164567 matches found
CVE-2026-14647
A weakness has been identified in onnx up to 1.21.x. This vulnerability affects the function convPoolShapeInferenceopset19 of the file onnx/defs/nn/old.cc of the component onnxruntime. This manipulation causes out-of-bounds read. It is possible to initiate the attack remotely. The exploit has bee...
CVE-2026-53362
In the Linux kernel, the following vulnerability has been resolved: ipv6: account for fraggap on the paged allocation path In ip6appenddata, when the paged-allocation branch is taken MSGMORE / NETIFFSG / large fraglen, alloclen and pagedlen are computed as alloclen = fragheaderlen + transhdrlen;...
EUVD-2026-41668
In the Linux kernel, the following vulnerability has been resolved: afunix: Set gcinprogress to true in unixgc. Igor Ushakov reported that unixgc could run with gcinprogress being false if the work is scheduled while running: Thread 1 Thread 2 Thread 3 -------- -------- -------- unixschedulegc...
CVE-2026-53361
The CVE-2026-53361 vulnerability affects the Linux kernel’s af_unix path, where unix_gc() could observe gc_in_progress as false due to race conditions when scheduling GC work. The fix sets gc_in_progress to true inside unix_gc(), addressing a window where GC could be re-entered or confused by MSG...
CVE-2026-53360
In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Require in-GHCB scratch area if GHCB v2+ is in use As per the GHCB spec, when using GHCB v2+ require the software scratch area to reside in the GHCB's shared buffer. Note, things like Page State Change PSC requests rely...
GHSA-GG9X-QCX2-XMRH vulnerabilities
Vulnerabilities for packages: airflow...
CVE-2026-49852 vulnerabilities
Vulnerabilities for packages: airflow...
GHSA-GG9X-QCX2-XMRH vulnerabilities
Vulnerabilities for packages: airflow...
CVE-2026-49852 vulnerabilities
Vulnerabilities for packages: airflow...
CVE-2025-71364
picklescan before 0.0.30 fails to detect the asyncio.unixevents.UnixSubprocessTransport.start function in pickle reduce methods, allowing remote code execution. Attackers can craft malicious pickle files embedding this built-in function that evade detection but execute arbitrary commands when...
EUVD-2025-210419
picklescan before 0.0.30 fails to detect the asyncio.unixevents.UnixSubprocessTransport.start function in pickle reduce methods, allowing remote code execution. Attackers can craft malicious pickle files embedding this built-in function that evade detection but execute arbitrary commands when...
GHSA-29PF-2H5F-8G72 vulnerabilities
Vulnerabilities for packages: tritonserver-backend-vllm-cuda-12.9, text-generation-inference...
CVE-2025-14813 vulnerabilities
Vulnerabilities for packages: sonarqube...
CVE-2026-4372 vulnerabilities
Vulnerabilities for packages: tritonserver-backend-vllm-cuda-12.9, text-generation-inference...
GHSA-574F-3G2M-X479 vulnerabilities
Vulnerabilities for packages: sonarqube...
CVE-2026-48816 vulnerabilities
Vulnerabilities for packages: pulumi...
CVE-2026-42998 vulnerabilities
Vulnerabilities for packages: openstack-keystone-2026.1-fips, openstack-keystone-2025.1, openstack-keystone-2025.2, openstack-keystone-2026.1, openstack-keystone-2025.1-fips, openstack-keystone-2025.2-fips...
GHSA-2R23-2G6V-2M5F vulnerabilities
Vulnerabilities for packages: openstack-keystone-2026.1-fips, openstack-keystone-2025.1, openstack-keystone-2025.2, openstack-keystone-2026.1, openstack-keystone-2025.1-fips, openstack-keystone-2025.2-fips...
CVE-2026-9673 vulnerabilities
Vulnerabilities for packages: opensearch-dashboards, opensearch-dashboards-fips...
GHSA-XGJW-PM74-86Q4 vulnerabilities
Vulnerabilities for packages: pulumi...