Lucene search
K

179 matches found

CVE
CVE
added 2026/05/08 1:31 p.m.26 views

CVE-2026-43324

The CVE-2026-43324 entry covers a Linux kernel USB dummy-hcd synchronization bug. The issue stems from an emulated synchronize_irq() that ran before emulated interrupt-disable, allowing potential callback races when a gadget driver is unbound. The fix moved synchronization to the dummy_udc_async_...

7.8CVSS5.7AI score0.0013EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-43374

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: nexthop: fix percpu use-after-free in removenhgrpentry When removing a nexthop from a group, removenhgrpentry publishes the new group via rcuassignpointer...

7.8CVSS7.1AI score0.00125EPSS
Exploits0References3
NVD
NVD
added 2026/05/06 10:16 a.m.36 views

CVE-2026-43091

In the Linux kernel, the following vulnerability has been resolved: xfrm: Wait for RCU readers during policy netns exit xfrmpolicyfini frees the policybydst hash tables after flushing the policy work items and deleting all policies, but it does not wait for concurrent RCU readers to leave their...

7.8CVSS0.00128EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/06 7:40 a.m.51 views

CVE-2026-43091 xfrm: Wait for RCU readers during policy netns exit

In the Linux kernel, the following vulnerability has been resolved: xfrm: Wait for RCU readers during policy netns exit xfrmpolicyfini frees the policybydst hash tables after flushing the policy work items and deleting all policies, but it does not wait for concurrent RCU readers to leave their...

7.8CVSS0.00128EPSS
Exploits0References5
CVE
CVE
added 2026/05/06 7:40 a.m.31 views

CVE-2026-43091

The CVE-2026-43091 vulnerability affects the Linux kernel xfrm policy handling during netns exit. The root cause is that xfrm_policy_fini() frees the policy_bydst hash tables after flushing work items and deleting policies, but does not wait for concurrent RCU readers to exit read-side critical s...

7.8CVSS5.8AI score0.00128EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/05/05 11:41 p.m.8 views

CLSA-2026-1777974224 libwebp: Fix of 6 CVEs

CVE-2018-25009: fix out-of-bounds read in GetLE16 by validating VP8X chunk size - CVE-2018-25010: fix heap-based buffer overflow in ApplyFilter by limiting filter radius to image dimensions - CVE-2018-25011: fix heap-based buffer overflow in PutLE16 by rejecting multiple image chunks in ANMF...

9.8CVSS7.5AI score0.02513EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/01 2:15 p.m.28 views

CVE-2026-43050 atm: lec: fix use-after-free in sock_def_readable()

In the Linux kernel, the following vulnerability has been resolved: atm: lec: fix use-after-free in sockdefreadable A race condition exists between lecatmclose setting priv-lecd to NULL and concurrent access to priv-lecd in sendtolecd, lechandlebridge, and lecatmsend. When the socket is freed via...

0.00119EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/04/28 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-31691

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - igb: remove napisynchronize in igbdown When an AFXDP zero-copy application terminates abruptly e.g., kill -9, the XSK buffer pool is destroyed but NAPI polling...

5.5CVSS6.2AI score0.00112EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/27 5:34 p.m.7 views

EUVD-2026-25888

In the Linux kernel, the following vulnerability has been resolved: igb: remove napisynchronize in igbdown When an AFXDP zero-copy application terminates abruptly e.g., kill -9, the XSK buffer pool is destroyed but NAPI polling continues. igbcleanrxirqzc repeatedly returns the full budget,...

5.6AI score0.00112EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.6 views

PT-2026-35497

In the Linux kernel, the following vulnerability has been resolved: igb: remove napi synchronize in igb down When an AF XDP zero-copy application terminates abruptly e.g., kill -9, the XSK buffer pool is destroyed but NAPI polling continues. igb clean rx irq zc repeatedly returns the full budget,...

5.6AI score0.00112EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/04/24 3:16 p.m.8 views

CVE-2026-31541

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix tracemarker copy link list updates When the "copytracemarker" option is enabled for an instance, anything written into /sys/kernel/tracing/tracemarker is also copied into that instances buffer. When the option is set...

7.8CVSS5.5AI score0.00127EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.12 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013836)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013836 advisory. In the Linux kernel, the following vulnerability has been resolved: igb: Fix igbdown hung on surprise removal In a setup where a Thunderbolt hub connects to Ethernet...

7.8CVSS6.3AI score0.00155EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/08 8:30 a.m.24 views

CVE-2026-39713 WordPress Mailercloud – Integrate webforms and synchronize website contacts plugin <= 1.0.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in mailercloud Mailercloud – Integrate webforms and synchronize website contacts mailercloud-integrate-webforms-synchronize-contacts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mailercloud – Integrate webforms and...

5.3CVSS0.00195EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/08 8:30 a.m.2 views

CVE-2026-39713

Missing Authorization vulnerability in mailercloud Mailercloud – Integrate webforms and synchronize website contacts mailercloud-integrate-webforms-synchronize-contacts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mailercloud – Integrate webforms and...

5.3CVSS5.2AI score0.00195EPSS
Exploits0References2
CVE
CVE
added 2026/04/08 8:30 a.m.11 views

CVE-2026-39713

CVE-2026-39713 affects the WordPress plugin Mailercloud – Integrate webforms and synchronize website contacts, vulnerable through an incorrectly configured access control allowing Missing Authorization. Affected versions are n/a through 1.0.7. The issue is described as broken/missing authorizatio...

5.3CVSS5.2AI score0.00195EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/05 3:34 a.m.28 views

CVE-2026-5590 net: ip/tcp: Null pointer dereference can be triggered by a race condition

A race condition during TCP connection teardown can cause tcprecv to operate on a connection that has already been released. If tcpconnsearch returns NULL while processing a SYN packet, a NULL pointer derived from stale context data is passed to tcpbacklogisfull and dereferenced without validatio...

6.4CVSS0.00198EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2026/04/03 11:27 p.m.7 views

SUSE CVE-2026-23469

In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Synchronize interrupts before suspending the GPU The runtime PM suspend callback doesn't know whether the IRQ handler is in progress on a different CPU core and doesn't wait for it to finish. Depending on timing,...

4.7CVSS5.8AI score0.00089EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/03 6:31 p.m.4 views

EUVD-2026-18739

In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Synchronize interrupts before suspending the GPU The runtime PM suspend callback doesn't know whether the IRQ handler is in progress on a different CPU core and doesn't wait for it to finish. Depending on timing,...

5.8AI score0.00089EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/04/03 4:16 p.m.7 views

CVE-2026-23469

In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Synchronize interrupts before suspending the GPU The runtime PM suspend callback doesn't know whether the IRQ handler is in progress on a different CPU core and doesn't wait for it to finish. Depending on timing,...

4.7CVSS5.8AI score0.00089EPSS
Exploits0References5
OSV
OSV
added 2026/04/03 4:16 p.m.8 views

UBUNTU-CVE-2026-23469

In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Synchronize interrupts before suspending the GPU The runtime PM suspend callback doesn't know whether the IRQ handler is in progress on a different CPU core and doesn't wait for it to finish. Depending on timing,...

4.7CVSS5.8AI score0.00089EPSS
Exploits0References6
Rows per page
Query Builder