VIR Vulnerability Intelligence Relay

Search

Found 33,836 results in 1250ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-45864 unknown FIX debian debian sles 9d ago In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: prevent infinite loops caused by the next valid being the same When processing valid within the range [valid : pos), if…
CVE-2026-45863 unknown FIX debian debian sles 9d ago In the Linux kernel, the following vulnerability has been resolved: i3c: dw: Fix memory leak in dw_i3c_master_i2c_xfers() The dw_i3c_master_i2c_xfers() function allocates memory for the xfer struct…
CVE-2026-45858 unknown FIX debian debian sleswindows windows 9d ago In the Linux kernel, the following vulnerability has been resolved: ext4: don't zero the entire extent if EXT4_EXT_DATA_PARTIAL_VALID1 When allocating initialized blocks from a large unwritten exte…
CVE-2026-45857 unknown FIX slesdebian debian 9d ago In the Linux kernel, the following vulnerability has been resolved: scsi: csiostor: Fix dereference of null pointer rn The error exit path when rn is NULL ends up deferencing the null pointer rn vi…
CVE-2026-45855 unknown FIX debian debian sleswindows windows 9d ago In the Linux kernel, the following vulnerability has been resolved: ata: libata-scsi: avoid Non-NCQ command starvation When a non-NCQ command is issued while NCQ commands are being executed, ata_sc…
CVE-2026-45854 unknown FIX debian debian sles 9d ago In the Linux kernel, the following vulnerability has been resolved: crypto: inside-secure/eip93 - unregister only available algorithm EIP93 has an options register. This register indicates which cr…
CVE-2026-45853 unknown FIX debian debian sles 9d ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Use kvfree instead of kfree in amdgpu_gmc_get_nps_memranges() amdgpu_discovery_get_nps_info() internally allocates me…
CVE-2026-45851 unknown FIX debian debian 9d ago In the Linux kernel, the following vulnerability has been resolved: efi: Fix reservation of unaccepted memory table The reserve_unaccepted() function incorrectly calculates the size of the memblock…
CVE-2026-45850 unknown FIX debian debianwindows windows 9d ago In the Linux kernel, the following vulnerability has been resolved: ipvs: skip ipv6 extension headers for csum checks Protocol checksum validation fails for IPv6 if there are extension headers befo…
CVE-2026-45849 unknown FIX debian debian sles 9d ago In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: add missing lock protection in ocelot_port_xmit_inj() ocelot_port_xmit_inj() calls ocelot_can_inject() and oce…
CVE-2026-45848 unknown FIX debian debian sles 9d ago In the Linux kernel, the following vulnerability has been resolved: apparmor: fix NULL sock in aa_sock_file_perm Deal with the potential that sock and sock-sk can be NULL during socket setup or tea…
CVE-2026-45847 unknown FIX debian debian sles 9d ago In the Linux kernel, the following vulnerability has been resolved: net: remove WARN_ON_ONCE when accessing forward path array Although unlikely, recent support for IPIP tunnels increases chances o…
CVE-2025-71309 unknown FIX debian debian sles 9d ago In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: fix deadlock in ni_read_folio_cmpr Syzbot reported a task hung in ni_readpage_cmpr (now ni_read_folio_cmpr). This is ca…
CVE-2025-71308 unknown FIX slesdebian debian 9d ago In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix potential NULL pointer dereference in context cleanup aie_destroy_context() is invoked during error handling i…
CVE-2025-71307 unknown FIX slesdebian debian 9d ago In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix NULL pointer dereference on panthor_fw_unplug This patch removes the MCU halt and wait for halt procedures durin…
CVE-2025-71306 unknown FIX debian debian sles 9d ago In the Linux kernel, the following vulnerability has been resolved: ima: Fix stack-out-of-bounds in is_bprm_creds_for_exec() KASAN reported a stack-out-of-bounds access in ima_appraise_measurement …
CVE-2025-71305 unknown FIX debian debian sleswindows windows 9d ago In the Linux kernel, the following vulnerability has been resolved: drm/display/dp_mst: Add protection against 0 vcpi When releasing a timeslot there is a slight chance we may end up with the wrong…
CVE-2025-71304 unknown FIX debian debian sles 9d ago In the Linux kernel, the following vulnerability has been resolved: smack: /smack/doi: accept previously used values Writing to /smack/doi a value that has ever been written there in the past disab…
CVE-2025-71303 unknown FIX debian debian sles 9d ago In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix race condition when checking rpm_on When autosuspend is triggered, driver rpm_on flag is set to indicate that …
CVE-2026-42761 critical 9.3 9.3 9d ago Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RealMag777 Active Products Tables for WooCommerce profit-products-tables-for-woocommerce allows B…
CVE-2026-42758 critical 9.8 9.8 9d ago Incorrect Privilege Assignment vulnerability in Saleswonder Team: Tobias WebinarIgnition webinar-ignition allows Privilege Escalation.This issue affects WebinarIgnition: from n/a through < 4.08.253.
CVE-2026-42757 critical 9.9 9.9 9d ago Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Saleswonder Team: Tobias WebinarIgnition webinar-ignition allows Path Traversal.This issue affects Webi…
CVE-2026-42756 critical 9.9 9.9 9d ago Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ludwig You QuickWebP &#8211; Compress / Optimize Images &amp; Convert WebP | SEO Friendly quickwebp all…
CVE-2026-42755 critical 9.3 9.3 9d ago Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RealMag777 TableOn posts-table-filterable allows Blind SQL Injection.This issue affects TableOn: …
CVE-2026-42748 critical 9.9 9.9 9d ago Unrestricted Upload of File with Dangerous Type vulnerability in WPify WPify Woo Czech wpify-woo allows Upload a Web Shell to a Web Server.This issue affects WPify Woo Czech: from n/a through <= 5.4.…
CVE-2026-42747 critical 9.3 9.3 9d ago Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in hassantafreshi Easy Form Builder easy-form-builder allows Blind SQL Injection.This issue affects …
CVE-2026-42740 critical 9.3 9.3 9d ago Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in tainacan Tainacan tainacan allows Blind SQL Injection.This issue affects Tainacan: from n/a throu…
CVE-2026-42727 critical 9.3 9.3 9d ago Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RealMag777 Active Products Tables for WooCommerce profit-products-tables-for-woocommerce allows B…
CVE-2026-42731 critical 9.8 9.8 9d ago Incorrect Privilege Assignment vulnerability in miniOrange miniorange otp verification miniorange-otp-verification allows Privilege Escalation.This issue affects miniorange otp verification: from n/a…
CVE-2026-45846 unknown FIX slesdebian debianwindows windows 9d ago In the Linux kernel, the following vulnerability has been resolved: bareudp: fix NULL pointer dereference in bareudp_fill_metadata_dst() bareudp_fill_metadata_dst() passes bareudp->sock to udp_tunn…
CVE-2026-45845 unknown FIX slesdebian debianwindows windows 9d ago In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: fix NULL pointer dereference in class dump When a TAPRIO child qdisc is deleted via RTM_DELQDISC, taprio_graft…
CVE-2026-45844 unknown FIX slesdebian debianwindows windows google 9d ago In the Linux kernel, the following vulnerability has been resolved: netfilter: arp_tables: fix IEEE1394 ARP payload parsing Weiming Shi says: "arp_packet_match() unconditionally parses the ARP pay…
CVE-2026-45842 unknown FIX slesdebian debianwindows windows google 9d ago In the Linux kernel, the following vulnerability has been resolved: slip: reject VJ receive packets on instances with no rstate array slhc_init() accepts rslots == 0 as a valid configuration, with …
CVE-2026-45841 unknown FIX slesdebian debianwindows windows google 9d ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO nf_osf_match_one() computes ctx->window % f->wss.val in the OSF_WS…
CVE-2026-45840 unknown FIX slesdebian debianwindows windows 9d ago In the Linux kernel, the following vulnerability has been resolved: openvswitch: cap upcall PID array size and pre-size vport replies The vport netlink reply helpers allocate a fixed-size skb with …
CVE-2026-45839 unknown FIX slesdebian debianwindows windows google 9d ago In the Linux kernel, the following vulnerability has been resolved: bpf: reject negative CO-RE accessor indices in bpf_core_parse_spec() CO-RE accessor strings are colon-separated indices that desc…
CVE-2026-45838 unknown FIX slesdebian debianwindows windows google 9d ago In the Linux kernel, the following vulnerability has been resolved: bpf: fix end-of-list detection in cgroup_storage_get_next_key() list_next_entry() never returns NULL -- when the current element …
CVE-2026-45837 unknown FIX slesdebian debian 9d ago In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in arena_vm_close on fork arena_vm_open() only bumps vml->mmap_count but never registers the child VMA in…
CVE-2025-12686 critical 9.8 9.8 9d ago Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in AdminCenter in Synology BeeStation OS before 1.3.2-65648 allows remote attackers to execute arbitrary code via …
CVE-2025-13392 critical 9.8 9.8 9d ago Improper check for unusual or exceptional conditions vulnerability in SSO in Synology DiskStation Manager (DSM) before 7.2.2-72806-5 and 7.3.1-86003-1 (7.2.1-69057 is not affected) allows remote atta…
CVE-2026-49002 critical 9.1 9.1 9d ago Access control failure means that an application does not effectively check user access permissions, so that unauthorized users can access system data beyond their permissions, such as viewing and mo…
CVE-2026-8760 critical 9.8 9.8 9d ago The Login with OTP plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.6. This is due to an incomplete fix for CVE-2024-11178: the rate-limit/lockout c…
CVE-2026-8450 critical 9.1 9.1 FIX debian debian sles 9d ago HTTP::Daemon versions before 6.17 for Perl allow OS command injection via send_file(). send_file() opens its string argument with Perl's 2-arg open(). The 2-arg form interprets magic prefixes: '| cm…
CVE-2026-49017 unknown FIX debian debian 9d ago In OpenStack Swift before 2.36.2 and 2.37.2, s3api middleware enters an infinite loop when processing a truncated aws-chunked PUT request body. The StreamingInput class repeatedly appends an empty bu…
CVE-2026-44632 critical 9.5 9d ago Yamcs Vulnerable to Server-Side Code Injection (RCE) via Janino Expression Engine in `JavaExprAlgorithmExecutionFactory`
CVE-2026-8959 critical 9.6 9.6 FIX rheldebian debian sles mozilla 9d ago Important: thunderbird security update
CVE-2026-8956 critical 9.8 9.8 FIX rheldebian debian sles mozilla 9d ago Important: thunderbird security update
CVE-2026-8953 critical 9.6 9.6 FIX rheldebian debian sles mozilla 9d ago Important: thunderbird security update
CVE-2026-8950 critical 9.3 9.3 FIX rheldebian debian sles mozilla 9d ago Important: thunderbird security update
CVE-2026-8401 critical 9.8 9.8 FIX rheldebian debian sles mozilla 9d ago Important: thunderbird security update
CVE-2026-44985 critical 9.6 9.6 amirraminfar 9d ago Dozzle is a realtime log viewer for docker containers. Prior to 10.5.2, he WebSocket upgrader for the /exec and /attach endpoints uses CheckOrigin: func(r *http.Request) bool { return true }, accepti…
CVE-2026-44966 critical 9.8 9.8 shepherdwind 9d ago Velocity.js is a JavaScript implementation of the Apache Velocity template engine. In 2.1.5 and earlier, a prototype pollution vulnerability was discovered in velocityjs. This issue occurs during the…
CVE-2026-9642 critical 9.8 9.8 deltaww 9d ago Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2026-44450 critical 9.9 9.9 9d ago Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the MCP server creation endpoint validates the command field against an allowlist of binary names but forwards the args array to the …
CVE-2026-44444 critical 9.1 9.1 9d ago Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the Spindle extension build pipeline calls bun install without the --ignore-scripts flag before running the static backend safety sca…
CVE-2026-44449 critical 9.1 9.1 9d ago Lumiverse is a full-featured AI chat application. Prior to 0.9.7, when the primary toSmbPath(fullPath) call throws, the method falls back to a dirname/basename split and only validates the directory …
CVE-2026-44451 critical 9.3 9.3 9d ago Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the component override system transpiles user-supplied TSX via Sucrase and evaluates it with new Function, shadowing dangerous global…
CVE-2026-3660 critical 9.8 9.8 ibm 9d ago IBM Engineering Lifecycle Management 7.0.3, 7.1.0, and 7.2.0 could allow an unauthenticated remote attacker to update server property files that would allow them to gain unauthorized access to the ap…
CVE-2026-7251 critical 9.8 9.8 10d ago Eppendorf BioFlo 320 is vulnerable due to VNC server using a hard-coded password. If a remote attacker knows the network address of any BioFlo 320 model with remote access enabled, they can gain full…
CVE-2026-46624 critical 9.9 9.9 twenty 10d ago Twenty is an open source CRM. From 1.7.7 through 1.16.7, a critical Remote Code Execution (RCE) vulnerability exists in Twenty CRM via a chained SQL Injection and PostgreSQL COPY TO PROGRAM attack. I…
CVE-2026-44668 critical 9.8 9.8 10d ago FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, AccessControlInterceptor, the authentication gate for all Struts2 actions, unconditionally calls invocation.invo…
CVE-2026-9170 critical 9.8 9.8 ibm 10d ago IBM HTTP Server 8.5, and 9.0
CVE-2026-8633 critical 9.8 9.8 ibm 10d ago IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to remote code executi…
CVE-2026-48902 critical 9.8 9.8 joomla 10d ago The password and username reset features created plain http links for https connections if the "Force SSL" flag wasn't explicitly set.
CVE-2026-48691 critical 9.8 9.8 FIX debian debian pavel-odintsov 10d ago FastNetMon Community Edition through 1.2.9 contains an integer overflow in the BGP AS_PATH attribute encoder. In src/bgp_protocol.hpp, the IPv4UnicastAnnounce::get_attributes() function computes attr…
CVE-2026-45836 unknown FIX slesdebian debianwindows windows 10d ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_get_sndtimeo_cb() Add the same NULL guard already present in l2cap_sock_resume…
CVE-2026-45835 unknown FIX slesdebian debianwindows windows 10d ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_new_connection_cb() Add the same NULL guard already present in l2cap_sock_resu…
CVE-2026-45834 unknown FIX slesdebian debianwindows windows 10d ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_state_change_cb() Add the same NULL guard already present in l2cap_sock_resume…
CVE-2026-45721 critical 9.0 9.0 10d ago Algernon: handler.lua discovery walks parent directories above the server root
CVE-2026-44723 critical 9.9 9.9 vowpalwabbit 10d ago Vowpal Wabbit is a machine learning system. The workflow .github/workflows/python_checks.yml embeds ${{ github.event.pull_request.title }} directly inside double-quoted bash strings in four separate …
CVE-2026-35222 critical 9.8 9.8 joomla 10d ago Improperly validated order clauses lead to a SQL injection vulnerability in com_tags.
CVE-2026-24212 critical 9.8 9.8 linux-kernel nvidia 10d ago NVIDIA Isaac Launchable for Linux contains a vulnerability where sensitive information is transmitted in clear text. A successful exploit of this vulnerability might lead to code execution, escalatio…
CVE-2025-36220 critical 9.8 9.8 ibm 10d ago IBM Cloud Pak for Data System - Cyclops 11.3.0.2 through Interim Fix 002 IBM Cloud Pak for Data System is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, …
CVE-2026-8856 critical 9.1 9.1 linux-kernel ibm 10d ago IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configurations where an attacker has write access to parts of the server configuration.
CVE-2026-35221 critical 9.8 9.8 joomla 10d ago Improperly built filter clauses lead to a SQL injection vulnerability in the search query for com_finder.
CVE-2026-40383 critical 9.8 9.8 joomla 10d ago An improper validation of user-supplied input leads to a local file inclusion vulnerability.
CVE-2026-48899 critical 9.8 9.8 joomla 10d ago An improper access check allows privilege escalation through the com_users batch task.
CVE-2026-35223 critical 9.8 9.8 joomla 10d ago An improper access check allows unauthorized access to com_config webservice endpoints.
CVE-2026-48904 critical 9.8 9.8 joomla 10d ago An improper access check allows privelege escalation through the com_users group editing webservice endpoint.
CVE-2026-48898 critical 9.8 9.8 joomla 10d ago An improper access check allows privilege escalation through the com_users batch task.
CVE-2026-48686 critical 9.8 9.8 FIX debian debian pavel-odintsov 10d ago FastNetMon Community Edition through 1.2.9 contains a stack-based buffer overflow in the BGP NLRI (Network Layer Reachability Information) decoder. The function decode_bgp_subnet_encoding_ipv4_raw() …
CVE-2026-45247 critical 9.8 10.0 KEV mirasvit 10d ago Mirasvit Full Page Cache Warmer for Magento 2 before version 1.11.12 contains a PHP object injection vulnerability that allows unauthenticated attackers to achieve remote code execution by supplying …
CVE-2026-9543 critical 9.8 9.8 10d ago A vulnerability has been found in Totolink N300RH 6.1c.1353_B20190305. Affected is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipul…
CVE-2026-4480 critical 9.0 9.0 FIX slesdebian debian rhel redhatsamba 10d ago Important: samba security update
CVE-2026-7374 critical 9.9 9.9 sleswindows windows 10d ago A flaw was found in KubeVirt's virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation whe…
CVE-2026-48784 unknown FIX debian debian 10d ago CVE-2026-48784: UrlGenerator Dot-Segment Encoding Skips Every Other Chained `../` or `./` → Generated URL Collapses Off-Route Under RFC 3986 Normalization
CVE-2026-48761 unknown FIX debian debian 10d ago CVE-2026-48761: HtmlSanitizer UrlAttributeSanitizer Misses URL Attributes on <object>, <applet>, <iframe>, <img> and the URL Inside <meta http-equiv="refresh"> content
CVE-2026-48760 unknown FIX debian debian 10d ago CVE-2026-48760: HtmlSanitizer URL Parser Deny Gates Underinclusive: Percent-Encoded BiDi Marks and Unicode Whitespace Bypass Visual-Spoofing Defense
CVE-2026-48747 unknown FIX debian debian 10d ago CVE-2026-48747: Mailomat Mailer Webhook Parser Reads the HMAC Algorithm from the Request: Signature Algorithm Downgrade
CVE-2026-48736 unknown FIX debian debian 10d ago CVE-2026-48736: IpUtils::PRIVATE_SUBNETS Omits IPv6 Transition Forms (6to4, NAT64, Teredo, IPv4-compatible): SSRF Bypass in NoPrivateNetworkHttpClient
CVE-2026-48489 unknown FIX debian debian 10d ago CVE-2026-48489: Security Firewall Bypass via failure_forward Subrequest: Unauthenticated Access to access_control-Protected GET Routes
CVE-2026-46644 unknown FIX debian debian 10d ago symfony/polyfill-intl-idn: xn-- labels with ASCII-only Punycode payloads are treated as equivalent to their decoded form
CVE-2026-42496 critical 9.1 9.1 debian debianwindows windows archive\ 10d ago Archive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside the extraction directory. _make_special_file() passes the tar header's linkname to symlink() with…
CVE-2026-8094 critical 9.8 9.8 FIX rheldebian debian sles mozilla 10d ago RHSA-2026:20566: firefox security update (Important)
CVE-2026-48689 critical 9.8 9.8 FIX debian debian pavel-odintsov 10d ago FastNetMon Community Edition through 1.2.9 contains an off-by-one heap-based buffer overflow in the dynamic_binary_buffer_t class (src/dynamic_binary_buffer.hpp). Five methods (append_dynamic_buffer,…
CVE-2026-48687 critical 9.8 9.8 FIX debian debian pavel-odintsov 10d ago FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Juniper router integration plugin. The _log() function in src/juniper_plugin/fastnetmon_juniper.php (l…
CVE-2026-2332 critical 9.1 9.1 FIX rheldebian debian sles eclipse 10d ago Jetty has HTTP Request Smuggling via Chunked Extension Quoted-String Parsing
CVE-2026-8376 critical 9.8 9.8 slesdebian debianwindows windows perl 10d ago Perl versions through 5.43.10 have a heap buffer overflow when compiling regular expressions with a repeated fixed string on 32-bit builds. Perl_study_chunk in regcomp_study.c checked the size of th…
CVE-2026-42774 critical 9.3 9.3 10d ago Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Crocoblock JetEngine allows SQL Injection. This issue affects JetEngine: from n/a through 3.8.8.…
CVE-2026-42773 critical 9.3 9.3 10d ago Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in eMagicOne eMagicOne Store Manager allows Blind SQL Injection. This issue affects eMagicOne Store…