Lucene search
K

801 matches found

NVD
NVD
added 6 days ago6 views

CVE-2026-0276

A privilege escalation vulnerability in Palo Alto Networks Cortex® XDR Broker VM enables a locally authenticated user to perform actions as the root user...

4.8CVSS0.00137EPSS
Exploits0References1
CVE
CVE
added 6 days ago6 views

CVE-2026-0276

CVE-2026-0276 describes a privilege escalation in Palo Alto Networks Cortex XDR Broker VM, enabling a locally authenticated user to perform actions as root. Public details in the provided documents are limited to the existence of a local-privilege escalation with low attack complexity and low imp...

4.8CVSS6AI score0.00137EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago39 views

CVE-2026-0276 Cortex XDR Broker VM: Privilege Escalation (PE) Vulnerability

A privilege escalation vulnerability in Palo Alto Networks Cortex® XDR Broker VM enables a locally authenticated user to perform actions as the root user...

4.8CVSS0.00137EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/28 3:57 a.m.16 views

SUSE CVE-2026-45870

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: authgss: fix memory leaks in XDR decoding error paths The gssxdecctx, gssxdecstatus, and gssxdecname functions allocate memory via gssxdecbuffer, which calls kmemdup. When a subsequent decode operation fails, these...

6.5CVSS5.7AI score0.0016EPSS
Exploits0References13
RedhatCVE
RedhatCVE
added 2026/05/28 3:54 a.m.14 views

CVE-2026-45870

A flaw was found in the Linux kernel's SUNRPC Sun Remote Procedure Call authentication GSS Generic Security Service module. This vulnerability occurs due to memory leaks in the XDR eXternal Data Representation decoding error paths within functions like gssxdecctx, gssxdecstatus, and gssxdecname...

5.5CVSS5.8AI score0.0016EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/27 3:33 p.m.11 views

EUVD-2026-32336

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: authgss: fix memory leaks in XDR decoding error paths The gssxdecctx, gssxdecstatus, and gssxdecname functions allocate memory via gssxdecbuffer, which calls kmemdup. When a subsequent decode operation fails, these...

5.8AI score0.0016EPSS
Exploits0References9
NVD
NVD
added 2026/05/27 2:17 p.m.14 views

CVE-2026-45870

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: authgss: fix memory leaks in XDR decoding error paths The gssxdecctx, gssxdecstatus, and gssxdecname functions allocate memory via gssxdecbuffer, which calls kmemdup. When a subsequent decode operation fails, these...

5.5CVSS0.0016EPSS
Exploits0References8
OSV
OSV
added 2026/05/27 2:17 p.m.13 views

UBUNTU-CVE-2026-45870

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: authgss: fix memory leaks in XDR decoding error paths The gssxdecctx, gssxdecstatus, and gssxdecname functions allocate memory via gssxdecbuffer, which calls kmemdup. When a subsequent decode operation fails, these...

5.5CVSS5.8AI score0.0016EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/05/27 12:15 p.m.42 views

CVE-2026-45870 SUNRPC: auth_gss: fix memory leaks in XDR decoding error paths

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: authgss: fix memory leaks in XDR decoding error paths The gssxdecctx, gssxdecstatus, and gssxdecname functions allocate memory via gssxdecbuffer, which calls kmemdup. When a subsequent decode operation fails, these...

0.0016EPSS
Exploits0References8
CVE
CVE
added 2026/05/27 12:15 p.m.27 views

CVE-2026-45870

CVE-2026-45870 affects the Linux kernel’s SUNRPC auth_gss path. The issue is memory leaks in XDR decoding error paths caused by gssx_dec_ctx(), gssx_dec_status(), and gssx_dec_name() allocating buffers via gssx_dec_buffer()/kmemdup() and returning on error without freeing previously allocated mem...

5.5CVSS5.8AI score0.0016EPSS
Exploits0References8Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.11 views

PT-2026-43737

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description Memory leaks occur in the SUNRPC auth gss component during XDR decoding error paths. The functions gssx dec ctx, gssx dec status, and gssx dec name allocate memory using gssx dec buffer,...

5.5CVSS5.7AI score0.0016EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.11 views

CVE-2026-45870

SUNRPC: authgss: fix memory leaks in XDR decoding error paths...

5.8AI score0.0016EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an XDR decoding error path in the SURNPROC authgss module. This error path fails to release the...

5.8AI score0.0016EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-45870

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SUNRPC: authgss: fix memory leaks in XDR decoding error paths The gssxdecctx, gssxdecstatus, and gssxdecname functions allocate memory via gssxdecbuffer, which...

5.5CVSS6.6AI score0.0016EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: svcrdma: Address an integer overflow Dan Carpenter reports: Commit 78147ca8b4a9 "svcrdma: Add a “parsed chunk list” data structure" from Jun 22, 2020 linux-next, leads to the following Smatch static checker warning:...

5.5CVSS6.5AI score0.00267EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: NFSD: The encoder for NFSv2 GETACL results has been completed. The xdrstream conversion inadvertently left some code that set the pagelen of the send buffer. The XDR stream encoders should now handle this automatically. This...

6.4AI score0.002EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fixed the issue of loading the RxGK token to check bounds. The rxrpcpreparsexdryfsrxgk function reads the raw key length and ticket length from the XDR token as u32 values. It then rounds up each value by 4 before using th...

7.8CVSS6.1AI score0.00143EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in krb5

The file “lib/kadm5/kadmrpcxdr.c” in MIT Kerberos 5 also known as krb5 before versions 1.20.2 and 1.21.x before version 1.21.1 exposes an uninitialized pointer. A remotely authenticated user can cause a Kadmind crash. This occurs because the function xdrkadm5principalentrec does not validate the...

6.5CVSS6.8AI score0.02791EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/01 1:55 p.m.3 views

CVE-2026-31696

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix missing validation of ticket length in non-XDR key preparsing In rxrpcpreparse, there are two paths for parsing key payloads: the XDR path for large payloads and the non-XDR path for payloads = 28 bytes. While the XDR...

5.7AI score0.00129EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2026/05/01 1:55 p.m.6 views

CVE-2026-31696

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix missing validation of ticket length in non-XDR key preparsing In rxrpcpreparse, there are two paths for parsing key payloads: the XDR path for large payloads and the non-XDR path for payloads = 28 bytes. While the XDR...

7.8CVSS5.7AI score0.00129EPSS
Exploits0
Rows per page
Query Builder