Lucene search
+L

143 matches found

CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel. This vulnerability arises from the manaib driver failing to disable vPort RX steering when destroying RSS QP. As a resul...

5.8AI score0.00129EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.13 views

CVE-2026-46084

In the Linux kernel, the following vulnerability has been resolved: RDMA/manaib: Disable RX steering on RSS QP destroy When an RSS QP is destroyed e.g. DPDK exit, manaibdestroyqprss destroys the RX WQ objects but does not disable vPort RX steering in firmware. This leaves stale steering...

7.8CVSS6AI score0.00129EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2026-46084

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/manaib: Disable RX steering on RSS QP destroy When an RSS QP is destroyed e.g. DPDK exit, manaibdestroyqprss destroys the RX WQ objects but does not disabl...

7.8CVSS6.1AI score0.00129EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: idpf: A memory leak in the flow steering list has been fixed in rmmod. The flow steering list maintains entries that are added and removed as ethtool creates and deletes flow steering rules. Removing a module with active entries...

5.5CVSS5.7AI score0.00132EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix tc flower deletion for VLAN priority Rx steering To replicate the issue: 1 Add a tc flower filter for VLAN Priority-based frame steering: $ IFDEVNAME=eth0 $ tc qdisc add dev $IFDEVNAME ingress $ tc qdisc add dev...

5.5CVSS6.2AI score0.00208EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ice: Fixed a memory leak in aRFS after reset. The memory leak in aRFS structures was fixed by adding a check to verify whether the aRFS memory has already been allocated during VSI configuration. aRFS objects are allocated in two...

5.5CVSS6.4AI score0.00182EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5: Fixed the cleanup of steering rules The vport’s unicast, multicast, and multicast rules are not deleted during the teardown process when EEH occurs. Since the vport’s promiscuous settings unicast, unicast, and...

5.5CVSS6.4AI score0.00183EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Networks: Do not pass flowid to setrpscpu. The responsible commit made the assumption that the RPS table for each receive queue would have the same size, and that it would not change. When computing flowid in setrpscpu, do not...

9.8CVSS5.7AI score0.00481EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: HWS, fix the definer’s HWSSET32 macro for negative offsets When the bit offset of the HWSSET32 macro is negative, UBSAN reports a out-of-bounds shift. UBSAN: out-of-bounds in...

7.8CVSS6.3AI score0.00201EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.8 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021635)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021635 advisory. In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix steering rules cleanup vport's mc, uc and multicast rules are not deleted in teardo...

5.5CVSS6.3AI score0.00183EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2026/05/10 12:0 a.m.10 views

Trust Me, Import This: Dependency Steering Attacks Via Malicious Agent Skills

LLM-powered coding agents increasingly make software supply chain decisions. They generate imports, recommend packages, and write installation commands. Prior work showed that these systems can hallucinate non-existent package names, which attackers may register as malicious packages. In this...

5.8AI score
Exploits0
OSV
OSV
added 2026/05/06 11:42 p.m.4 views

GHSA-69XR-M8H6-H664 Angular SSR has Open Redirect and Request Steering via Encoded X-Forwarded-Prefix

Description A vulnerability exists in the X-Forwarded-Prefix header processing logic within Angular SSR. The internal validation mechanism fails to properly account for URL-encoded characters, specifically dots %2e%2e. This allows an attacker to bypass security filters by injecting encoded path...

6.9CVSS5.8AI score0.00203EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/05/06 9:37 p.m.11 views

CVE-2026-43208

A flaw was found in the Linux kernel's networking component. An incorrect assumption about the size and immutability of the Receive Packet Steering RPS table could lead to an out-of-bounds memory access. This vulnerability, occurring during the computation of flowid in the setrpscpu function, cou...

9.8CVSS5.7AI score0.00481EPSS
Exploits0References4
NVD
NVD
added 2026/04/28 7:37 p.m.4 views

CVE-2026-41393

OpenClaw before 2026.3.31 contains a wide-area discovery vulnerability allowing arbitrary tailnet peers to be accepted as DNS authorities. Attackers with same-tailnet position and CA-trusted endpoint access can exfiltrate operator credentials through DNS steering manipulation...

5.9CVSS0.00117EPSS
Exploits0References3
OSV
OSV
added 2026/04/28 6:9 p.m.2 views

CVE-2026-41393 OpenClaw < 2026.3.31 - Arbitrary DNS Authority Acceptance and Credential Exfiltration via Wide-Area Discovery

OpenClaw before 2026.3.31 contains a wide-area discovery vulnerability allowing arbitrary tailnet peers to be accepted as DNS authorities. Attackers with same-tailnet position and CA-trusted endpoint access can exfiltrate operator credentials through DNS steering manipulation...

5.9CVSS6AI score0.00117EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.10 views

PT-2026-35777

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.31 Description A wide-area discovery issue allows arbitrary tailnet peers to be accepted as DNS authorities. Attackers with same-tailnet position and CA-trusted endpoint access can exfiltrate operator...

5.9CVSS5.9AI score0.00117EPSS
Exploits0References6
Packet Storm News
Packet Storm News
added 2026/04/17 12:0 a.m.22 views

Surgical Repair of Insecure Code Generation in LLMs

Large language models write production code, and yet they routinely introduce well-known vulnerabilities. We show that this is not a knowledge deficit: the same models that generate insecure code, correctly identify and explain the vulnerability when asked directly, this is a gap we call the...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/11 12:0 a.m.9 views

Jailbreaking the Matrix: Nullspace Steering for Controlled Model Subversion

Large language models remain vulnerable to jailbreak attacks -- inputs designed to bypass safety mechanisms and elicit harmful responses -- despite advances in alignment and instruction tuning. We propose Head-Masked Nullspace Steering HMNS, a circuit-level intervention that i identifies attentio...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/14 12:0 a.m.4 views

Experimental Evaluation of Security Attacks on Self-Driving Car Platforms

Deep learning-based perception pipelines in autonomous ground vehicles are vulnerable to both adversarial manipulation and network-layer disruption. We present a systematic, on-hardware experimental evaluation of five attack classes: FGSM, PGD, man-in-the-middle MitM, denial-of-service DoS, and...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/11 12:0 a.m.3 views

Security-By-Design for LLM-Based Code Generation: Leveraging Internal Representations for Concept-Driven Steering Mechanisms

Large Language Models LLMs show remarkable capabilities in understanding natural language and generating complex code. However, as practitioners adopt CodeLLMs for increasingly critical development tasks, research reveals that these models frequently generate functionally correct yet insecure cod...

5.9AI score
Exploits0
Rows per page
Query Builder