Lucene search
+L

377 matches found

cve
cve
added 2026/05/13 3:8 p.m.30 views

CVE-2026-43484

CVE-2026-43484 – Linux kernel MMC core : The vulnerability stems from concurrent updates to bitfield flags (claimed and retune_now) sharing a word, enabling write–overwrite of other bits in async contexts and triggering spurious WARN_ON(!host->claimed). The fix moves claimed, can_retune, retun...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References7Affected Software1
redhatcve
redhatcve
added 2026/05/08 8:17 p.m.19 views

CVE-2026-43358

A flaw was found in the Linux kernel's btrfs filesystem. A missing Read-Copy Update RCU unlock in an error path within the tryreleasesubpageextentbuffer function could lead to system instability. This issue, identified by a thread-safety analyzer, may result in a denial of service condition,...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References4
cve
cve
added 2026/05/08 2:21 p.m.26 views

CVE-2026-43358

CVE-2026-43358 affects the Linux kernel's btrfs filesystem. The vulnerability is a missing RCU unlock in the error path of try_release_subpage_extent_buffer(), where rcu_read_lock() should be held before exiting the loop because an rcu_read_unlock() occurs past the loop. The issue was identified ...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References3Affected Software1
osv
osv
added 2026/05/04 1:12 p.m.9 views

JLSEC-2026-427 When doing multi-threaded LDAPS transfers (LDAP over TLS) with libcurl, changing TLS options in...

When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore possibly also affect other concurrently setup transfers. Disabling certificate verification for a specific transfer could unintentionally...

6.3CVSS6.7AI score0.00106EPSS
Exploits0References5
fedora
fedora
added 2026/04/25 1:54 a.m.9 views

[SECURITY] Fedora 44 Update: dtk6log-6.7.32-3.fc44

Simple, convenient and thread safe logger for Qt-based C++ apps...

5.2AI score
Exploits0
f5
f5
added 2026/04/21 8:25 p.m.13 views

K000160935: Curl vulnerability CVE-2025-14017

Security Advisory Description When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore possibly also affect other concurrently setup transfers. Disabling certificate verification for a specific...

6.3CVSS5.7AI score0.00106EPSS
Exploits0
redhat
redhat
added 2026/04/07 7:47 a.m.11 views

freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event

A heap buffer use after free has been discovered in FreeRDP. ainputsendinputevent caches channelcallback in a local variable and later uses it without synchronization; a concurrent channel close can free or reinitialize the callback, leading to a use after free...

8.7CVSS5.9AI score0.00467EPSS
Exploits0References6
redhatcve
redhatcve
added 2026/04/03 3:53 p.m.4 views

CVE-2026-23420

A flaw was found in the Linux kernel's wlcore Wi-Fi driver. This vulnerability involves an improper handling of a locking mechanism, specifically the wl-mutex. This can lead to system instability or unexpected behavior. The issue was identified by a thread-safety analyzer. Mitigation To mitigate...

5.5CVSS5.9AI score0.00091EPSS
Exploits0References4
euvd
euvd
added 2026/04/03 3:30 p.m.6 views

EUVD-2026-18637

In the Linux kernel, the following vulnerability has been resolved: wifi: wlcore: Fix a locking bug Make sure that wl-mutex is locked before it is unlocked. This has been detected by the Clang thread-safety analyzer...

5.7AI score0.00091EPSS
Exploits0References7
ubuntucve
ubuntucve
added 2026/04/03 2:16 p.m.5 views

CVE-2026-23420

In the Linux kernel, the following vulnerability has been resolved: wifi: wlcore: Fix a locking bug Make sure that wl-mutex is locked before it is unlocked. This has been detected by the Clang thread-safety analyzer...

5.5CVSS5.7AI score0.00091EPSS
Exploits0References8
osv
osv
added 2026/04/03 2:16 p.m.8 views

UBUNTU-CVE-2026-23420

In the Linux kernel, the following vulnerability has been resolved: wifi: wlcore: Fix a locking bug Make sure that wl-mutex is locked before it is unlocked. This has been detected by the Clang thread-safety analyzer...

5.5CVSS5.7AI score0.00091EPSS
Exploits0References9
cve
cve
added 2026/04/03 1:24 p.m.23 views

CVE-2026-23420

CVE-2026-23420 affects the Linux kernel wlcore Wi‑Fi driver. The issue is a locking-order bug where wl->mutex could be unlocked without being held, as identified by a Clang thread-safety analyzer. This is associated with potential synchronization instability; patches exist in Rootio‑Linux pack...

5.5CVSS5.7AI score0.00091EPSS
Exploits0References8Affected Software1
osv
osv
added 2026/04/03 1:24 p.m.2 views

CVE-2026-23420 wifi: wlcore: Fix a locking bug

In the Linux kernel, the following vulnerability has been resolved: wifi: wlcore: Fix a locking bug Make sure that wl-mutex is locked before it is unlocked. This has been detected by the Clang thread-safety analyzer...

5.5CVSS5.8AI score0.00091EPSS
Exploits0References11
hackerone
hackerone
added 2026/03/30 9:50 p.m.11 views

curl: Use-After-Free race condition in url_move_hostname() via shared connection pool

Summary: In lib/url.c, urlconnreuseadjust calls urlmovehostname which frees conn-host.rawalloc and conn-host.encalloc via Curlsafefree and Curlfreeidnconvertedhostname after Curlcpoolfind has already released the connection pool lock. A second thread doing a concurrent pool lookup still holds tha...

5.9AI score
Exploits0
openvas
openvas
added 2026/03/16 12:0 a.m.5 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2026-1478)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.8AI score0.01301EPSS
Exploits5References2
euvd
euvd
added 2026/02/25 8:27 p.m.6 views

EUVD-2026-8733

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfAppUpdateWindowFromSurface reads from a freed xfAppWindow because the RDPGFX DVC thread obtains a bare pointer via xfrailgetwindow without any lifetime protection, while the main thread can concurrently...

6.9CVSS5.5AI score0.00587EPSS
Exploits1References10
osv
osv
added 2026/02/25 7:23 p.m.4 views

GHSA-X43W-PH7M-PFJX hexchat crate has a Use After Free vulnerability

All versions of this crate have function deregistercommand which can result in use after free. This is unsound. In addition, all versions since 0.3.0 have "safe" macros, which are documented as unsafe to use in threads. In addition, the hexchat crate is no longer actively maintained. If users rel...

9.2CVSS5.5AI score
Exploits0References3
github
github
added 2026/02/25 7:23 p.m.15 views

hexchat crate has a Use After Free vulnerability

All versions of this crate have function deregistercommand which can result in use after free. This is unsound. In addition, all versions since 0.3.0 have "safe" macros, which are documented as unsafe to use in threads. In addition, the hexchat crate is no longer actively maintained. If users rel...

5.4AI score
Exploits0References3Affected Software1
osv
osv
added 2026/02/14 4:1 p.m.6 views

CVE-2026-23150 nfc: llcp: Fix memleak in nfc_llcp_send_ui_frame().

In the Linux kernel, the following vulnerability has been resolved: nfc: llcp: Fix memleak in nfcllcpsenduiframe. syzbot reported various memory leaks related to NFC, struct nfcllcpsock, skbuff, nfcdev, etc. 0 The leading log hinted that nfcllcpsenduiframe failed to allocate skb due to sockerrors...

5.5CVSS5.2AI score0.00115EPSS
Exploits0References10
fedora
fedora
added 2026/02/11 1:0 a.m.9 views

[SECURITY] Fedora 42 Update: rust-git2-0.20.4-1.fc42

Bindings to libgit2 for interoperating with git repositories. This library is both threadsafe and memory safe and allows both reading and writing git repositories...

7.5CVSS5.5AI score0.00443EPSS
Exploits1
Rows per page
Query Builder