Lucene search
K

2480 matches found

RedHat Linux
RedHat Linux
added yesterday5 views

org.apache.cxf: Apache CXF: Denial of Service vulnerability with temporary files

A flaw was found in Apache CXF. In some edge cases with large data stream caching, the CachedOutputStream instances may not be closed and, if backed by temporary files, may fill up the file system and trigger a denial of service...

7.5CVSS6.5AI score0.01941EPSS
Exploits0References5
OPENSUSE Linux
OPENSUSE Linux
added 2 days ago6 views

Security update for xtrabackup (moderate)

openSUSE Security Update: Security update for xtrabackup Announcement ID: openSUSE-SU-2026:0221-1 Rating: moderate References: 1244285 Cross-References: CVE-2025-5918 CVSS scores: CVE-2025-5918 SUSE: 2.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N Affected Products: openSUSE...

2.4CVSS5.8AI score0.00341EPSS
Exploits0References1
NVD
NVD
added 3 days ago10 views

CVE-2026-58052

7-Zip for Windows through 26.02 fails to preserve the Mark-of-the-Web when extracting a crafted RAR5 archive, because its guard that suppresses an archive-supplied Zone.Identifier stream matches the exact name 'Zone.Identifier' while a RAR5 STM record named ':Zone.Identifier:$DATA' is not matched...

4.8CVSS0.00119EPSS
Exploits0References3
EUVD
EUVD
added 3 days ago7 views

EUVD-2026-39972

7-Zip for Windows through 26.02 fails to preserve the Mark-of-the-Web when extracting a crafted RAR5 archive, because its guard that suppresses an archive-supplied Zone.Identifier stream matches the exact name 'Zone.Identifier' while a RAR5 STM record named ':Zone.Identifier:$DATA' is not matched...

4.8CVSS5.8AI score0.00119EPSS
Exploits0References3
CVE
CVE
added 3 days ago28 views

CVE-2026-58052

Technical details are not publicly available in the provided documents; monitor for updates.

4.8CVSS5.8AI score0.00119EPSS
Exploits0References3Affected Software1
Microsoft CVE
Microsoft CVE
added 4 days ago7 views

ALSA: PCM: Fix wait queue list corruption in snd_pcm_drain() on linked streams

...

7.8CVSS5.8AI score0.00138EPSS
Exploits0
EUVD
EUVD
added 5 days ago9 views

EUVD-2026-36601

Nezha Monitoring: Unbounded WebSocket Streams — Resource Exhaustion DoS...

6.5CVSS5.8AI score0.00289EPSS
Exploits0References2
Cvelist
Cvelist
added 5 days ago35 views

CVE-2026-11625 Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes

Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes. When an object is initialised before forking, or when the functional interface is used, then the internal state for the PRNG is shared across processes and identical random streams will be produced...

0.00309EPSS
Exploits0References4
EUVD
EUVD
added 5 days ago9 views

EUVD-2026-39640

Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes. When an object is initialised before forking, or when the functional interface is used, then the internal state for the PRNG is shared across processes and identical random streams will be produced...

7.5CVSS5.7AI score0.00447EPSS
Exploits0References4
Debian CVE
Debian CVE
added 6 days ago4 views

CVE-2026-40211

An attacker can send crafted DNS over HTTP/3 queries, triggering an exception that prevents some buffer from being freed right away. The buffer will be freed at the end of the QUIC connection, but on some setups it might be possible to open enough concurrent DoH3 streams to trigger an out-of-memo...

5.3CVSS6.1AI score0.00413EPSS
Exploits0
OSV
OSV
added 6 days ago3 views

UBUNTU-CVE-2026-53242

In the Linux kernel, the following vulnerability has been resolved: ALSA: PCM: Fix wait queue list corruption in sndpcmdrain on linked streams sndpcmdrain uses initwaitqueueentry which does not clear entry.prev/next, and addwaitqueue with a conditional removewaitqueue that is skipped when tocheck...

7.8CVSS5.7AI score0.00138EPSS
Exploits0References10
Cvelist
Cvelist
added 6 days ago26 views

CVE-2026-53242 ALSA: PCM: Fix wait queue list corruption in snd_pcm_drain() on linked streams

In the Linux kernel, the following vulnerability has been resolved: ALSA: PCM: Fix wait queue list corruption in sndpcmdrain on linked streams sndpcmdrain uses initwaitqueueentry which does not clear entry.prev/next, and addwaitqueue with a conditional removewaitqueue that is skipped when tocheck...

7.8CVSS0.00138EPSS
Exploits0References7
EUVD
EUVD
added 6 days ago4 views

EUVD-2026-39193

In the Linux kernel, the following vulnerability has been resolved: ALSA: PCM: Fix wait queue list corruption in sndpcmdrain on linked streams sndpcmdrain uses initwaitqueueentry which does not clear entry.prev/next, and addwaitqueue with a conditional removewaitqueue that is skipped when tocheck...

5.8AI score0.00138EPSS
Exploits0References7
Debian CVE
Debian CVE
added 6 days ago3 views

CVE-2026-53242

In the Linux kernel, the following vulnerability has been resolved: ALSA: PCM: Fix wait queue list corruption in sndpcmdrain on linked streams sndpcmdrain uses initwaitqueueentry which does not clear entry.prev/next, and addwaitqueue with a conditional removewaitqueue that is skipped when tocheck...

7.8CVSS5.7AI score0.00138EPSS
Exploits0
CVE
CVE
added 6 days ago11 views

CVE-2026-53242

CVE-2026-53242 affects the Linux kernel ALSA PCM path (snd_pcm_drain) on linked streams. The bug arises from wait queue handling: init_waitqueue_entry does not clear prev/next and add_wait_queue/remove_wait_queue sequencing can leave an orphaned wait entry on an old sleep queue after UNLINK, caus...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added last week15 views

Malicious code in leo-streams (npm)

The leo-streams npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...

5.8AI score
Exploits0References3
RedhatCVE
RedhatCVE
added last week7 views

CVE-2026-52929

A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP stream handling. When an attempt to add outgoing streams is denied, the system fails to fully roll back the associated state. This incomplete rollback can leave behind stale stream metadata, which a subsequent stream...

7.5CVSS5.8AI score0.00394EPSS
Exploits0References4
NVD
NVD
added last week8 views

CVE-2026-52929

In the Linux kernel, the following vulnerability has been resolved: sctp: stream: fully roll back denied add-stream state When ADDOUTSTREAMS is denied, SCTP only shrinks the queued chunks and then lowers outcnt. That leaves removed stream metadata behind, so a later re-add can reuse a stale ext a...

7.5CVSS0.00394EPSS
Exploits0References8
EUVD
EUVD
added last week10 views

EUVD-2026-38699

In the Linux kernel, the following vulnerability has been resolved: sctp: stream: fully roll back denied add-stream state When ADDOUTSTREAMS is denied, SCTP only shrinks the queued chunks and then lowers outcnt. That leaves removed stream metadata behind, so a later re-add can reuse a stale ext a...

5.7AI score0.00394EPSS
Exploits0References8
CVE
CVE
added last week9 views

CVE-2026-52929

The CVE affects the Linux kernel SCTP stream handling. When ADD_OUT_STREAMS is denied, the rollback only shrinks queued chunks and lowers outcnt, leaving removed stream metadata behind. A subsequent re-add can reuse a stale ext and trigger a null-pointer dereference in the scheduler get path, pot...

7.5CVSS5.7AI score0.00394EPSS
Exploits0References8
Rows per page
Query Builder