Lucene search
K

1084 matches found

OSV
OSV
added 2025/12/03 11:44 a.m.4 views

BIT-NGINX-GATEWAY-2025-53859 NGINX ngx_mail_smtp_module vulnerability

NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...

6.3CVSS6.8AI score0.00371EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/11/24 10:44 a.m.4 views

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

6.6AI score0.00194EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/11/16 12:0 a.m.4 views

PT-2025-51636

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s DRM/radeon driver related to fence processing. Specifically, the radeon fence process function was unnecessarily called within the is signaled functio...

5.5CVSS6AI score0.00099EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/11/14 12:0 a.m.6 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990913)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990913 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Call crypto layer directly when padatadoparallel return -EBUSY Since commit...

5.5CVSS6.1AI score0.00185EPSS
Exploits0References4
NVD
NVD
added 2025/11/12 11:15 a.m.4 views

CVE-2025-40176

In the Linux kernel, the following vulnerability has been resolved: tls: wait for pending async decryptions if tlsstrpmsghold fails Async decryption calls tlsstrpmsghold to create a clone of the input skb to hold references to the memory it uses. If we fail to allocate that clone, proceeding with...

0.00166EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2025/11/12 10:53 a.m.3 views

CVE-2025-40176

In the Linux kernel, the following vulnerability has been resolved: tls: wait for pending async decryptions if tlsstrpmsghold fails Async decryption calls tlsstrpmsghold to create a clone of the input skb to hold references to the memory it uses. If we fail to allocate that clone, proceeding with...

5.2AI score0.00166EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/11/12 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990845)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990845 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix idatasem unlock order in ext4indmigrate Fuzzing reports a possible deadlock in...

4.7CVSS6.2AI score0.0019EPSS
Exploits0References3
OSV
OSV
added 2025/11/11 3:19 p.m.2 views

MAL-2025-116136 Malicious code in ocha-enting4-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3212c4b18f90e22e562a458469f9bb5267c4d6ed743d94cf4221f2619b59e441 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2025/11/11 9:13 a.m.3 views

kernel: rxrpc: Fix missing locking causing hanging calls

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix missing locking causing hanging calls If a call gets aborted e.g. because kafs saw a signal between it being queued for connection and the I/O thread picking up the call, the abort will be prioritised over the connecti...

4.7CVSS6.7AI score0.00161EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/11/11 9:13 a.m.2 views

kernel: io_uring/rw: fix missing NOWAIT check for O_DIRECT start write

In the Linux kernel, the following vulnerability has been resolved: iouring/rw: fix missing NOWAIT check for ODIRECT start write When iouring starts a write, it'll call kiocbstartwrite to bump the super block rwsem, preventing any freezes from happening while that write is in-flight. The freeze...

4.4CVSS6.8AI score0.00183EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.1 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989035)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989035 advisory. In the Linux kernel, the following vulnerability has been resolved: can: isotp: isotpsendmsg: add result check for waiteventinterruptible Using waiteventinterruptibl...

5.5CVSS6.1AI score0.0021EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.8 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989995)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989995 advisory. In the Linux kernel, the following vulnerability has been resolved: driver core: Fix waitfordeviceprobe & deferredprobetimeout interaction Mounting NFS rootfs was...

5.5CVSS5.9AI score0.00187EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/11/03 4:0 p.m.3 views

kernel: tls: separate no-async decryption request handling from async

In the Linux kernel, the following vulnerability has been resolved: tls: separate no-async decryption request handling from async If we're not doing async, the handling is much simpler. There's no reference counting, we just need to wait for the completion to wake us up and return its result. We...

7.8CVSS5.7AI score0.00144EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2025/11/01 10:54 a.m.2 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: md/raid1: The issue of stack memory usage after a return in the raid1reshape function has been fixed. In the raid1reshape function, the newpool is allocated on the stack and assigned to conf-r1biopool. This causes...

7.1CVSS6.4AI score0.00165EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/10/29 12:25 a.m.7 views

SUSE CVE-2025-40047

In the Linux kernel, the following vulnerability has been resolved: iouring/waitid: always prune wait queue entry in iowaitidwait For a successful return, always remove our entry from the wait queue entry list. Previously this was skipped if a cancelation was in progress, but this can race with...

4.7CVSS6.4AI score0.00194EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2025/10/29 12:0 a.m.2 views

Siemens SIMATIC Devices Use After Free (CVE-2024-36904)

In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcountincnotzero in tcptwskunique. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

7.8CVSS6.3AI score0.00614EPSS
Exploits0References4
OSV
OSV
added 2025/10/28 12:15 p.m.2 views

UBUNTU-CVE-2025-40047

In the Linux kernel, the following vulnerability has been resolved: iouring/waitid: always prune wait queue entry in iowaitidwait For a successful return, always remove our entry from the wait queue entry list. Previously this was skipped if a cancelation was in progress, but this can race with...

5.7AI score0.00194EPSS
Exploits0References21
EUVD
EUVD
added 2025/10/28 11:48 a.m.4 views

EUVD-2025-36480

In the Linux kernel, the following vulnerability has been resolved: uiohvgeneric: Let userspace take care of interrupt mask Remove the logic to set interrupt mask by default in uiohvgeneric driver as the interrupt mask value is supposed to be controlled completely by the user space. If the mask b...

6.1AI score0.00207EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2025/10/28 11:48 a.m.4 views

CVE-2025-40047

In the Linux kernel, the following vulnerability has been resolved: iouring/waitid: always prune wait queue entry in iowaitidwait For a successful return, always remove our entry from the wait queue entry list. Previously this was skipped if a cancelation was in progress, but this can race with...

5.2AI score0.00194EPSS
Exploits0
CVE
CVE
added 2025/10/28 11:48 a.m.21 views

CVE-2025-40047

CVE-2025-40047 affects the Linux kernel io_uring waitid path. The root cause was a race where a wait queue entry could remain due to cancellation in progress, leading to missed cleanup. The connected advisories confirm the fix as: always prune the wait queue entry in io_waitid_wait() on successfu...

6AI score0.00194EPSS
Exploits0References3
Rows per page
Query Builder