Lucene search
K

457 matches found

Vulnrichment
Vulnrichment
added 2026/07/02 4:6 p.m.13 views

CVE-2026-54886 SSH SFTP server denial of service via extended channel data infinite loop

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to render an SFTP channel permanently unresponsive. The handledata/4 function in sshsftpd contains a catch-all clause that accepts channel data of any type. When...

5.3CVSS6AI score0.0033EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/17 6:53 a.m.7 views

kernel: mm/page_alloc: clear page->private in free_pages_prepare()

A flaw was found in the Linux kernel's memory management subsystem. When pages are freed, the page-private field is not properly cleared. If these pages are later reallocated as high-order pages and split, the tail pages can retain stale page-private values. This can lead to a use-after-free...

7.8CVSS5.4AI score0.0013EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/06/09 2:21 a.m.17 views

SUSE CVE-2026-46274

In the Linux kernel, the following vulnerability has been resolved: io-wq: check that the predecessor is hashed in iowqremovepending iowqremovepending needs to fix up wq-hashtail if the cancelled work was the tail of its hash bucket. When doing this, it checks whether the preceding entry in...

7CVSS5.4AI score0.00138EPSS
Exploits0References10
NVD
NVD
added 2026/06/08 4:16 p.m.11 views

CVE-2026-46274

In the Linux kernel, the following vulnerability has been resolved: io-wq: check that the predecessor is hashed in iowqremovepending iowqremovepending needs to fix up wq-hashtail if the cancelled work was the tail of its hash bucket. When doing this, it checks whether the preceding entry in...

7.8CVSS0.00138EPSS
Exploits0References5
CVE
CVE
added 2026/06/08 2:30 p.m.48 views

CVE-2026-46274

CVE-2026-46274 (Linux kernel, io_wq) has concrete details: a bug in io_wq_remove_pending() allowed a non-hashed predecessor to be treated as hashed, causing a stale pointer in wq->hash_tail[] to persist and be dereferenced by future hashed bucket-0 enqueues. The root cause is that io_get_work_...

7.8CVSS5.4AI score0.00138EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/06/08 2:30 p.m.47 views

CVE-2026-46274 io-wq: check that the predecessor is hashed in io_wq_remove_pending()

In the Linux kernel, the following vulnerability has been resolved: io-wq: check that the predecessor is hashed in iowqremovepending iowqremovepending needs to fix up wq-hashtail if the cancelled work was the tail of its hash bucket. When doing this, it checks whether the preceding entry in...

7.8CVSS0.00138EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-46274

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - io-wq: check that the predecessor is hashed in iowqremovepending iowqremovepending needs to fix up wq-hashtail if the cancelled work was the tail of its hash...

7.8CVSS6AI score0.00138EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.15 views

PT-2026-47326

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.12-1.1 Description A flaw exists in the io wq remove pending function where it fails to verify if a predecessor entry is hashed when updating the wq-hash tail array. When a hashed bucket-0 work item is...

9.8CVSS5.2AI score0.00574EPSS
Exploits0References445
Cvelist
Cvelist
added 2026/05/29 4:10 p.m.37 views

CVE-2026-45633 Dokploy: Command Injection in /docker-container-logs Endpoint

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.26.6 and earlier, Dokploy contains a command injection vulnerability in the /docker-container-logs WebSocket endpoint. The tail and since parameters are not validated and are directly concatenated into shell commands, allowing...

9.9CVSS0.00922EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/29 4:10 p.m.13 views

CVE-2026-45633

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.26.6 and earlier, Dokploy contains a command injection vulnerability in the /docker-container-logs WebSocket endpoint. The tail and since parameters are not validated and are directly concatenated into shell commands, allowing...

9.9CVSS6.1AI score0.00922EPSS
Exploits0References2Affected Software1
SUSE CVE
SUSE CVE
added 2026/05/28 3:54 a.m.16 views

SUSE CVE-2026-46033

In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - reject short ahash digests during instance creation authencesn requires either a zero authsize or an authsize of at least 4 bytes because the ESN encrypt/decrypt paths always move 4 bytes of high-order sequen...

5.5CVSS5.8AI score0.00129EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/05/28 2:21 a.m.19 views

kernel: mm/page_alloc: clear page->private in free_pages_prepare()

A flaw was found in the Linux kernel's memory management subsystem. When pages are freed, the page-private field is not properly cleared. If these pages are later reallocated as high-order pages and split, the tail pages can retain stale page-private values. This can lead to a use-after-free...

7.8CVSS5.8AI score0.0013EPSS
Exploits0References5
NVD
NVD
added 2026/05/27 2:17 p.m.12 views

CVE-2026-46033

In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - reject short ahash digests during instance creation authencesn requires either a zero authsize or an authsize of at least 4 bytes because the ESN encrypt/decrypt paths always move 4 bytes of high-order sequen...

7.1CVSS0.00129EPSS
Exploits0References11
OSV
OSV
added 2026/05/27 2:17 p.m.9 views

UBUNTU-CVE-2026-46033

In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - reject short ahash digests during instance creation authencesn requires either a zero authsize or an authsize of at least 4 bytes because the ESN encrypt/decrypt paths always move 4 bytes of high-order sequen...

7.1CVSS5.7AI score0.00129EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:56 p.m.7 views

CVE-2026-46033

In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - reject short ahash digests during instance creation authencesn requires either a zero authsize or an authsize of at least 4 bytes because the ESN encrypt/decrypt paths always move 4 bytes of high-order sequen...

5.7AI score0.00129EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2026/05/26 7:45 p.m.13 views

JLSEC-2026-559

In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read...

7.5CVSS7.2AI score0.01418EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.13 views

PT-2026-47117

In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read...

5.7AI score
Exploits0References4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: erofs: fixed buffer copy overflow in the ztailpacking feature I received the following KASAN reports: 46.959378 ================================================================== 46.960430 BUG: KASAN: use-after-free in...

7.8CVSS6.3AI score0.00249EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: core: The unnecessary framesz check in bpfxdpadjusttail has been removed. Syzkaller reported the following issue: ======================================= “Too big” – xdp-framesz = 131072 WARNING: CPU: 0, PID: 5020, at...

6.4AI score0.00168EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.11 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: skbuff: Account for tail adjustment during pull operations Extending the tail of a data structure may have some unexpected side effects if a program uses a helper function like BPFFUNCskbpulldata to read partial content beyond th...

5.5CVSS5.9AI score0.00196EPSS
Exploits0References2
Rows per page
Query Builder