Lucene search
K

206 matches found

NVD
NVD
added 2026/05/08 3:16 p.m.6 views

CVE-2026-43382

In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid double-rtnllock ELP metric worker batadvvelpgetthroughput might be called when the RTNL lock is already held. This could be problematic when the work queue item is cancelled via canceldelayedworksync in...

5.5CVSS0.00095EPSS
Exploits0References8
OSV
OSV
added 2026/05/08 3:16 p.m.10 views

UBUNTU-CVE-2026-43382

In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid double-rtnllock ELP metric worker batadvvelpgetthroughput might be called when the RTNL lock is already held. This could be problematic when the work queue item is cancelled via canceldelayedworksync in...

5.5CVSS5.4AI score0.00095EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/05/08 2:21 p.m.30 views

CVE-2026-43382 batman-adv: Avoid double-rtnl_lock ELP metric worker

In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid double-rtnllock ELP metric worker batadvvelpgetthroughput might be called when the RTNL lock is already held. This could be problematic when the work queue item is cancelled via canceldelayedworksync in...

0.00095EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/05/07 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-43254

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ovpn: tcp - fix packet extraction from stream When processing TCP stream data in ovpntcprecv, we receive large cloned skbs from strprcv that may contain multipl...

7.5CVSS7.1AI score0.00451EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/06 12:30 p.m.33 views

EUVD-2026-27815

In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - fix packet extraction from stream When processing TCP stream data in ovpntcprecv, we receive large cloned skbs from strprcv that may contain multiple coalesced packets. The current implementation has two bugs: 1. Head...

5.7AI score0.00451EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/06 11:28 a.m.8 views

CVE-2026-43254

In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - fix packet extraction from stream When processing TCP stream data in ovpntcprecv, we receive large cloned skbs from strprcv that may contain multiple coalesced packets. The current implementation has two bugs: 1...

5.8AI score0.00451EPSS
Exploits0References4Affected Software1
Packet Storm News
Packet Storm News
added 2026/05/06 12:0 a.m.17 views

GLiNER Guard: Unified Encoder Family for Production LLM Safety and Privacy

Production LLM systems require both safety moderation and PII detection under strict latency and cost constraints. This creates a trade-off: autoregressive moderators are accurate but expensive, while lightweight encoders are faster but less capable. We present GLiNER Guard GLiGuard, a unified...

5.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.12 views

PT-2026-37594

In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - fix packet extraction from stream When processing TCP stream data in ovpn tcp recv, we receive large cloned skbs from strp rcv that may contain multiple coalesced packets. The current implementation has two bugs: 1...

5.7AI score0.00451EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.9 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to check the TDLS flag in the ieee80211tdlsoper function, which could result in a non-TDLS site...

7.1CVSS5.8AI score0.00117EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/21 1:27 a.m.4 views

EUVD-2026-24041

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Versions 3.4.0 through 3.4.9 have a signed integer overflow vulnerability in OpenEXR's HTJ2K High-Throughput JPEG 2000 decompression path. The htundoimp...

5.3CVSS5.8AI score0.00302EPSS
Exploits1References2
AlpineLinux
AlpineLinux
added 2026/04/21 1:27 a.m.4 views

CVE-2026-39886

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Versions 3.4.0 through 3.4.9 have a signed integer overflow vulnerability in OpenEXR's HTJ2K High-Throughput JPEG 2000 decompression path. The htundoimp...

5.3CVSS5.8AI score0.00302EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/03/30 10:52 p.m.6 views

CVE-2026-33872

elixir-nodejs provides an Elixir API for calling Node.js functions. A vulnerability in versions prior to 3.1.4 results in Cross-User Data Leakage or Information Disclosure due to a race condition in the worker protocol. The lack of request-response correlation creates a "stale response"...

7.1CVSS6AI score0.00315EPSS
Exploits0References1
Fedora
Fedora
added 2026/03/28 1:7 a.m.10 views

[SECURITY] Fedora 42 Update: htslib-1.23.1-1.fc42

HTSlib is an implementation of a unified C library for accessing common file formats, such as SAM, CRAM and VCF, used for high-throughput sequencing data, and is the core library used by samtools and bcftools...

8.8CVSS5.8AI score0.00373EPSS
Exploits0
Fedora
Fedora
added 2026/03/28 12:46 a.m.8 views

[SECURITY] Fedora 43 Update: htslib-1.23.1-1.fc43

HTSlib is an implementation of a unified C library for accessing common file formats, such as SAM, CRAM and VCF, used for high-throughput sequencing data, and is the core library used by samtools and bcftools...

8.8CVSS5.8AI score0.00373EPSS
Exploits0
Cvelist
Cvelist
added 2026/03/27 8:1 p.m.28 views

CVE-2026-33872 elixir-nodejs has Cross-User Data Leakage or Information Disclosure due to Worker Protocol Race Condition

elixir-nodejs provides an Elixir API for calling Node.js functions. A vulnerability in versions prior to 3.1.4 results in Cross-User Data Leakage or Information Disclosure due to a race condition in the worker protocol. The lack of request-response correlation creates a "stale response"...

7.1CVSS0.00315EPSS
Exploits0References4
OSV
OSV
added 2026/03/26 6:23 p.m.4 views

GHSA-RWCR-RPCC-3G9M elixir-nodejs has Cross-User Data Leakage or Information Disclosure due to Worker Protocol Race Condition

Impact This vulnerability results in Cross-User Data Leakage or Information Disclosure due to a race condition in the worker protocol. The lack of request-response correlation creates a "stale response" vulnerability. Because the worker does not verify which request a response belongs to, it may...

7.1CVSS6AI score0.00315EPSS
Exploits0References6
Packet Storm News
Packet Storm News
added 2026/03/20 12:0 a.m.19 views

NASimJax: GPU-Accelerated Policy Learning Framework for Penetration Testing

Penetration testing, the practice of simulating cyberattacks to identify vulnerabilities, is a complex sequential decision-making task that is inherently partially observable and features large action spaces. Training reinforcement learning RL policies for this domain faces a fundamental...

5.8AI score
Exploits0
OSV
OSV
added 2026/03/18 7:55 p.m.5 views

CVE-2026-31971 HTSlib CRAM decoder vulnerable to buffer overflow

HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data using a variety of encodings and compression methods. When reading data encoded using the BYTEARRAYLEN method, the crambytearraylendecode failed to validat...

7.1CVSS6.5AI score0.00336EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/18 12:0 a.m.7 views

HTSlib 安全漏洞

HTSlib is a C-language library file developed by samtools. Versions of HTSlib prior to 1.23.1, 1.22.2, and 1.21.1 have security vulnerabilities. These vulnerabilities stem from the bgzfindexloadhfile function, which involves integer overflows, potentially leading to heap buffer overflows...

8.1CVSS5.9AI score0.00451EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/02/26 10:35 p.m.4 views

CVE-2026-27695

zae-limiter is a rate limiting library using the token bucket algorithm. Prior to version 0.10.1, all rate limit buckets for a single entity share the same DynamoDB partition key namespace/ENTITYid. A high-traffic entity can exceed DynamoDB's per-partition throughput limits 1,000 WCU/sec, causing...

5.3CVSS5.5AI score0.00228EPSS
Exploits0References1
Rows per page
Query Builder