VIR Vulnerability Intelligence Relay

Search

Found 1,127 results in 153ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-31593 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Reject attempts to sync VMSA of an already-launched/encrypted vCPU Reject synchronizing vCPU state to its associated VM…
CVE-2026-31590 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Drop WARN on large size for KVM_MEMORY_ENCRYPT_REG_REGION Drop the WARN in sev_pin_memory() on npages overflowing an in…
CVE-2026-31561 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: x86/cpu: Remove X86_CR4_FRED from the CR4 pinned bits mask Commit in Fixes added the FRED CR4 bit to the CR4 pinned bits mask so …
CVE-2026-31555 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: futex: Clear stale exiting pointer in futex_lock_pi() retry path Fuzzying/stressing futexes triggered: WARNING: kernel/futex…
CVE-2026-31546 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix NULL deref in bond_debug_rlb_hash_show rlb_clear_slave intentionally keeps RLB hash-table entries on the rx_has…
CVE-2026-6920 critical 9.6 9.6 FIX debian debian linux-kernel google 1mo ago Out of bounds read in GPU in Google Chrome on Android prior to 147.0.7727.117 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted …
CVE-2026-6919 critical 9.6 9.6 FIX debian debian linux-kernel google 1mo ago Use after free in DevTools in Google Chrome prior to 147.0.7727.117 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.…
CVE-2026-31523 medium 4.7 4.7 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: nvme-pci: ensure we're polling a polled queue A user can change the polled queue count at run time. There's a brief window during…
CVE-2026-31521 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: module: Fix kernel panic when a symbol st_shndx is out of bounds The module loader doesn't check for bounds of the ELF section in…
CVE-2026-31515 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: af_key: validate families in pfkey_send_migrate() syzbot was able to trigger a crash in skb_put() [1] Issue is that pfkey_send_m…
CVE-2026-31496 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_expect: skip expectations in other netns via proc Skip expectations that do not reside in this netns. Si…
CVE-2026-31466 medium 4.7 4.7 FIX debian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: fix folio isn't locked in softleaf_to_folio() On arm64 server, we found folio that get from migration entry isn't…
CVE-2026-31429 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 2mo ago In the Linux kernel, the following vulnerability has been resolved: net: skb: fix cross-cache free of KFENCE-allocated skb head SKB_SMALL_HEAD_CACHE_SIZE is intentionally set to a non-power-of-2 va…
CVE-2026-6364 medium 6.5 6.5 FIX debian debian google 2mo ago Out of bounds read in Skia in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted file. (Chromium security se…
CVE-2026-6362 medium 4.3 4.3 FIX debian debian google 2mo ago Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted video file. (Chromium security severity: H…
CVE-2026-6296 critical 9.6 9.6 FIX debian debian linux-kernelmacos macos google 2mo ago Heap buffer overflow in ANGLE in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-6298 medium 4.3 4.3 FIX debian debian linux-kernelmacos macos google 2mo ago Heap buffer overflow in Skia in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium secu…
CVE-2026-5919 medium 6.5 6.5 FIX debian debian linux-kernelmacos macos google 2mo ago Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a …
CVE-2026-5911 medium 4.3 4.3 FIX debian debian linux-kernelmacos macos google 2mo ago Policy bypass in ServiceWorkers in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-5890 medium 5.3 5.3 FIX debian debianmacos macos linux-kernel google 2mo ago Race in WebCodecs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severit…
CVE-2026-5867 medium 4.3 4.3 FIX debian debian linux-kernelmacos macos google 2mo ago Heap buffer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium secu…
CVE-2026-31789 critical 9.8 9.8 FIX slesdebian debian opensslgoogle 2mo ago Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platforms. Impact summary: A heap buffer overflow may lead to a cr…
CVE-2026-23442 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 2mo ago In the Linux kernel, the following vulnerability has been resolved: ipv6: add NULL checks for idev in SRv6 paths __in6_dev_get() can return NULL when the device has no IPv6 configuration (e.g. MTU …
CVE-2026-5273 medium 6.3 6.3 FIX debian debianmacos macos linux-kernel google 2mo ago Use after free in CSS in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-23399 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 2mo ago In the Linux kernel, the following vulnerability has been resolved: nf_tables: nft_dynset: fix possible stateful expression memleak in error path If cloning the second stateful expression in the el…
CVE-2026-23302 medium 4.7 4.7 FIX slesdebian debian linux-kernel google 2mo ago In the Linux kernel, the following vulnerability has been resolved: net: annotate data-races around sk->sk_{data_ready,write_space} skmsg (and probably other layers) are changing these pointers whi…
CVE-2026-33176 medium 5.5 FIX slesdebian debian google 2mo ago Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Support number helpers accept str…
CVE-2026-33170 medium 5.5 FIX slesdebian debian google 2mo ago Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, `SafeBuffer#%` does not propagate the `@…
CVE-2026-33169 medium 5.5 FIX slesdebian debian google 2mo ago Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. `NumberToDelimitedConverter` uses a lookahead-based regular expression with `gsub!` to in…
CVE-2026-23277 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 3mo ago In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit teql_master_xmit() calls netdev_start_xmit(skb,…
CVE-2026-23255 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 3mo ago In the Linux kernel, the following vulnerability has been resolved: net: add proper RCU protection to /proc/net/ptype Yin Fengwei reported an RCU stall in ptype_seq_show() and provided a patch. Re…
CVE-2026-0915 medium 5.5 FIX rocky rheldebian debian google 4mo ago RHSA-2026:4772: glibc security update (Moderate)
CVE-2026-0861 medium 5.5 FIX rheldebian debian sles google 4mo ago Moderate: glibc security update
CVE-2025-15281 medium 5.5 FIX rocky rheldebian debian google 4mo ago RHSA-2026:4772: glibc security update (Moderate)
CVE-2026-23157 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 4mo ago In the Linux kernel, the following vulnerability has been resolved: btrfs: do not strictly require dirty metadata threshold for metadata writepages [BUG] There is an internal report that over 1000 …
CVE-2025-40135 medium 5.5 FIX rocky rhel sles google 4mo ago In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6_xmit() Use RCU in ip6_xmit() in order to use dst_dev_rcu() to prevent possible UAF.
CVE-2025-71161 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 4mo ago In the Linux kernel, the following vulnerability has been resolved: dm-verity: disable recursive forward error correction There are two problems with the recursive correction: 1. It may cause deni…
CVE-2025-22116 medium 5.5 FIX rhel slesdebian debian google 7mo ago In the Linux kernel, the following vulnerability has been resolved: idpf: check error for register_netdev() on init Current init logic ignores the error code from register_netdev(), which will caus…
CVE-2023-6460 medium 5.5 5.5 google 3y ago Logging of the firestore key within nodejs-firestore
CVE-2022-40897 medium 5.5 FIX rhel rocky sles google 3y ago RHSA-2024:2987: python27:2.7 security update (Moderate)
CVE-2022-2160 medium 6.5 6.5 FIX debian debianfedora fedora google 4y ago Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitiv…
CVE-2017-5120 medium 6.5 6.5 FIX arch archmacos macos linux-kernel google 9y ago multiple issues in chromium
CVE-2017-5119 medium 4.3 4.3 FIX arch archdebian debian google 9y ago multiple issues in chromium
CVE-2017-5118 medium 4.3 4.3 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5117 medium 6.5 6.5 FIX arch arch linux-kerneldebian debian google 9y ago multiple issues in chromium
CVE-2017-5110 medium 6.5 6.5 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5109 medium 4.3 4.3 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5107 medium 5.3 5.3 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5106 medium 6.5 6.5 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5105 medium 6.5 6.5 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5104 medium 6.5 6.5 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5103 medium 4.3 4.3 FIX arch archmacos macos linux-kernel google 9y ago multiple issues in chromium
CVE-2017-5102 medium 4.3 4.3 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5101 medium 6.5 6.5 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5096 medium 4.3 4.3 google 9y ago Insufficient policy enforcement during navigation between different schemes in Google Chrome prior to 60.0.3112.78 for Android allowed a remote attacker to perform cross origin content download via a…
CVE-2017-5094 medium 6.5 6.5 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5093 medium 6.5 6.5 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5090 medium 6.5 6.5 macos macos google 9y ago Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.115 for Mac allowed a remote attacker to perform domain spoofing via a crafted domain name containing a U+0620 character…
CVE-2017-5089 medium 6.5 6.5 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5086 medium 6.5 6.5 FIX arch archmacos macos rhel google 9y ago multiple issues in chromium
CVE-2017-5083 medium 4.3 4.3 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5082 medium 5.5 5.5 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5079 medium 4.3 4.3 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5076 medium 6.5 6.5 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5075 medium 4.3 4.3 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5072 medium 6.5 6.5 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5071 medium 6.3 6.3 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5069 medium 6.1 6.1 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5067 medium 6.5 6.5 FIX arch arch rhel linux-kernel google 9y ago multiple issues in chromium
CVE-2017-5066 medium 6.5 6.5 FIX arch arch rhel linux-kernel google 9y ago multiple issues in chromium
CVE-2017-5065 medium 4.7 4.7 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5061 medium 5.3 5.3 FIX arch arch rhel linux-kernel google 9y ago multiple issues in chromium
CVE-2017-5060 medium 6.5 6.5 FIX arch arch rhel linux-kernel google 9y ago multiple issues in chromium
CVE-2017-5053 critical 9.6 9.6 FIX arch arch rhel linux-kernel google 9y ago arbitrary code execution in chromium
CVE-2015-1239 medium 6.5 6.5 FIX slesdebian debian uclouvaingoogle 9y ago Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG before r2997, as used in PDFium in Google Chrome, allows remote attackers to cause a denial of service (process crash) via a craf…
CVE-2015-1206 medium 5.5 5.5 google 9y ago Heap-based buffer overflow in Google Chrome before M40 allows remote attackers to cause a denial of service (unpaged memory write and process crash) via a crafted MP4 file.
CVE-2015-1207 medium 6.5 6.5 FIX debian debian google 9y ago Double-free vulnerability in libavformat/mov.c in FFMPEG in Google Chrome 41.0.2251.0 allows remote attackers to cause a denial of service (memory corruption and crash) via a crafted .m4a file.
CVE-2016-5178 critical 9.8 9.8 FIX arch archdebian debiansuse suse google 9y ago arbitrary code execution in chromium
CVE-2017-9045 medium 5.9 5.9 google 9y ago The Google I/O 2017 application before 5.1.4 for Android downloads multiple .json files from http://storage.googleapis.com without SSL, which makes it easier for man-in-the-middle attackers to spoof …
CVE-2017-5046 medium 4.3 4.3 FIX arch arch rheldebian debian google 9y ago multiple issues in chromium
CVE-2017-5045 medium 6.1 6.1 FIX arch arch rheldebian debian google 9y ago multiple issues in chromium
CVE-2017-5044 medium 6.3 6.3 FIX arch arch rheldebian debian google 9y ago multiple issues in chromium
CVE-2017-5042 medium 5.7 5.7 FIX arch arch rheldebian debian google 9y ago multiple issues in chromium
CVE-2017-5041 medium 4.3 4.3 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5040 medium 4.3 4.3 FIX arch arch rheldebian debian google 9y ago multiple issues in chromium
CVE-2017-5038 medium 6.3 6.3 FIX arch arch rheldebian debian google 9y ago multiple issues in chromium
CVE-2017-5033 medium 4.3 4.3 FIX arch arch rheldebian debian google 9y ago multiple issues in chromium
CVE-2014-9654 critical 9.8 9.8 FIX debian debian googleicu-project 9y ago The Regular Expressions package in International Components for Unicode (ICU) for C/C++ before 2014-12-03, as used in Google Chrome before 40.0.2214.91, calculates certain values without ensuring tha…
CVE-2013-6647 critical 9.8 9.8 google 9y ago A use-after-free in AnimationController::endAnimationUpdate in Google Chrome.
CVE-2017-5027 medium 4.3 4.3 google 9y ago Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to properly enforce unsafe-inline content security policy, which allowed a remote attacke…
CVE-2017-5026 medium 4.3 4.3 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5025 medium 5.5 5.5 FIX arch archdebian debian google 9y ago multiple issues in chromium
CVE-2017-5024 medium 5.5 5.5 FIX arch archdebian debian google 9y ago multiple issues in chromium
CVE-2017-5023 medium 4.3 4.3 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5022 medium 4.3 4.3 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5021 medium 4.3 4.3 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5020 medium 6.1 6.1 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5019 medium 6.3 6.3 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5018 medium 6.1 6.1 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5017 medium 4.3 4.3 FIX arch arch google 9y ago multiple issues in chromium