix FSCTL permission bypass by adding a permission check for FSCTLSETSPARSE FSCTLSETSPARSE in fsctlsetsparse modifies the file's sparse attribute and saves it through xattr without any permission checks. This exposes two...

5.7AI score0.00165EPSS
Exploits0
EUVD
EUVD
added 2026/06/24 9:59 a.m.8 views

EUVD-2026-38734

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix FSCTL permission bypass by adding a permission check for FSCTLSETSPARSE FSCTLSETSPARSE in fsctlsetsparse modifies the file's sparse attribute and saves it through xattr without any permission checks. This exposes two...

5.8AI score0.00165EPSS
Exploits0References4
CVE
CVE
added 2026/06/24 9:59 a.m.16 views

CVE-2026-52944

The CVE-2026-52944 entry concerns ksmbd in the Linux kernel where FSCTL_SET_SPARSE can bypass permissions, allowing a client on a read-only share to modify the sparse attribute, and potentially allowing clients on writable shares to change it without FILE_WRITE_DATA or FILE_WRITE_ATTRIBUTES right...

5.8AI score0.00165EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-52944

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: fix FSCTL permission bypass by adding a permission check for FSCTLSETSPARSE FSCTLSETSPARSE in fsctlsetsparse modifies the file's sparse attribute and sav...

5.8AI score0.00165EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/22 6:44 a.m.6 views

kernel: Linux kernel: Denial of Service in libceph OSD client due to unreset sparse-read state

A flaw was found in the Linux kernel's libceph OSD client. When a connection fault occurs during a sparse read, the sparse-read state is not properly reset. This allows a misbehaving or compromised Ceph OSD server, or a network adversary, to disrupt traffic. As a result, the client can misinterpr...

7.5CVSS5.8AI score0.0028EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/22 5:29 a.m.11 views

kernel: Linux kernel: Denial of Service in libceph OSD client due to unreset sparse-read state

A flaw was found in the Linux kernel's libceph OSD client. When a connection fault occurs during a sparse read, the sparse-read state is not properly reset. This allows a misbehaving or compromised Ceph OSD server, or a network adversary, to disrupt traffic. As a result, the client can misinterpr...

7.5CVSS5.8AI score0.0028EPSS
Exploits0References5
NVD
NVD
added 2026/06/20 7:16 p.m.21 views

CVE-2026-56340

vLLM versions = 0.10.2 and 0.13.0 are missing sparse tensor validation in multimodal embeddings processing. Because PyTorch disables sparse tensor invariant checks by default, an attacker can submit crafted embedding requests with malformed negative or out-of-bounds tensor indices, when the...

8.8CVSS0.00352EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/20 6:27 p.m.6 views

CVE-2026-56340 vLLM - Denial of Service via Unvalidated Multimodal Embeddings

vLLM versions = 0.10.2 and 0.13.0 are missing sparse tensor validation in multimodal embeddings processing. Because PyTorch disables sparse tensor invariant checks by default, an attacker can submit crafted embedding requests with malformed negative or out-of-bounds tensor indices, when the...

8.8CVSS5.9AI score0.00352EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/20 6:27 p.m.18 views

CVE-2026-56340 vLLM - Denial of Service via Unvalidated Multimodal Embeddings

vLLM versions = 0.10.2 and 0.13.0 are missing sparse tensor validation in multimodal embeddings processing. Because PyTorch disables sparse tensor invariant checks by default, an attacker can submit crafted embedding requests with malformed negative or out-of-bounds tensor indices, when the...

8.8CVSS0.00352EPSS
Exploits0References2
CVE
CVE
added 2026/06/20 6:27 p.m.24 views

CVE-2026-56340

vLLM versions >= 0.10.2 and

8.8CVSS5.9AI score0.00352EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2026/06/20 5:16 p.m.29 views

CVE-2026-5366

Prefect version 3.6.23 is vulnerable to remote code execution due to improper handling of user-controlled input in the GitRepository storage class. The commitsha parameter, which is passed to git commands, lacks validation and does not include a -- separator to distinguish user input from git...

9.9CVSS0.00566EPSS
Exploits3References1
Rows per page
Query Builder