378 matches found
CVE-2026-43398
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in wait ioctl Huge input values in amdgpuuserqwaitioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough value...
Astra Linux – Vulnerabilities in Linux-6.1, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ovl: Fixed a UAF Use-After-Free in ovldentryupdatereval by moving the dput function within ovllinkup. The issue arose because dputupper was called before ovldentryupdatereval, while upper-dflags was still accessed in...
Astra Linux – Vulnerability in Linux 5.10, Linux
The mm/mremap.c file in the Linux kernel before version 5.13.3 contains a use-after-free issue due to a stale Translation Look-And-Reduce TLB table, as the rmap lock is not held during a PUD move...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net: dsa: fixed the issue where dereferencing the netdevpriv variable occurred before the type check, in cases where the event is triggered on non-DSA network devices. After the bug was reported, we began handling this...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/mlx5: Returns the firmware result upon destroying QP/RQ Previously, when destroying a QP/RQ, the result of the firmware destruction function was ignored, and the upper layers were not informed of the failure. This could...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: sock: The protection check for psock vs. ULP needs to be reimplemented. Commit 8a59f9d1e3d4 “sock: Introduce sk-skprot-psockupdateskprot” has moved the inetcskhasulpsk check from skpsockinit to the new tcpbpfupdateproto function....
hashcat 缓冲区错误漏洞
Hashcat is a high-performance password recovery and cracking tool developed by Hashcat developers. Version 7.1.2 of Hashcat contains a buffer overflow vulnerability. This vulnerability stems from the mangletohexlower and mangletohexupper functions in src/rpcpu.c, where stack-based buffer overflow...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the competition between the splitting of PUD entries and the concurrent reassembly process in the...
PT-2026-34361
In the Linux kernel, the following vulnerability has been resolved: mm/pagewalk: fix race between concurrent split and refault The splitting of a PUD entry in walk pud range can race with a concurrent thread refaulting the PUD leaf entry causing it to try walking a PMD range that has disappeared...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-013412)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013412 advisory. In the Linux kernel, the following vulnerability has been resolved: i40e: add validation for ringlen param The ringlen parameter provided by the virtual function VF ...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-010872)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010872 advisory. In the Linux kernel, the following vulnerability has been resolved: bfs: Reconstruct file type when loading from disk syzbot is reporting that SIFMT bits of...
DeepGuard Secure Code Generation
Large Language Models LLMs for code generation can replicate insecure patterns from their training data. To mitigate this, a common strategy for security hardening is to fine-tune models using supervision derived from the final transformer layer. However, this design may suffer from a final-layer...
EUVD-2026-21146
nimiq-blockchain is missing a wall-clock upper bound on block timestamps...
CVE-2026-40093
nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In 1.3.0 and earlier, block timestamp validation enforces that timestamp = parent.timestamp for non-skip blocks and timestamp == parent.timestamp + MINPRODUCERTIMEOUT for skip blocks, but there is no visible upper...
CVE-2026-40093
The CVE describes a wall-clock upper bound omission in Nimiq’s block timestamp validation for the nimiq-blockchain Rust implementation (1.3.0 and earlier). Specifically, non-skip blocks enforce timestamp >= parent.timestamp and skip blocks enforce timestamp == parent.timestamp + MIN_PRODUCER_T...
PT-2026-31733
Name of the Vulnerable Software and Affected Versions nimiq-blockchain versions 1.3.0 and earlier Description nimiq-blockchain, used for persistent block storage in Nimiq's Rust implementation, has an issue where block timestamp validation lacks an upper bound check against the wall clock in...
core-rs-albatross 安全漏洞
core-rs-albatross is a Rust implementation of the Albatross protocol developed by Nimiq. Versions of core-rs-albatross 1.3.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from a lack of upper limit checks on block timestamps, allowing malicious validators to set...
a-mailx (=0.1.0), a2a-acl (=0.0.15) +1346 more potentially affected by CVE-2026-34513 via aiohttp (>=0.13.1 <=3.13.3)
aiohttp PYPI version =0.13.1, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =0.1.3, =0.4.0, =56.0.0, =72.0.0 and more Source cves: CVE-2026-34513 Source advisory: OSV:GHSA-HCC4-C3V8-RX92...
CVE-2026-3216
Server-Side Request Forgery SSRF vulnerability in Drupal Drupal Canvas allows Server Side Request Forgery.This issue affects Drupal Canvas: from 0.0.0 before 1.1.1...
SUSE CVE-2026-23359
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stack-out-of-bounds write in devmap getupperifindexes iterates over all upper devices and writes their indices into an array without checking bounds. Also the callers assume that the max number of upper devices is...