VIR Vulnerability Intelligence Relay

Search

Found 26,310 results in 2604ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2025-59032 high 7.5 7.5 FIX rheldebian debian sles dovecotopen-xchange 1mo ago ManageSieve AUTHENTICATE command crashes when using literal as SASL initial response. This can be used to crash ManageSieve service repeatedly, making it unavailable for other users. Control access t…
CVE-2025-40252 high 8.0 FIX slesdebian debian rhel 1mo ago Linux kernel (Azure) vulnerabilities
CVE-2026-42309 medium 5.5 5.5 FIX slesdebian debian python 1mo ago Pillow has a heap buffer overflow with nested list coordinates
CVE-2026-6321 high 7.5 7.5 FIX slesdebian debian openjsf 1mo ago fast-uri vulnerable to path traversal via percent-encoded dot segments
CVE-2026-43964 high 7.5 7.5 FIX slesdebian debianwindows windows postfix 1mo ago Postfix vulnerability
CVE-2026-42154 high 7.5 7.5 slesdebian debianwindows windows prometheus 1mo ago Prometheus is an open-source monitoring system and time series database. Prior to versions 3.5.3 and 3.11.3, the remote read endpoint (/api/v1/read) does not validate the declared decoded length in a…
CVE-2026-42151 high 7.5 7.5 FIX slesdebian debianwindows windows prometheus 1mo ago Prometheus is an open-source monitoring system and time series database. Prior to versions 3.5.3 and 3.11.3, the client_secret field in the Azure AD remote write OAuth configuration (storage/remote/a…
CVE-2026-42146 medium 5.5 5.5 FIX debian debian 1mo ago CImg Library is a C++ library for image processing. Prior to commit c3aacf5, the nb_colors field read from the BMP file header is used directly to compute an allocation size without validating it aga…
CVE-2026-42144 medium 6.1 6.1 FIX debian debian 1mo ago CImg Library is a C++ library for image processing. Prior to commit 4ca26bc, there is an integer overflow vulnerability in the W*H*D size computation inside _load_pnm() that can bypass the memory all…
CVE-2026-37459 high 7.5 7.5 FIX debian debian sleswindows windows 1mo ago FRR vulnerabilities
CVE-2026-29004 high 8.1 8.1 debian debian sles 1mo ago BusyBox before commit 42202bf contains a heap buffer overflow vulnerability in the DHCPv6 client (udhcpc6) DNS_SERVERS option handler in networking/udhcp/d6_dhcpc.c that allows network-adjacent attac…
CVE-2026-42440 high 7.5 7.5 FIX debian debian apache 1mo ago OOM Denial of Service via Unbounded Array Allocation in Apache OpenNLP AbstractModelReader  Versions Affected:  before 2.5.9 before 3.0.0-M3  Description: The AbstractModelReader methods getOut…
CVE-2026-42027 critical 9.8 9.8 FIX debian debian apache 1mo ago Arbitrary Class Instantiation via Model Manifest in Apache OpenNLP ExtensionLoader Versions Affected: before 2.5.9, before 3.0.0-M3 Description:  The ExtensionLoader.instantiateExtension(C…
CVE-2026-40682 critical 9.1 9.1 FIX debian debian apache 1mo ago XML External Entity (XXE) via Unsanitized Dictionary Parsing in Apache OpenNLP DictionaryEntryPersistor Versions Affected: before 2.5.9, before 3.0.0-M3 Description: The DictionaryEntryPersistor …
CVE-2026-37461 high 7.5 7.5 FIX debian debianubuntu ubuntu osrg 1mo ago GoBGP vulnerabilities
CVE-2026-37458 medium 6.5 6.5 FIX debian debian sleswindows windows frrouting 1mo ago FRR vulnerabilities
CVE-2025-70071 medium 5.9 5.9 debian debian sles 1mo ago An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXParser.cpp, ParseVectorDataArray()
CVE-2026-33523 medium 6.5 6.5 FIX debian debian sleswindows windows apache 1mo ago Apache HTTP Server vulnerabilities
CVE-2026-33007 medium 5.3 5.3 FIX debian debian rhel sles apache 1mo ago Apache HTTP Server vulnerabilities
CVE-2026-33006 medium 4.8 4.8 FIX debian debian sleswindows windows apache 1mo ago Apache HTTP Server vulnerabilities
CVE-2026-29169 high 7.5 7.5 FIX debian debian sleswindows windows apache 1mo ago Apache HTTP Server vulnerabilities
CVE-2026-23918 high 8.8 9.8 EXPFIX debian debian sleswindows windows apache 1mo ago Apache HTTP Server vulnerabilities
CVE-2025-70072 medium 6.5 6.5 debian debian sles 1mo ago An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXConverter.cpp, FBXConverter::ConvertMeshMultiMaterial() components
CVE-2025-70070 medium 6.5 6.5 debian debian sles 1mo ago An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXMeshGeometry.cpp, MeshGeometry::MeshGeometry()
CVE-2026-34032 medium 5.3 5.3 FIX debian debian rhel sles apache 1mo ago Apache HTTP Server vulnerabilities
CVE-2026-33857 medium 5.3 5.3 FIX debian debian rhel sles apache 1mo ago Apache HTTP Server vulnerabilities
CVE-2025-70069 high 7.5 7.5 debian debian sles 1mo ago An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXConverter.cpp and ConvertMeshMultiMaterial() method
CVE-2025-70067 critical 9.8 9.8 debian debian sles 1mo ago Buffer Overflow vulnerability exists in Assimp versions up to 6.0.2 in the FBX Importer. The vulnerability occurs in aiMaterial::AddBinaryProperty, where a property key string from a crafted FBX file…
CVE-2026-34059 high 7.5 7.5 FIX debian debian rhel sles apache 1mo ago Apache HTTP Server vulnerabilities
CVE-2026-24072 high 8.8 8.8 FIX debian debian sleswindows windows apache 1mo ago Apache HTTP Server vulnerabilities
CVE-2026-33846 high 7.5 7.5 FIX debian debian sleswindows windows 1mo ago GnuTLS vulnerabilities
CVE-2026-7737 high 7.5 7.5 FIX debian debianubuntu ubuntu osrg 1mo ago GoBGP vulnerabilities
CVE-2026-7736 high 7.5 7.5 FIX debian debianubuntu ubuntu osrg 1mo ago GoBGP vulnerabilities
CVE-2026-43864 low 2.5 2.5 slesdebian debian 1mo ago mutt before 2.3.2 has a show_sig_summary NULL pointer dereference.
CVE-2026-43863 low 3.7 3.7 slesdebian debian 1mo ago mutt before 2.3.2 has an infinite loop in data_object_to_stream in crypt-gpgme.c.
CVE-2026-43862 low 3.7 3.7 slesdebian debian 1mo ago In mutt before 2.3.2, the imap_auth_gss security level is mishandled.
CVE-2026-43861 low 3.7 3.7 slesdebian debian 1mo ago mutt before 2.3.2 does not check for '\0' in url_pct_decode.
CVE-2026-43860 low 3.7 3.7 slesdebian debian 1mo ago mutt before 2.3.2 sometimes truncates the hash_passwd by one byte for IMAP auth_cram MD5 digest.
CVE-2026-43859 low 3.7 3.7 slesdebian debian 1mo ago mutt before 2.3.2 sometimes uses strfcpy instead of memcpy for the IMAP auth_cram MD5 digest.
CVE-2026-7735 high 7.3 7.3 FIX debian debianubuntu ubuntu osrg 1mo ago GoBGP vulnerabilities
CVE-2026-7734 high 7.5 7.5 FIX debian debianubuntu ubuntu osrg 1mo ago GoBGP vulnerabilities
CVE-2026-43077 medium 5.5 5.5 FIX rhel sles rocky 1mo ago Linux kernel vulnerabilities
CVE-2026-42258 critical 9.8 9.8 debian debianwindows windows ruby-lang 1mo ago net-imap vulnerable to command Injection via unvalidated Symbol inputs
CVE-2026-42257 critical 9.8 9.8 debian debianwindows windows ruby-lang 1mo ago net-imap vulnerable to command Injection via "raw" arguments to multiple commands
CVE-2026-42256 medium 6.5 6.5 slesdebian debianwindows windows ruby-lang 1mo ago net-imap vulnerable to denial of service via high iteration count for `SCRAM-*` authentication
CVE-2026-42246 high 7.4 7.4 debian debianwindows windows ruby-lang 1mo ago net-imap vulnerable to STARTTLS stripping via invalid response timing
CVE-2026-42245 high 7.5 7.5 slesdebian debian ruby-lang 1mo ago net-imap has quadratic complexity when reading response literals
CVE-2026-35414 high 8.0 FIX rhel slesdebian debian google 1mo ago OpenSSH vulnerabilities
CVE-2026-35388 high 8.0 FIX rhel slesdebian debian 1mo ago OpenSSH vulnerabilities
CVE-2026-35387 high 8.0 FIX rhel slesdebian debian 1mo ago OpenSSH vulnerabilities
CVE-2026-35386 high 8.0 FIX rhel slesdebian debian google 1mo ago OpenSSH vulnerabilities
CVE-2026-35385 high 8.0 FIX rhel slesdebian debian google 1mo ago OpenSSH vulnerabilities
CVE-2026-31431 high 7.8 10.0 KEVEXPFIX rhelarch arch sles redhatsusearista 1mo ago kmod update
CVE-2026-31402 critical 9.8 9.8 FIX rhel sles rocky 1mo ago Important: kernel security update
CVE-2026-24660 high 8.0 FIX debian debian sles rhel 1mo ago RHSA-2026:13284: LibRaw security update (Important)
CVE-2026-23270 high 7.8 7.8 FIX rhel sles rocky 1mo ago Important: kernel security update
CVE-2026-23136 high 8.0 FIX rhel slesdebian debian 1mo ago Linux kernel vulnerabilities
CVE-2026-20889 high 8.0 FIX debian debian sles rhel 1mo ago RHSA-2026:13284: LibRaw security update (Important)
CVE-2026-40561 medium 5.3 5.3 FIX debian debian kazuho 1mo ago Starlet versions through 0.31 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Starlet incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both head…
CVE-2026-6525 medium 5.5 5.5 FIX slesdebian debian wireshark 1mo ago IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.4
CVE-2026-43058 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: media: vidtv: fix pass-by-value structs causing MSAN warnings vidtv_ts_null_write_into() and vidtv_ts_pcr_write_into() take their…
CVE-2026-7598 high 7.3 7.3 FIX debian debian sleswindows windows libssh2 1mo ago libssh2 vulnerability
CVE-2026-37457 high 7.5 7.5 FIX debian debian sleswindows windows frrouting 1mo ago FRR vulnerabilities
CVE-2026-35233 medium 4.4 4.4 FIX debian debian 1mo ago An unprivileged attacker can craft a user-space process with a malicious ELF binary containing an out-of-range sh_link field. When root-level dtrace attaches to -- or instruments -- that process (via…
CVE-2026-21996 medium 5.5 5.5 FIX debian debian 1mo ago An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuild_file_symtab()
CVE-2026-42481 medium 5.5 5.5 debian debian opencascade 1mo ago Open CASCADE Technology (OCCT) V8_0_0_rc5 contains multiple vulnerabilities in its IGES and STEP file parsers that can be triggered by crafted IGES or STEP files. These issues include an out-of-bound…
CVE-2026-42480 medium 5.5 5.5 debian debian opencascade 1mo ago A stack-based out-of-bounds read vulnerability in VrmlData_Scene::ReadLine in the VRML parser in Open CASCADE Technology (OCCT) V8_0_0_rc5 allows attackers to cause a denial of service via a crafted …
CVE-2026-43507 high 7.5 7.5 FIX debian debian prosody 1mo ago An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5. A Denial of Service can occur via memory exhaustion caused by XML parsing resource amplification from unauthen…
CVE-2026-43506 high 7.5 7.5 FIX debian debian prosody 1mo ago An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5. A Denial of Service can occur via memory exhaustion caused by memory leaks from unauthenticated connections.
CVE-2026-43505 medium 6.5 6.5 FIX debian debian prosody 1mo ago An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5, when mod_proxy65 is enabled. Because mod_proxy65 mishandles access control in the activation scenario, relayin…
CVE-2026-43504 medium 6.5 6.5 FIX debian debian prosody 1mo ago An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5, when mod_proxy65 is enabled. Because mod_proxy65 mishandles access control in a paused scenario, relaying of u…
CVE-2026-43057 high 7.5 7.5 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: correctly handle tunneled traffic on IPV6_CSUM GSO fallback NETIF_F_IPV6_CSUM only advertises support for checksum offload o…
CVE-2026-43056 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: mana: fix use-after-free in add_adev() error path If auxiliary_device_add() fails, add_adev() jumps to add_fail and calls au…
CVE-2026-43055 high 7.5 7.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: scsi: target: file: Use kzalloc_flex for aio_cmd The target_core_file doesn't initialize the aio_cmd->iocb for the ki_write_strea…
CVE-2026-43054 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcm_loop: Drain commands in target_reset handler tcm_loop_target_reset() violates the SCSI EH contract: it returns …
CVE-2026-43053 medium 4.7 4.7 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: xfs: close crash window in attr dabtree inactivation When inactivating an inode with node-format extended attributes, xfs_attr3_n…
CVE-2026-43052 high 7.1 7.1 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check tdls flag in ieee80211_tdls_oper When NL80211_TDLS_ENABLE_LINK is called, the code only checks if the stati…
CVE-2026-43051 high 8.1 8.1 FIX sles rheldebian debian 1mo ago In the Linux kernel, the following vulnerability has been resolved: HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq The wacom_intuos_bt_irq() function processes Bluetooth HID reports with…
CVE-2026-43050 high 7.0 7.0 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: atm: lec: fix use-after-free in sock_def_readable() A race condition exists between lec_atm_close() setting priv->lecd to NULL an…
CVE-2026-43049 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: HID: logitech-hidpp: Prevent use-after-free on force feedback initialisation failure Presently, if the force feedback initialisat…
CVE-2026-43048 high 8.8 8.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: HID: core: Mitigate potential OOB by removing bogus memset() The memset() in hid_report_raw_event() has the good intention of cle…
CVE-2026-43047 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Check to ensure report responses match the request It is possible for a malicious (or clumsy) device to respond …
CVE-2026-43046 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: btrfs: reject root items with drop_progress and zero drop_level [BUG] When recovering relocation at mount time, merge_reloc_root(…
CVE-2026-43045 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: mshv: Fix error handling in mshv_region_pin The current error handling has two issues: First, pin_user_pages_fast() can return a…
CVE-2026-43044 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: crypto: caam - fix DMA corruption on long hmac keys When a key longer than block size is supplied, it is copied and then hashed i…
CVE-2026-43043 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: crypto: af-alg - fix NULL pointer dereference in scatterwalk The AF_ALG interface fails to unmark the end of a Scatter/Gather Lis…
CVE-2026-43042 high 7.1 7.1 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: mpls: add seqcount to protect the platform_label{,s} pair The RCU-protected codepaths (mpls_forward, mpls_dump_routes) can have a…
CVE-2026-43041 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: qrtr: replace qrtr_tx_flow radix_tree with xarray to fix memory leak __radix_tree_create() allocates and links intermediate …
CVE-2026-43040 high 7.1 7.1 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: ipv6: ndisc: fix ndisc_ra_useropt to initialize nduseropt_padX fields to zero to prevent an info-leak When processing Router…
CVE-2026-43039 critical 9.8 9.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: fix missing data copy and wrong recycle in ZC RX dispatch emac_dispatch_skb_zc() allocates a new skb via n…
CVE-2026-43038 critical 9.8 9.8 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach() Sashiko AI-review observed: In ip6_err_gen_icmpv6_unreach(), the …
CVE-2026-43037 critical 9.8 9.8 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: clear skb2->cb[] in ip4ip6_err() Oskar Kjos reported the following problem. ip4ip6_err() calls icmp_send() on a clon…
CVE-2026-43036 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: use skb_header_pointer() for TCPv4 GSO frag_off check Syzbot reported a KMSAN uninit-value warning in gso_features_check() c…
CVE-2026-43035 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: sched: cls_api: fix tc_chain_fill_node to initialize tcm_info to zero to prevent an info-leak When building netlink messages…
CVE-2026-43034 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: bnxt_en: set backing store type from query type bnxt_hwrm_func_backing_store_qcaps_v2() stores resp->type from the firmware respo…
CVE-2026-43033 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago Linux kernel vulnerabilities
CVE-2026-43032 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: NFC: pn533: bound the UART receive buffer pn532_receive_buf() appends every incoming byte to dev->recv_skb and only resets the bu…
CVE-2026-43031 high 7.5 7.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Fix BQL accounting for multi-BD TX packets When a TX packet spans multiple buffer descriptors (scatter-gath…
CVE-2026-43030 high 7.8 7.8 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: bpf: Fix regsafe() for pointers to packet In case rold->reg->range == BEYOND_PKT_END && rcur->reg->range == N regsafe() may retur…
CVE-2026-43029 high 7.5 7.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: mptcp: fix soft lockup in mptcp_recvmsg() syzbot reported a soft lockup in mptcp_recvmsg() [0]. When receiving data with MSG_PEE…