Lucene search
+L

5890 matches found

RedhatCVE
RedhatCVE
added 2026/05/28 4:42 a.m.12 views

CVE-2026-9801

A flaw was found in Keycloak. A remote attacker with high privileges, such as a realm administrator configuring a malicious Lightweight Directory Access Protocol LDAP server or an attacker compromising an upstream LDAP server, could exploit this vulnerability. By sending a malformed LDAP password...

4.9CVSS5.8AI score0.00476EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:53 a.m.11 views

SUSE CVE-2026-46055

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix string overrun due to missing termination When booting Ubuntu 26.04 with Linux 7.0-rc4 on an ARM64 Qualcomm Snapdragon X1 we see a string buffer overrun: BUG: KASAN: slab-out-of-bounds in aadfamatch...

5.5CVSS5.9AI score0.0015EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.17 views

PT-2026-44426

Name of the Vulnerable Software and Affected Versions Casdoor versions prior to 2.362.1 Description Casdoor fails to verify if a JSON Web Token JWT used for token exchange remains active. The GetTokenExchangeToken function in object/token oauth.go validates the JWT signature and parses its claims...

9.8CVSS5.7AI score0.00405EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.19 views

PT-2026-44194

Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description A flaw allows a remote attacker with high privileges, such as a realm administrator configuring a malicious Lightweight Directory Access Protocol LDAP server or an attacker who has compromis...

4.9CVSS5.8AI score0.00476EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2026/05/27 9:42 p.m.21 views

httpd: mod_proxy_ajp: heap-based buffer over-read due to missing null-termination check

A flaw was found in the modproxyajp module of httpd. When processing AJP Apache JServ Protocol messages, the server fails to properly check if a string is null-terminated before attempting to read it, allowing an attacker or a malformed request to cause a heap-based buffer over-read. This issue...

5.3CVSS5.8AI score0.00485EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/27 9:13 p.m.20 views

httpd: mod_proxy_ajp: heap-based buffer over-read due to missing null-termination check

A flaw was found in the modproxyajp module of httpd. When processing AJP Apache JServ Protocol messages, the server fails to properly check if a string is null-terminated before attempting to read it, allowing an attacker or a malformed request to cause a heap-based buffer over-read. This issue...

5.3CVSS5.8AI score0.00485EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/27 3:49 p.m.62 views

CVE-2026-44319 free5GC: NEF crashes via logger.Fatal on PFD notification delivery failure (attacker-controlled notifyUri)

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF terminates the entire process when a stored PFD-subscription notifyUri cannot be reached. In PfdChangeNotifier.FlushNotifications, the notifier calls NnefPFDmanagementNotify... and on any delivery error...

7.5CVSS0.00404EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/05/27 3:49 p.m.9 views

CVE-2026-44319 free5GC: NEF crashes via logger.Fatal on PFD notification delivery failure (attacker-controlled notifyUri)

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF terminates the entire process when a stored PFD-subscription notifyUri cannot be reached. In PfdChangeNotifier.FlushNotifications, the notifier calls NnefPFDmanagementNotify... and on any delivery error...

7.5CVSS5.8AI score0.00404EPSS
Exploits1References4
NVD
NVD
added 2026/05/27 3:16 p.m.21 views

CVE-2026-44902

opentelemetry-js is the OpenTelemetry JavaScript Client. Prior to 0.217.0, a single malformed HTTP request crashes any Node.js process running the OpenTelemetry JS Prometheus exporter. The metrics endpoint default 0.0.0.0:9464 has no error handling around URL parsing, so a request with an invalid...

7.5CVSS0.00455EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 2:17 p.m.12 views

CVE-2026-46055

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix string overrun due to missing termination When booting Ubuntu 26.04 with Linux 7.0-rc4 on an ARM64 Qualcomm Snapdragon X1 we see a string buffer overrun: BUG: KASAN: slab-out-of-bounds in aadfamatch...

7.1CVSS0.0015EPSS
Exploits0References2
NVD
NVD
added 2026/05/27 2:17 p.m.11 views

CVE-2026-46025

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: fix damoncall vs kdamondfn exit race Patch series "mm/damon/core: fix damoncall/damoswalk vs kdmond exit race". damoncall and damoswalk can leak memory and/or deadlock when they race with kdamond terminations. Fix...

4.7CVSS0.00088EPSS
Exploits0References3
OSV
OSV
added 2026/05/27 2:17 p.m.9 views

UBUNTU-CVE-2026-46055

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix string overrun due to missing termination When booting Ubuntu 26.04 with Linux 7.0-rc4 on an ARM64 Qualcomm Snapdragon X1 we see a string buffer overrun: BUG: KASAN: slab-out-of-bounds in aadfamatch...

7.1CVSS5.8AI score0.0015EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/27 12:57 p.m.17 views

EUVD-2026-32437

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix string overrun due to missing termination When booting Ubuntu 26.04 with Linux 7.0-rc4 on an ARM64 Qualcomm Snapdragon X1 we see a string buffer overrun: BUG: KASAN: slab-out-of-bounds in aadfamatch...

5.9AI score0.0015EPSS
Exploits0References2
CVE
CVE
added 2026/05/27 12:57 p.m.31 views

CVE-2026-46055

CVE-2026-46055 affects the Linux kernel AppArmor LSM. The issue is a missing string terminator in aa_dfa_match, causing a slab-out-of-bounds read/write during path mounting on ARM64 Ubuntu 26.04 with Linux 7.0-rc4 (Snapdragon X1). Reported impact includes potential DoS or information disclosure. ...

7.1CVSS5.9AI score0.0015EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/27 12:57 p.m.51 views

CVE-2026-46055 apparmor: Fix string overrun due to missing termination

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix string overrun due to missing termination When booting Ubuntu 26.04 with Linux 7.0-rc4 on an ARM64 Qualcomm Snapdragon X1 we see a string buffer overrun: BUG: KASAN: slab-out-of-bounds in aadfamatch...

7.1CVSS0.0015EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/05/27 12:57 p.m.18 views

CVE-2026-46055

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix string overrun due to missing termination When booting Ubuntu 26.04 with Linux 7.0-rc4 on an ARM64 Qualcomm Snapdragon X1 we see a string buffer overrun: BUG: KASAN: slab-out-of-bounds in aadfamatch...

7.1CVSS5.8AI score0.0015EPSS
Exploits0
OSV
OSV
added 2026/05/27 12:57 p.m.4 views

CVE-2026-46055 apparmor: Fix string overrun due to missing termination

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix string overrun due to missing termination When booting Ubuntu 26.04 with Linux 7.0-rc4 on an ARM64 Qualcomm Snapdragon X1 we see a string buffer overrun: BUG: KASAN: slab-out-of-bounds in aadfamatch...

7.1CVSS6.6AI score0.0015EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/27 12:56 p.m.21 views

EUVD-2026-32406

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: fix damoncall vs kdamondfn exit race Patch series "mm/damon/core: fix damoncall/damoswalk vs kdmond exit race". damoncall and damoswalk can leak memory and/or deadlock when they race with kdamond terminations. Fix...

5.7AI score0.00088EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/27 12:56 p.m.48 views

CVE-2026-46025 mm/damon/core: fix damon_call() vs kdamond_fn() exit race

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: fix damoncall vs kdamondfn exit race Patch series "mm/damon/core: fix damoncall/damoswalk vs kdmond exit race". damoncall and damoswalk can leak memory and/or deadlock when they race with kdamond terminations. Fix...

0.00088EPSS
Exploits0References3
CVE
CVE
added 2026/05/27 12:56 p.m.27 views

CVE-2026-46025

CVE-2026-46025 relates to a kernel race between damon_call()/damos_walk() and kdamond termination that could leak memory or deadlock. The connected openSUSE advisory confirms openSUSE Tumbleweed users should upgrade to kernel-devel-7.0.11-1.1 (and mentions the CVE in their 2026-10954 advisory). T...

4.7CVSS5.7AI score0.00088EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder