Lucene search
+L

1549 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: block: Fixed an incorrect offset in biotruncate The biotruncate function clears the buffer outside of the last block of bdev. However, the current implementation of biotruncate uses the wrong offset for the page. As a result, it...

7.5CVSS5.8AI score0.00915EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Samba

A flaw was discovered in Samba. Users of Samba AD can cause the server to access uninitialized data through an LDAP add or modify request, typically resulting in a segmentation fault...

8.1CVSS6.5AI score0.00904EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: ip6tunnel: Ensure that the inner header is pulled in ip6tnlrcv. syzbot found that ip6tnlrcv could access unitized data 1. Call pskbinetmaypull to fix this, and initialize the ipv6h variable after this call, as it can change...

5.5CVSS6.4AI score0.00241EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: iio: dummy: iiosimplydummybuffer: fixed the information leak in the triggered buffer. The data array is allocated using kmalloc, and it is used to push data to user space from the triggered buffer. However, it does not set values...

7.1CVSS6.4AI score0.00214EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.10 views

PT-2026-42006

Name of the Vulnerable Software and Affected Versions libheif versions prior to 1.22.0 Description When decoding a HEIF grid image with strict decoding set to false the default, a corrupted tile may fail to decode silently. The library returns heif error Ok without indicating failure, resulting i...

7.1CVSS5.8AI score0.00343EPSS
Exploits1References76
SUSE CVE
SUSE CVE
added 2026/05/13 3:35 a.m.11 views

SUSE CVE-2026-43349

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid uninit-value access in f2fssanitychecknodefooter syzbot reported a f2fs bug as below: BUG: KMSAN: uninit-value in f2fssanitychecknodefooter+0x374/0xa20 fs/f2fs/node.c:1520 f2fssanitychecknodefooter+0x374/0xa20...

5.6CVSS5.7AI score0.00112EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.11 views

Unity Linux 20.1060e / 20.1070e Security Update: curl (UTSA-2026-017661)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017661 advisory. curl 7.7 through 7.76.1 suffers from an information disclosure when the -t command line option, known as CURLOPTTELNETOPTIONS in libcurl, is used to send...

3.1CVSS5.9AI score0.04385EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.8 views

Unity Linux 20.1060e / 20.1070e Security Update: curl (UTSA-2026-017588)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017588 advisory. curl supports the -t command line option, known as CURLOPTTELNETOPTIONSin libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Du...

5.3CVSS5.8AI score0.04929EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/05/08 7:52 p.m.17 views

CVE-2026-43351

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM for arm64 architectures. When a virtual Generic Interrupt Controller GIC is created, a failure in the vgicallocateprivateirqslocked function can leave internal data structures uninitialized. This can lead to a system crash wh...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References4
NVD
NVD
added 2026/05/08 2:16 p.m.13 views

CVE-2026-43349

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid uninit-value access in f2fssanitychecknodefooter syzbot reported a f2fs bug as below: BUG: KMSAN: uninit-value in f2fssanitychecknodefooter+0x374/0xa20 fs/f2fs/node.c:1520 f2fssanitychecknodefooter+0x374/0xa20...

5.5CVSS0.00112EPSS
Exploits0References3
OSV
OSV
added 2026/05/08 2:16 p.m.12 views

UBUNTU-CVE-2026-43291

In the Linux kernel, the following vulnerability has been resolved: net: nfc: nci: Fix parameter validation for packet data Since commit 9c328f54741b "net: nfc: nci: Add parameter validation for packet data" communication with nci nfc chips is not working any more. The mentioned commit tries to f...

8.3CVSS5.7AI score0.00269EPSS
Exploits0References18
OSV
OSV
added 2026/05/08 1:41 p.m.3 views

CVE-2026-43349 f2fs: fix to avoid uninit-value access in f2fs_sanity_check_node_footer

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid uninit-value access in f2fssanitychecknodefooter syzbot reported a f2fs bug as below: BUG: KMSAN: uninit-value in f2fssanitychecknodefooter+0x374/0xa20 fs/f2fs/node.c:1520 f2fssanitychecknodefooter+0x374/0xa20...

5.5CVSS5.9AI score0.00112EPSS
Exploits0References6
CVE
CVE
added 2026/05/08 1:11 p.m.21 views

CVE-2026-43291

CVE-2026-43291 affects the Linux kernel NFC NCI subsystem. A parameter validation flaw for variable-length data packets can trigger a DoS by breaking NFC communication with NCI chips. Root cause: code compared variable-length packet data against a maximum length derived from sizeof(struct), ignor...

8.3CVSS5.8AI score0.00269EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2026/05/08 1:11 p.m.5 views

CVE-2026-43291 net: nfc: nci: Fix parameter validation for packet data

In the Linux kernel, the following vulnerability has been resolved: net: nfc: nci: Fix parameter validation for packet data Since commit 9c328f54741b "net: nfc: nci: Add parameter validation for packet data" communication with nci nfc chips is not working any more. The mentioned commit tries to f...

8.3CVSS5.8AI score0.00269EPSS
Exploits0References10
Cvelist
Cvelist
added 2026/05/08 1:11 p.m.41 views

CVE-2026-43291 net: nfc: nci: Fix parameter validation for packet data

In the Linux kernel, the following vulnerability has been resolved: net: nfc: nci: Fix parameter validation for packet data Since commit 9c328f54741b "net: nfc: nci: Add parameter validation for packet data" communication with nci nfc chips is not working any more. The mentioned commit tries to f...

8.3CVSS0.00269EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-43408

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ceph: add a bunch of missing cephpathinfo initializers cephmdscbuildpath must be called with a zero-initialized cephpathinfo parameter, or else the following...

7.8CVSS6.9AI score0.00129EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.17 views

PT-2026-39000

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the f2fs file system where the f2fs finish read bio function may access uninitialized data in a folio if the system fails to read data from the device into that folio...

9.8CVSS6AI score0.93235EPSS
Exploits55References291
RedhatCVE
RedhatCVE
added 2026/05/01 10:8 p.m.8 views

CVE-2026-31749

A flaw was found in the niatmio16d driver within the Comedi Comedi is a collection of drivers for data acquisition equipment subsystem of the Linux kernel. This vulnerability occurs when an error during the driver's attach process causes the cleanup function atmio16ddetach to be called with...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/04/25 1:37 a.m.8 views

SUSE CVE-2026-31626

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: initialize letmp64 in rtwBIPverify Initialize letmp64 to zero in rtwBIPverify to prevent using uninitialized data. Smatch warns that only 6 bytes are copied to this 8-byte u64 variable, leaving the last two...

5.4CVSS5.4AI score0.00288EPSS
Exploits0References4
OSV
OSV
added 2026/04/24 3:16 p.m.4 views

DEBIAN-CVE-2026-31626

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: initialize letmp64 in rtwBIPverify Initialize letmp64 to zero in rtwBIPverify to prevent using uninitialized data. Smatch warns that only 6 bytes are copied to this 8-byte u64 variable, leaving the last two...

7.1CVSS5.2AI score0.00288EPSS
Exploits0References1
Rows per page
Query Builder