Lucene search
K

854 matches found

OSV
OSV
added 2026/06/30 1:19 p.m.10 views

UBUNTU-CVE-2026-53433

fzf is vulnerable to a Denial of Service DoS due to inefficient HTTP body processing in the --listen mode due to inefficient HTTP body processing using repeated string concatenation, resulting in quadratic time complexity On². A crafted POST request with many small segments can trigger excessive...

7.5CVSS5.7AI score0.00243EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/30 12:1 p.m.11 views

EUVD-2026-40303

fzf is vulnerable to a Denial of Service DoS due to inefficient HTTP body processing in the --listen mode due to inefficient HTTP body processing using repeated string concatenation, resulting in quadratic time complexity On². A crafted POST request with many small segments can trigger excessive...

5.7CVSS5.7AI score0.00243EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/30 12:1 p.m.5 views

CVE-2026-53433

fzf is vulnerable to a Denial of Service DoS due to inefficient HTTP body processing in the --listen mode due to inefficient HTTP body processing using repeated string concatenation, resulting in quadratic time complexity On². A crafted POST request with many small segments can trigger excessive...

7.5CVSS5.8AI score0.00215EPSS
Exploits0
EUVD
EUVD
added 2026/06/24 6:32 p.m.4 views

EUVD-2026-38813

In the Linux kernel, the following vulnerability has been resolved: Revert "wireguard: device: enable threaded NAPI" This reverts commit 933466fc50a8e4eb167acbd0d8ec96a078462e9c which is commit db9ae3b6b43c79b1ba87eea849fd65efa05b4b2e upstream. We have had three independent production user report...

5.8AI score0.00307EPSS
Exploits0References2
NVD
NVD
added 2026/06/24 5:17 p.m.6 views

CVE-2026-52945

In the Linux kernel, the following vulnerability has been resolved: Revert "wireguard: device: enable threaded NAPI" This reverts commit 933466fc50a8e4eb167acbd0d8ec96a078462e9c which is commit db9ae3b6b43c79b1ba87eea849fd65efa05b4b2e upstream. We have had three independent production user report...

7.5CVSS0.00307EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:26 p.m.5 views

CVE-2026-52945

In the Linux kernel, the following vulnerability has been resolved: Revert "wireguard: device: enable threaded NAPI" This reverts commit 933466fc50a8e4eb167acbd0d8ec96a078462e9c which is commit db9ae3b6b43c79b1ba87eea849fd65efa05b4b2e upstream. We have had three independent production user report...

7.5CVSS5.7AI score0.00307EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/06/24 4:26 p.m.13 views

CVE-2026-52945

The CVE-2026-52945 entry describes a Linux kernel vulnerability in the WireGuard component where enabling threaded NAPI can cause the decryption path for a WireGuard peer to stall under heavy network load (notably with Cilium), effectively causing a DoS for that peer while other peers remain func...

7.5CVSS5.8AI score0.00307EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/24 4:26 p.m.32 views

CVE-2026-52945 Revert "wireguard: device: enable threaded NAPI"

In the Linux kernel, the following vulnerability has been resolved: Revert "wireguard: device: enable threaded NAPI" This reverts commit 933466fc50a8e4eb167acbd0d8ec96a078462e9c which is commit db9ae3b6b43c79b1ba87eea849fd65efa05b4b2e upstream. We have had three independent production user report...

7.5CVSS0.00307EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: “Revert ‘wireguard: device: enable threaded NAPI’” This resolution corresponds to commit 933466fc50a8e4eb167acbd0d8ec96a078462e9c, which is a commit from upstream. We have received three independent reports from production users...

7.5CVSS5.7AI score0.00307EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.7 views

PT-2026-51839

Name of the Vulnerable Software and Affected Versions Linux kernel versions 5.15 and 6.1 Description An issue exists in the WireGuard driver where the decryption side can stop working completely for a specific peer under heavy networking load. This occurs when the system is under pressure and the...

7.5CVSS5.7AI score0.00307EPSS
Exploits0References13
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Fixed a deadlock in the soft reset sequence. The soft reset sequence is currently executed from the threaded IRQ handler. Therefore, it cannot call disableirq because it internally waits for the IRQ handlers—i.e....

5.5CVSS5.7AI score0.00094EPSS
Exploits0References1
RustSec
RustSec
added 2026/06/11 12:0 p.m.11 views

Missing `Sync` bound on `PyCFunction::new_closure` closures

PyCFunction::newclosure and the temporary newclosurebound complement in the 0.21–0.22 series required the supplied closure to be Send + 'static but not Sync. The resulting PyCFunction is a Python callable that can be invoked from any Python thread, which means the closure may be called concurrent...

5.5AI score
Exploits0Affected Software1
RubySec
RubySec
added 2026/06/09 12:0 a.m.11 views

Net::IMAP: Denial of Service via incomplete raw argument validation

Summary Several Net::IMAP commands accept a raw string argument which is only validated to prevent CRLF injection and then sent verbatim. If this string is derived from user-controlled input, an attacker can force the next command to be absorbed as a continuation of the first command. This will...

2.1CVSS5.7AI score0.00239EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/08 7:8 p.m.10 views

CVE-2026-46297

A flaw was found in the Linux kernel's libwx network driver. Incorrect handling of virtual function VF miscellaneous interrupts, specifically using requestthreadedirq with a null threaded handler and the IRQFONESHOT flag, can trigger a kernel warning. This issue may lead to system instability or...

5.5CVSS5.5AI score0.00112EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/08 3:46 p.m.41 views

CVE-2026-46297 net: libwx: use request_irq for VF misc interrupt

In the Linux kernel, the following vulnerability has been resolved: net: libwx: use requestirq for VF misc interrupt Currently, requestthreadedirq is used with a primary handler but a NULL threaded handler, while also setting the IRQFONESHOT flag. This specific combination triggers a WARNING sinc...

0.00112EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/08 3:46 p.m.13 views

EUVD-2026-35163

In the Linux kernel, the following vulnerability has been resolved: net: libwx: use requestirq for VF misc interrupt Currently, requestthreadedirq is used with a primary handler but a NULL threaded handler, while also setting the IRQFONESHOT flag. This specific combination triggers a WARNING sinc...

5.4AI score0.00112EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.13 views

PT-2026-47369

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.12-1.1 Description An issue exists in the libwx network component where request threaded irq is used with a primary handler but a NULL threaded...

9.8CVSS5.4AI score0.00457EPSS
Exploits0References74
GithubExploit
GithubExploit
added 2026/06/02 10:53 a.m.169 views

Exploit for CVE-2026-8206

CVE-2026-8206 - Kirki WordPress Plugin Mass Exploit !Python...

9.8CVSS6AI score0.0126EPSS
Exploits5
Vulnrichment
Vulnrichment
added 2026/05/27 8:10 p.m.8 views

CVE-2026-47270 pam_usb: strtok() race condition in multi-threaded PAM hosts can corrupt deny_remote result

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, pamusb is a PAM module loaded into the host process sudo, login, GDM, GNOME Shell. Display managers such as GDM run multiple concurrent authentication threads. Three functions used by the denyremote...

6.3CVSS5.9AI score0.00108EPSS
Exploits0References3
Fedora
Fedora
added 2026/05/21 3:17 a.m.19 views

[SECURITY] Fedora 42 Update: mysql8.4-8.4.9-1.fc42

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...

6.5CVSS7.3AI score0.00323EPSS
Exploits0
Rows per page
Query Builder