Lucene search
K

38430 matches found

Vulnrichment
Vulnrichment
added 2026/03/25 2:19 p.m.4 views

CVE-2026-23514 Kiteworks Core before 9.2.2 is vulnerable to Improper Ownership Management

Kiteworks is a private data network PDN. Versions 9.2.0 and 9.2.1 of Kiteworks Core have an access control vulnerability that allows authenticated users to access unauthorized content. Upgrade Kiteworks Core to version 9.2.2 or later to receive a patch...

8.8CVSS5.8AI score0.0104EPSS
Exploits0References1
NVD
NVD
added 2026/03/25 2:16 p.m.3 views

CVE-2026-3591

A use-after-return vulnerability exists in the named server when handling DNS queries signed with SIG0. Using a specially-crafted DNS request, an attacker may be able to cause an ACL to improperly mismatch an IP address. In a default-allow ACL denying only specific IP addresses, this may lead to...

5.4CVSS0.0036EPSS
Exploits0References3
OSV
OSV
added 2026/03/25 2:16 p.m.4 views

ALPINE-CVE-2026-3591

A use-after-return vulnerability exists in the named server when handling DNS queries signed with SIG0. Using a specially-crafted DNS request, an attacker may be able to cause an ACL to improperly mismatch an IP address. In a default-allow ACL denying only specific IP addresses, this may lead to...

5.4CVSS5.8AI score0.0036EPSS
Exploits0References1
OSV
OSV
added 2026/03/25 2:16 p.m.3 views

DEBIAN-CVE-2026-3591

A use-after-return vulnerability exists in the named server when handling DNS queries signed with SIG0. Using a specially-crafted DNS request, an attacker may be able to cause an ACL to improperly mismatch an IP address. In a default-allow ACL denying only specific IP addresses, this may lead to...

5.4CVSS8.5AI score0.0036EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/25 1:34 p.m.6 views

CVE-2026-3591

A use-after-return vulnerability exists in the named server when handling DNS queries signed with SIG0. Using a specially-crafted DNS request, an attacker may be able to cause an ACL to improperly mismatch an IP address. In a default-allow ACL denying only specific IP addresses, this may lead to...

5.4CVSS5.8AI score0.0036EPSS
Exploits0References4Affected Software1
AlpineLinux
AlpineLinux
added 2026/03/25 1:34 p.m.5 views

CVE-2026-3591

A use-after-return vulnerability exists in the named server when handling DNS queries signed with SIG0. Using a specially-crafted DNS request, an attacker may be able to cause an ACL to improperly mismatch an IP address. In a default-allow ACL denying only specific IP addresses, this may lead to...

5.4CVSS5.8AI score0.0036EPSS
Exploits0
EUVD
EUVD
added 2026/03/25 12:30 p.m.3 views

EUVD-2026-15371

In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: fix divide by zero in the offload path Offloading ETS requires computing each class' WRR weight: this is done by averaging over the sums of quanta as 'qsum' and 'qpsum'. Using unsigned int, the same integer size a...

5.7AI score0.00119EPSS
Exploits0References7
EUVD
EUVD
added 2026/03/25 12:30 p.m.2 views

EUVD-2026-15367

In the Linux kernel, the following vulnerability has been resolved: ice: change XDP RxQ fragsize from DMA write length to xdp.framesz The only user of fragsize field in XDP RxQ info is bpfxdpfragsincreasetail. It clearly expects whole buff size instead of DMA write size. Different assumptions in...

5.8AI score0.001EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/25 12:30 p.m.3 views

EUVD-2026-15298

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix kernel stack leak in irdmacreateuserah struct irdmacreateahresp // 8 bytes, no padding u32 ahid; // offset 0 - SET uresp.ahid = ah-scah.ahinfo.ahidx u8 rsvd4; // offset 4 - NEVER SET - LEAK ; rsvd4: 4 bytes of sta...

5.7AI score0.00123EPSS
Exploits0References7
EUVD
EUVD
added 2026/03/25 12:30 p.m.3 views

EUVD-2026-15331

In the Linux kernel, the following vulnerability has been resolved: drbd: fix "LOGIC BUG" in drbdalbeginiononblock Even though we check that we "should" be able to do lcgetcumulative while holding the device-allock spinlock, it may still fail, if some other code path decided to do lctrylock with...

5.8AI score0.00128EPSS
Exploits0References7
EUVD
EUVD
added 2026/03/25 12:30 p.m.6 views

EUVD-2026-15233

In the Linux kernel, the following vulnerability has been resolved: can: ucan: Fix infinite loop from zero-length messages If a broken ucan device gets a message with the message length field set to 0, then the driver will loop for forever in ucanreadbulkcallback, hanging the system. If the lengt...

5.6AI score0.00123EPSS
Exploits0References7
NVD
NVD
added 2026/03/25 11:16 a.m.3 views

CVE-2026-23377

In the Linux kernel, the following vulnerability has been resolved: ice: change XDP RxQ fragsize from DMA write length to xdp.framesz The only user of fragsize field in XDP RxQ info is bpfxdpfragsincreasetail. It clearly expects whole buff size instead of DMA write size. Different assumptions in...

5.5CVSS0.001EPSS
Exploits0References2
NVD
NVD
added 2026/03/25 11:16 a.m.4 views

CVE-2026-23379

In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: fix divide by zero in the offload path Offloading ETS requires computing each class' WRR weight: this is done by averaging over the sums of quanta as 'qsum' and 'qpsum'. Using unsigned int, the same integer size a...

5.5CVSS0.00119EPSS
Exploits0References8
NVD
NVD
added 2026/03/25 11:16 a.m.4 views

CVE-2026-23298

In the Linux kernel, the following vulnerability has been resolved: can: ucan: Fix infinite loop from zero-length messages If a broken ucan device gets a message with the message length field set to 0, then the driver will loop for forever in ucanreadbulkcallback, hanging the system. If the lengt...

5.5CVSS0.00123EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2026/03/25 11:16 a.m.6 views

CVE-2026-23356

In the Linux kernel, the following vulnerability has been resolved: drbd: fix "LOGIC BUG" in drbdalbeginiononblock Even though we check that we "should" be able to do lcgetcumulative while holding the device-allock spinlock, it may still fail, if some other code path decided to do lctrylock with...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2026/03/25 11:16 a.m.8 views

CVE-2026-23306

In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free in pm8001queuecommand Commit e29c47fe8946 "scsi: pm8001: Simplify pm8001taskexec" refactors pm8001queuecommand, however it introduces a potential cause of a double free scenario when it changes th...

7.8CVSS5.7AI score0.00126EPSS
Exploits0References8
OSV
OSV
added 2026/03/25 11:16 a.m.4 views

UBUNTU-CVE-2026-23377

In the Linux kernel, the following vulnerability has been resolved: ice: change XDP RxQ fragsize from DMA write length to xdp.framesz The only user of fragsize field in XDP RxQ info is bpfxdpfragsincreasetail. It clearly expects whole buff size instead of DMA write size. Different assumptions in...

5.5CVSS5.9AI score0.001EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/03/25 11:16 a.m.7 views

CVE-2026-23379

In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: fix divide by zero in the offload path Offloading ETS requires computing each class' WRR weight: this is done by averaging over the sums of quanta as 'qsum' and 'qpsum'. Using unsigned int, the same integer size a...

5.5CVSS5.8AI score0.00119EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2026/03/25 11:16 a.m.7 views

CVE-2026-23298

In the Linux kernel, the following vulnerability has been resolved: can: ucan: Fix infinite loop from zero-length messages If a broken ucan device gets a message with the message length field set to 0, then the driver will loop for forever in ucanreadbulkcallback, hanging the system. If the lengt...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References8
OSV
OSV
added 2026/03/25 11:16 a.m.3 views

UBUNTU-CVE-2026-23373

In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: Don't default to -EOPNOTSUPP in rsimac80211config This triggers a WARNON in ieee80211hwconfinit and isn't the expected behavior from the driver - other drivers default to 0 too...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References7
Rows per page
Query Builder