99 matches found
CVE-2026-42073 OpenClaude's MCP OAuth Callback: State Check Bypass via error Param Leads to DoS
OpenClaude is an open-source coding-agent command line interface for cloud and local model providers. Prior to version 0.5.1, the OpenClaude MCP authentication flow starts a temporary local HTTP server to handle OAuth callbacks. To prevent CSRF attacks, the server validates a state parameter...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: drm/tegra: Fixed a possible null pointer derefrence issue. In tegracrtcreset, new memory is allocated using kzalloc, but no checks are performed. Before calling drmatomichelpercrtcreset, the state of the memory allocation should ...
Exploit for Write-what-where Condition in Linux Linux_Kernel
Dirty Frag check CVE-2026-43284 / CVE-2026-43500 Read-only...
kernel: ALSA: aloop: Fix racy access at PCM trigger
In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix racy access at PCM trigger The PCM trigger callback of aloop driver tries to check the PCM state and stop the stream of the tied substream in the corresponding cable. Since both check and stop operations are...
CVE-2026-43219
In the Linux kernel, the following vulnerability has been resolved: net: cpswnew: Fix potential unregister of netdev that has not been registered yet If an error occurs during registernetdev for the first MAC in cpswregisterports, even though cpsw-slaves0.ndev is set to NULL, cpsw-slaves1.ndev...
GHSA-FR8X-3VFX-F45H gix and gitoxide: unvalidated submodule name traverses out of .git/modules and redirects state() / open() to another repository
Summary attachments: pocs.zip Submodule names coming from .gitmodules are exposed as unvalidated names and are later reused to derive the submodule git directory as: /modules/ Because the submodule name is joined directly as a filesystem path component, a name such as ../../../escaped-target.git...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: bnxten: Fixed a possible crash in bnxthwrmsetcoal During the error recovery sequence, the rtnllock is not held for the entire duration, and some data structures may be freed during this process. Instead of checking netifrunning,...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: mptcp: stricter state check in mptcpworker As reported by Christoph, the mptcp protocol can run the worker when the relevant msk socket is in an unexpected state: connect // incoming reset + fastclose // the mptcp worker is...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: vop: Fixed an issue where a variable was referenced before it was dereferenced. The ‘state’ parameter cannot be NULL; we should check crtcstate. Fixed the warning: drivers/gpu/drm/rockchip/rockchipdrmvop.c:1096...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013336)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013336 advisory. In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix use-after-free bug in hclgevfsendmbxmsg Currently, the hns3remove function firstly...
SUSE-SU-2026:0928-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-53794: cifs: fix session state check in reconnect to avoid use-after-free issue bsc1255163. - CVE-2023-53827: Bluetooth: L2CAP: Fix use-after-free in...
kernel: drm/i915: Fix NULL ptr deref by checking new_crtc_state
A NULL pointer dereference vulnerability was found in the Intel i915 graphics driver in the Linux kernel. The intelatomicgetnewcrtcstate function can return NULL if the CRTC state was not previously obtained via intelatomicgetcrtcstate, but the return value was not checked before use. This leads ...
Cross-site Request Forgery (CSRF)
Overview sigstore is an A tool for signing Python package distributions Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the OIDC authentication process, which fails to check the state parameter. An attacker in a MitM position can cause a user to sign data...
Advisory ROSA-SA-2026-3113
software: squid 5.9 WASP: ROSA-CHROME unaffected versions = squid-5.9-3 affected versions squid-5.9-3 CVE-ID: CVE-2023-49285 BDU-ID: 2023-08581 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Squid proxy server is related to an operation exceeding buffer boundaries in memory. Exploitation of the...
PT-2026-8199
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the ALSA aloop driver’s PCM trigger callback. The callback attempts to check the PCM state and stop the stream of a tied substream without proper locking,...
SUSE CVE-2023-54176
In the Linux kernel, the following vulnerability has been resolved: mptcp: stricter state check in mptcpworker As reported by Christoph, the mptcp protocol can run the worker when the relevant msk socket is in an unexpected state: connect // incoming reset + fastclose // the mptcp worker is...
CVE-2023-54176
In the Linux kernel, the following vulnerability has been resolved: mptcp: stricter state check in mptcpworker As reported by Christoph, the mptcp protocol can run the worker when the relevant msk socket is in an unexpected state: connect // incoming reset + fastclose // the mptcp worker is...
UBUNTU-CVE-2023-54176
In the Linux kernel, the following vulnerability has been resolved: mptcp: stricter state check in mptcpworker As reported by Christoph, the mptcp protocol can run the worker when the relevant msk socket is in an unexpected state: connect // incoming reset + fastclose // the mptcp worker is...
CVE-2023-54176
In the Linux kernel, the following vulnerability has been resolved: mptcp: stricter state check in mptcpworker As reported by Christoph, the mptcp protocol can run the worker when the relevant msk socket is in an unexpected state: connect // incoming reset + fastclose // the mptcp worker is...
CVE-2023-54176 mptcp: stricter state check in mptcp_worker
In the Linux kernel, the following vulnerability has been resolved: mptcp: stricter state check in mptcpworker As reported by Christoph, the mptcp protocol can run the worker when the relevant msk socket is in an unexpected state: connect // incoming reset + fastclose // the mptcp worker is...