VIR Vulnerability Intelligence Relay

Search

Found 24,370 results in 1333ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-33811 high 7.5 7.5 FIX debian debian sleswindows windows golanggoogle 29d ago When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash.
CVE-2026-8086 high 7.8 7.8 FIX debian debian osgeo 29d ago A vulnerability was identified in OSGeo gdal up to 3.13.0dev-4. This issue affects the function SWnentries of the file frmts/hdf4/hdf-eos/SWapi.c. Such manipulation of the argument DimensionName lead…
CVE-2026-44244 high 7.8 7.8 FIX slesdebian debian gitpython_project 29d ago GitPython: Newline injection in config_writer().set_value() enables RCE via core.hooksPath
CVE-2026-42215 high 8.8 8.8 FIX slesdebian debian gitpython_project 29d ago GitPython has Command Injection via Git options bypass
CVE-2026-42011 high 7.4 7.4 FIX debian debian sleswindows windows 1mo ago RHSA-2026:20612: gnutls security update (Important)
CVE-2026-8093 high 8.1 8.1 FIX debian debian sles mozilla 1mo ago Memory safety bugs present in Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary …
CVE-2026-42285 high 7.5 7.5 FIX debian debian osrg 1mo ago GoBGP is an open source Border Gateway Protocol (BGP) implementation in the Go Programming Language. In version 4.4.0, an unauthenticated remote BGP peer can trigger a fatal panic in GoBGP by sending…
CVE-2026-41643 high 7.5 7.5 FIX debian debian osrg 1mo ago GoBGP is an open source Border Gateway Protocol (BGP) implementation in the Go Programming Language. Prior to version 4.3.0, a remote Denial of Service (DoS) vulnerability exists in GoBGP where a mal…
CVE-2026-41642 high 7.5 7.5 FIX debian debian osrg 1mo ago GoBGP is an open source Border Gateway Protocol (BGP) implementation in the Go Programming Language. In version 4.3.0, a remote Denial of Service (DoS) vulnerability exists in GoBGP due to a nil poin…
CVE-2026-42010 high 7.1 7.1 FIX debian debian sles rhel gnuredhat 1mo ago RHSA-2026:20612: gnutls security update (Important)
CVE-2026-4430 high 7.8 7.8 FIX debian debian sles libreoffice 1mo ago Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters. This issue affects LibreOffice: from 26.2 before 26.2…
CVE-2026-44602 high 7.5 7.5 FIX debian debian torproject 1mo ago Tor before 0.4.9.7 has a NULL pointer dereference when a CERT cell is received out of order, aka TROVE-2026-006.
CVE-2026-44601 high 7.5 7.5 FIX debian debian torproject 1mo ago Tor before 0.4.9.7, when circuit queue memory pressure exists, can experience a client crash because of a double close of a circuit, aka TROVE-2026-009.
CVE-2026-41675 high 8.0 FIX slesdebian debianwindows windows 1mo ago xmldom has XML node injection through unvalidated processing instruction serialization
CVE-2026-41674 high 8.0 FIX slesdebian debianwindows windows 1mo ago xmldom has XML injection through unvalidated DocumentType serialization
CVE-2026-41673 high 8.0 FIX slesdebian debianwindows windows 1mo ago xmldom: Uncontrolled recursion in XML serialization leads to DoS
CVE-2026-41672 high 8.0 FIX slesdebian debianwindows windows 1mo ago xmldom has XML node injection through unvalidated comment serialization
CVE-2026-41142 high 8.8 8.8 slesdebian debian openexr 1mo ago OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3…
CVE-2026-33636 high 8.0 FIX rheldebian debian sles 1mo ago Important: thunderbird security update
CVE-2026-33554 high 7.5 7.5 FIX rheldebian debian sles 1mo ago ipmi-oem in FreeIPMI before 1.6.17 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface (IPMI) specification defines a set of interfaces for platform m…
CVE-2026-0897 high 8.0 debian debian 1mo ago Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service (…
CVE-2026-44307 high 8.0 FIX debian debianwindows windows 1mo ago Mako vulnerable to path traversal via backslash URI on Windows in TemplateLookup
CVE-2026-40171 high 8.0 debian debian 1mo ago In Jupyter Notebook versions 7.0.0 through 7.5.5, JupyterLab versions 4.5.6 and earlier, and the corresponding @jupyter-notebook/help-extension and @jupyterlab/help-extension packages before 7.5.6 an…
CVE-2026-44243 high 7.1 7.1 FIX slesdebian debian gitpython_project 1mo ago GitPython reference APIs has a path traversal vulnerability that allows arbitrary file write and delete outside the repository
CVE-2026-8018 high 8.1 8.1 FIX debian debian linux-kernelmacos macos google 1mo ago Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via malicious network traffic. (Chromium security…
CVE-2026-8016 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-8007 high 7.5 7.5 FIX debian debian linux-kernelmacos macos google 1mo ago Insufficient validation of untrusted input in Cast in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a cra…
CVE-2026-8002 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in Audio in Google Chrome on Mac prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-8001 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 1mo ago Use After Free in Printing in Google Chrome on Linux, Mac, ChromeOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape v…
CVE-2026-8000 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Insufficient validation of untrusted input in ChromeDriver in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium se…
CVE-2026-7997 high 7.8 7.8 FIX debian debianmacos macoswindows windows google 1mo ago Insufficient validation of untrusted input in Updater in Google Chrome on Mac prior to 148.0.7778.96 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium …
CVE-2026-7995 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Out of bounds read in AdFilter in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Mediu…
CVE-2026-7994 high 7.8 7.8 FIX debian debianwindows windows google 1mo ago Inappropriate implementation in Chromoting in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium securit…
CVE-2026-7992 high 8.8 8.8 FIX debian debian linux-kernelwindows windows google 1mo ago Insufficient validation of untrusted input in UI in Google Chrome on Linux, ChromeOS prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute…
CVE-2026-7991 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in UI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Ch…
CVE-2026-7990 high 7.8 7.8 FIX debian debianwindows windows google 1mo ago Insufficient validation of untrusted input in Updater in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chrom…
CVE-2026-7988 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Type Confusion in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-7987 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-7985 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chro…
CVE-2026-7984 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in ReadingMode in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML …
CVE-2026-7981 high 8.1 8.1 FIX debian debian linux-kernelmacos macos google 1mo ago Out of bounds read in Codecs in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to obtain potentially sensitive information from process memory via a malicious file. (Chromium security…
CVE-2026-7980 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in WebAudio in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-7978 high 8.1 8.1 FIX debian debianmacos macoswindows windows google 1mo ago Inappropriate implementation in Companion in Google Chrome on Mac prior to 148.0.7778.96 allowed a remote attacker to perform OS-level privilege escalation via malicious network traffic. (Chromium se…
CVE-2026-7976 high 7.5 7.5 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in Views in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Ch…
CVE-2026-7975 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. …
CVE-2026-7974 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in Blink in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-7973 high 8.8 8.8 FIX debian debianwindows windows google 1mo ago Integer overflow in Dawn in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Med…
CVE-2026-7970 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in TopChrome in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.…
CVE-2026-7967 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 1mo ago Insufficient validation of untrusted input in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox es…
CVE-2026-7963 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 1mo ago Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a …
CVE-2026-7957 high 8.8 8.8 FIX debian debianmacos macoswindows windows google 1mo ago Out of bounds write in Media in Google Chrome on Mac, iOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a cr…
CVE-2026-7956 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page…
CVE-2026-7951 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Out of bounds write in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-7948 high 7.5 7.5 FIX debian debianwindows windows google 1mo ago Race in Chromoting in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security severity: Medium)
CVE-2026-7940 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in V8 in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code inside a sandbox via a crafted Chrome …
CVE-2026-7938 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in CSS in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-7930 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Insufficient validation of untrusted input in Cookies in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security sev…
CVE-2026-7929 high 7.5 7.5 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in MediaRecording in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML …
CVE-2026-7928 high 8.8 8.8 FIX debian debianwindows windows google 1mo ago Use after free in WebRTC in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: …
CVE-2026-7927 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Type Confusion in Runtime in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-7926 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in PresentationAPI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Hi…
CVE-2026-7925 high 7.8 7.8 FIX debian debianwindows windows google 1mo ago Use after free in Chromoting in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: Hi…
CVE-2026-7923 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 1mo ago Out of bounds write in Skia in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.…
CVE-2026-7922 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-7921 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in Passwords in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
CVE-2026-7920 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in Skia in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chr…
CVE-2026-7919 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in Aura in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chr…
CVE-2026-7918 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chro…
CVE-2026-7917 high 8.3 8.3 FIX debian debianwindows windows google 1mo ago Use after free in Fullscreen in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafte…
CVE-2026-7916 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 1mo ago Insufficient data validation in InterestGroups in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a…
CVE-2026-7914 high 8.3 8.3 FIX debian debianwindows windows google 1mo ago Type Confusion in Accessibility in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a cra…
CVE-2026-7913 high 7.8 7.8 FIX debian debianwindows windows google 1mo ago Insufficient policy enforcement in DevTools in Google Chrome on Android prior to 148.0.7778.96 allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security severi…
CVE-2026-7911 high 8.3 8.3 FIX debian debianwindows windows google 1mo ago Use after free in Aura in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML…
CVE-2026-7907 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in DOM in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-7906 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in SVG in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-7905 high 8.3 8.3 FIX debian debianwindows windows google 1mo ago Insufficient validation of untrusted input in Media in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sand…
CVE-2026-7903 high 8.8 8.8 FIX debian debianmacos macoswindows windows google 1mo ago Integer overflow in ANGLE in Google Chrome on Mac,Windows prior to 148.0.7778.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:…
CVE-2026-7902 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Out of bounds memory access in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Hi…
CVE-2026-7901 high 8.8 8.8 FIX debian debianmacos macoswindows windows google 1mo ago Use after free in ANGLE in Google Chrome on Mac prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-7900 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 1mo ago Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML pag…
CVE-2026-7899 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Out of bounds read and write in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: H…
CVE-2026-7898 high 8.8 8.8 FIX debian debian linux-kernelwindows windows google 1mo ago Use after free in Chromoting in Google Chrome on Linux prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Critical)
CVE-2026-7897 high 7.5 7.5 FIX debian debianmacos macoswindows windows google 1mo ago Use after free in Mobile in Google Chrome on iOS prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML p…
CVE-2026-7896 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Integer overflow in Blink in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-33079 high 8.0 FIX slesdebian debianwindows windows 1mo ago Mistune has a ReDoS in LINK_TITLE_RE that allows denial of service via crafted Markdown input
CVE-2024-27354 high 8.0 FIX debian debian 1mo ago phpseclib: guardrails needed on isPrime and randomPrime
CVE-2026-42503 high 8.8 8.8 debian debian 1mo ago gopls by default communicates via pipe. However, -port and -listen flags are supported as means of debugging. If -listen is given a value without an explicit host (e.g. :8080), or -port is used, gopl…
CVE-2026-6691 high 7.8 7.8 FIX debian debian 1mo ago The MongoDB C Driver's Cyrus SASL integration performs unsafe string copying during username canonicalization, enabling a heap buffer overflow before any authentication or network traffic. This may b…
CVE-2026-6210 unknown FIX slesdebian debianwindows windows 1mo ago A type confusion vulnerability in Qt SVG allows an attacker to cause an application crash via a crafted SVG image. When processing SVG marker references, the renderer retrieves a node by its id at…
CVE-2026-43283 high 8.8 8.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ec_bhf: Fix dma_free_coherent() dma handle dma_free_coherent() in error path takes priv->rx_buf.alloc_len as the d…
CVE-2026-43281 high 7.1 7.1 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: mailbox: Prevent out-of-bounds access in fw_mbox_index_xlate() Although it is guided that `#mbox-cells` must be at least 1, there…
CVE-2026-43280 high 7.1 7.1 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: drm/xe: Add bounds check on pat_index to prevent OOB kernel read in madvise When user provides a bogus pat_index value through th…
CVE-2026-43279 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Add sanity check for OOB writes at silencing At silencing the playback URB packets in the implicit fb mode befor…
CVE-2026-43278 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: dm: clear cloned request bio pointer when last clone bio completes Stale rq->bio values have been observed to cause double-initia…
CVE-2026-43276 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix double destroy_workqueue on service rescan PCI path While testing corner cases in the driver, a use-after-free cra…
CVE-2026-43274 high 8.4 8.4 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: mailbox: mchp-ipc-sbi: fix out-of-bounds access in mchp_ipc_get_cluster_aggr_irq() The cluster_cfg array is dynamically allocated…
CVE-2026-43263 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix Null reference while testing fluster When multi instances are created/destroyed, many interrupts h…
CVE-2026-43260 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix RSS context delete logic We need to free the corresponding RSS context VNIC in FW everytime an RSS context is delete…
CVE-2026-43258 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: alpha: fix user-space corruption during memory compaction Alpha systems can suffer sporadic user-space crashes and heap corruptio…
CVE-2026-43256 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: media: qcom: camss: vfe: Fix out-of-bounds access in vfe_isr_reg_update() vfe_isr() iterates using MSM_VFE_IMAGE_MASTERS_NUM(7) a…