Lucene search
K

149 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: Timer – Setting a lower limit for the start tick time Currently, the ALSA timer does not have a lower limit for the start tick time. It allows a very small size, for example, 1 tick with a resolution of 1 ns for the hrtimer...

5.5CVSS6.1AI score0.00642EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: x86/i8259: The legacy PIC interrupts have been marked with the IRQLEVEL flag. Baoquan reported that after triggering a crash, the subsequent boot process fails about half of the time. This occurs due to a NULL pointer dereference...

5.5CVSS5.8AI score0.00247EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rcu: Avoid stack overflow due to rcuirqenterchecktick being kprobed. Registering a kprobe for rcuirqenterchecktick can cause a kernel stack overflow, as shown below. This issue can be reproduced by enabling CONFIGNOHZFULL and...

5.5CVSS5.8AI score0.00158EPSS
Exploits0References2
NVD
NVD
added 2026/05/27 2:17 p.m.9 views

CVE-2026-45968

In the Linux kernel, the following vulnerability has been resolved: cpuidle: Skip governor when only one idle state is available On certain platforms PowerNV systems without a power-mgt DT node, cpuidle may register only a single idle state. In cases where that single state is a polling state sta...

5.5CVSS0.0013EPSS
Exploits0References8
NVD
NVD
added 2026/05/21 6:16 p.m.12 views

CVE-2026-48239

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/reports.php where the tickid POST parameter is concatenated into the WHERE clause of SELECT statements in the incidents summary report without sanitization. Authenticated attackers can craft requests that alter query...

7.1CVSS0.00214EPSS
Exploits0References3
NVD
NVD
added 2026/05/21 6:16 p.m.13 views

CVE-2026-48240

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/statistics.php where the tickid and ftickid POST parameters are concatenated into WHERE clauses of SELECT statements in the statistics rollup queries without sanitization. Authenticated attackers can craft requests tha...

7.1CVSS0.00218EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/21 5:10 p.m.8 views

CVE-2026-48240 Open ISES Tickets < 3.44.2 SQL Injection via ajax/statistics.php tick_id and f_tick_id Parameters

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/statistics.php where the tickid and ftickid POST parameters are concatenated into WHERE clauses of SELECT statements in the statistics rollup queries without sanitization. Authenticated attackers can craft requests tha...

7.1CVSS5.9AI score0.00218EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/21 5:10 p.m.46 views

CVE-2026-48240 Open ISES Tickets < 3.44.2 SQL Injection via ajax/statistics.php tick_id and f_tick_id Parameters

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/statistics.php where the tickid and ftickid POST parameters are concatenated into WHERE clauses of SELECT statements in the statistics rollup queries without sanitization. Authenticated attackers can craft requests tha...

7.1CVSS0.00218EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/21 5:10 p.m.13 views

EUVD-2026-31322

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/statistics.php where the tickid and ftickid POST parameters are concatenated into WHERE clauses of SELECT statements in the statistics rollup queries without sanitization. Authenticated attackers can craft requests tha...

7.1CVSS5.9AI score0.00218EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/21 5:10 p.m.6 views

CVE-2026-48239 Open ISES Tickets < 3.44.2 SQL Injection via ajax/reports.php tick_id Parameter

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/reports.php where the tickid POST parameter is concatenated into the WHERE clause of SELECT statements in the incidents summary report without sanitization. Authenticated attackers can craft requests that alter query...

7.1CVSS5.9AI score0.00214EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/21 5:10 p.m.10 views

EUVD-2026-31320

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/reports.php where the tickid POST parameter is concatenated into the WHERE clause of SELECT statements in the incidents summary report without sanitization. Authenticated attackers can craft requests that alter query...

7.1CVSS5.9AI score0.00214EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.10 views

PT-2026-42518

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/statistics.php where the tick id and f tick id POST parameters are concatenated into WHERE clauses of SELECT statements in the statistics rollup queries without sanitization. Authenticated attackers can craft requests...

7.1CVSS5.9AI score0.00218EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/13 3:35 a.m.6 views

SUSE CVE-2026-43323

In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix zerovruntime tracking fix John reported that stress-ng-yield could make his machine unhappy and managed to bisect it to commit b3d99f43c72b "sched/fair: Fix zerovruntime tracking". The combination of yield and tha...

5.8AI score0.00122EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/13 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-43323

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix zerovruntime tracking fix John reported that stress-ng-yield could make his...

5.5CVSS6AI score0.00122EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/26 3:11 p.m.3 views

CVE-2026-32723

SandboxJS is a JavaScript sandboxing library. Prior to 0.8.35, SandboxJS timers have an execution-quota bypass. A global tick state currentTicks.current is shared between sandboxes. Timer string handlers are compiled at execution time using that global tick state rather than the scheduling...

4.8CVSS6AI score0.00148EPSS
Exploits1References1
NVD
NVD
added 2026/03/18 10:16 p.m.3 views

CVE-2026-32723

SandboxJS is a JavaScript sandboxing library. Prior to 0.8.35, SandboxJS timers have an execution-quota bypass. A global tick state currentTicks.current is shared between sandboxes. Timer string handlers are compiled at execution time using that global tick state rather than the scheduling...

4.8CVSS0.00148EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/18 9:27 p.m.2 views

CVE-2026-32723

SandboxJS is a JavaScript sandboxing library. Prior to 0.8.35, SandboxJS timers have an execution-quota bypass. A global tick state currentTicks.current is shared between sandboxes. Timer string handlers are compiled at execution time using that global tick state rather than the scheduling...

4.8CVSS5.9AI score0.00148EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.4 views

PT-2026-25822

Summary Assumed repo path is /Users/zwique/Downloads/SandboxJS-0.8.34 no /Users/zwique/Downloads/SandboxJS found. A global tick state currentTicks.current is shared between sandboxes. Timer string handlers are compiled at execution time using that global tick state rather than the scheduling...

4.8CVSS5.9AI score0.00148EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2026/03/04 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005480)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005480 advisory. In the Linux kernel, the following vulnerability has been resolved: tick/broadcast: Move per CPU pointer access into the atomic section The recent fix for making the...

5.5CVSS6.8AI score0.00221EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993297)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993297 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Set lower bound of start tick time Currently ALSA timer doesn't have the lower limit...

5.5CVSS6.1AI score0.00642EPSS
Exploits0References4
Rows per page
Query Builder