VIR Vulnerability Intelligence Relay

Search

Found 31,055 results in 3306ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2025-71285 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Drop the MHI auto_queue feature for IPCR DL channels MHI stack offers the 'auto_queue' feature, which allows the MHI s…
CVE-2025-71274 medium 4.7 4.7 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: rpmsg: core: fix race in driver_override_show() and use core helper The driver_override_show function reads the driver_override s…
CVE-2025-71273 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: Use devm_kmemdup() in rtw_set_supported_band() Simplify the code by using device managed memory allocations. This a…
CVE-2025-71272 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: most: core: fix resource leak in most_register_interface error paths The function most_register_interface() did not correctly rel…
CVE-2025-71271 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: hfsplus: ensure sb->s_fs_info is always cleaned up When hfsplus was converted to the new mount api a bug was introduced by changi…
CVE-2026-43119 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: annotate data-races around hdev->req_status __hci_cmd_sync_sk() sets hdev->req_status under hdev->req_lock: …
CVE-2026-43118 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: btrfs: fix zero size inode with non-zero size after log replay When logging that an inode exists, as part of logging a new name o…
CVE-2026-43117 critical 9.1 9.1 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: btrfs: tracepoints: get correct superblock from dentry in event btrfs_sync_file() If overlay is used on top of btrfs, dentry->d_s…
CVE-2026-43115 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: srcu: Use irq_work to start GP in tiny SRCU Tiny SRCU's srcu_gp_start_if_needed() directly calls schedule_work(), which acquires …
CVE-2026-43114 critical 9.4 9.4 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo_avx2: don't return non-matching entry on expiry New test case fails unexpectedly when avx2 matching fun…
CVE-2026-43109 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: x86: shadow stacks: proper error handling for mmap lock 김영민 reports that shstk_pop_sigframe() doesn't check for errors from mmap_…
CVE-2026-43108 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pd-mapper: Fix element length in servreg_loc_pfr_req_ei It looks element length declared in servreg_loc_pfr_req_ei for…
CVE-2026-43107 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: xfrm: account XFRMA_IF_ID in aevent size calculation xfrm_get_ae() allocates the reply skb with xfrm_aevent_msgsize(), then build…
CVE-2026-43105 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Fix memory leak of BO array in hang state The hang state's BO array is allocated separately with kzalloc() in vc4_save_h…
CVE-2026-43104 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Fix a memory leak in hang state error path When vc4_save_hang_state() encounters an early return condition, it returns w…
CVE-2026-43103 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: lapbether: handle NETDEV_PRE_TYPE_CHANGE lapbeth_data_transmit() expects the underlying device type to be ARPHRD_ETHER. Ret…
CVE-2026-43102 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: airoha: Fix memory leak in airoha_qdma_rx_process() If an error occurs on the subsequents buffers belonging to the non-linea…
CVE-2026-43100 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: bridge: guard local VLAN-0 FDB helpers against NULL vlan group When CONFIG_BRIDGE_VLAN_FILTERING is not set, br_vlan_group() and …
CVE-2026-43098 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: nfc: s3fwrn5: allocate rx skb before consuming bytes s3fwrn82_uart_read() reports the number of accepted bytes to the serdev core…
CVE-2026-43096 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: mshv: Fix infinite fault loop on permission-denied GPA intercepts Prevent infinite fault loops when guests access memory regions …
CVE-2026-43095 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: Fix errors in IRQ cleanup IRQs are enabled through sdca_irq_populate() from component probe using devm_request_thread…
CVE-2026-43094 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: ixgbevf: add missing negotiate_features op to Hyper-V ops table Commit a7075f501bd3 ("ixgbevf: fix mailbox API compatibility by n…
CVE-2026-43092 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: xsk: validate MTU against usable frame size on bind AF_XDP bind currently accepts zero-copy pool configurations without verifying…
CVE-2026-43090 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: xfrm: fix refcount leak in xfrm_migrate_policy_find syzkaller reported a memory leak in xfrm_policy_alloc: BUG: memory leak …
CVE-2026-43089 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: xfrm_user: fix info leak in build_mapping() struct xfrm_usersa_id has a one-byte padding hole after the proto field, which ends u…
CVE-2026-43088 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: af_key: zero aligned sockaddr tail in PF_KEY exports PF_KEY export paths use `pfkey_sockaddr_size()` when reserving sockaddr…
CVE-2026-43087 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: pinctrl: mcp23s08: Disable all pin interrupts during probe A chip being probed may have the interrupt-on-change feature enabled o…
CVE-2026-43086 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: ipvs: fix NULL deref in ip_vs_add_service error path When ip_vs_bind_scheduler() succeeds in ip_vs_add_service(), the local varia…
CVE-2026-43085 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_log: initialize nfgenmsg in NLMSG_DONE terminator When batching multiple NFLOG messages (inst->qlen > 1), __…
CVE-2026-43083 critical 9.1 9.1 FIX slesdebian debianwindows windows 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: ioam6: fix OOB and missing lock When trace->type.bit6 is set: if (trace->type.bit6) { ... queue = skb_g…
CVE-2026-43082 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: txgbe: leave space for null terminators on property_entry Lists of struct property_entry are supposed to be terminated with …
CVE-2026-43081 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: ipa: fix GENERIC_CMD register field masks for IPA v5.0+ Fix the field masks to match the hardware layout documented in downs…
CVE-2026-43080 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: l2tp: Drop large packets with UDP encap syzbot reported a WARN on my patch series [1]. The actual issue is an overflow of 16-bit …
CVE-2026-43079 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Skip discovery table for offline dies This warning can be triggered if NUMA is disabled and the system boo…
CVE-2025-43904 unknown FIX slesdebian debianubuntu ubuntu 1mo ago Slurm vulnerabilities
CVE-2023-49938 unknown FIX slesdebian debianubuntu ubuntu 1mo ago Slurm vulnerabilities
CVE-2023-49937 unknown FIX slesdebian debianubuntu ubuntu 1mo ago Slurm vulnerabilities
CVE-2023-49933 unknown FIX slesdebian debianubuntu ubuntu 1mo ago Slurm vulnerabilities
CVE-2023-41914 unknown FIX slesdebian debianubuntu ubuntu 1mo ago Slurm vulnerabilities
CVE-2026-44405 low 3.4 3.4 slesdebian debian 1mo ago Paramiko rsakey.py allows the SHA-1 algorithm
CVE-2026-5119 medium 5.9 5.9 FIX rheldebian debian sles gnome 1mo ago A flaw was found in libsoup. When establishing HTTPS tunnels through a configured HTTP proxy, sensitive session cookies are transmitted in cleartext within the initial HTTP CONNECT request. A network…
CVE-2026-28780 critical 9.8 9.8 FIX debian debian rhel sles apache 1mo ago Apache HTTP Server vulnerabilities
CVE-2026-39402 medium 6.5 6.5 FIX debian debian linuxcontainers 1mo ago lxc is a Linux container runtime. In the setuid helper lxc-user-nic, the delete path contains a logic flaw in the find_line() function that allows an unprivileged user to delete OVS-attached network …
CVE-2026-35527 medium 5.0 5.0 FIX debian debian linuxcontainers 1mo ago Incus is an open source container and virtual machine manager. In versions prior to 7.0.0, the image import flow issues an outbound HEAD request to a user-supplied URL before validating the request a…
CVE-2026-6907 medium 5.3 5.3 FIX slesdebian debianubuntu ubuntu djangoproject 1mo ago Django vulnerabilities
CVE-2026-35192 medium 6.5 6.5 FIX slesdebian debianubuntu ubuntu djangoproject 1mo ago Django vulnerabilities
CVE-2026-43002 medium 5.3 5.3 FIX debian debian 1mo ago OpenStack Horizon has Incorrect Behavior Order
CVE-2026-40934 medium 6.8 6.8 debian debian jupyter 1mo ago Jupyter Server's Authentication Cookies Remain Valid After Password Reset and Server Restart
CVE-2026-5766 medium 5.3 5.3 FIX slesdebian debianubuntu ubuntu djangoproject 1mo ago Django vulnerabilities
CVE-2026-43073 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: x86-64: rename misleadingly named '__copy_user_nocache()' function This function was a masterclass in bad naming, for various his…
CVE-2026-43072 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: drm/vc4: platform_get_irq_byname() returns an int platform_get_irq_byname() will return a negative value if an error happens, so …
CVE-2026-43071 critical 9.1 9.1 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: dcache: Limit the minimal number of bucket to two There is an OOB read problem on dentry_hashtable when user sets 'dhash_entries=…
CVE-2026-43069 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_ll: Fix firmware leak on error path Smatch reports: drivers/bluetooth/hci_ll.c:587 download_firmware() warn: 'fw'…
CVE-2026-43068 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocate block from corrupted group in ext4_mb_find_by_goal() There's issue as follows: ... EXT4-fs (mmcblk0p1): Dela…
CVE-2026-43067 critical 9.8 9.8 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: ext4: handle wraparound when searching for blocks for indirect mapped blocks Commit 4865c768b563 ("ext4: always allocate blocks o…
CVE-2026-43066 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4_fc_replay_inode() error paths During code review, Joseph found that ext4_fc_replay_inode() calls e…
CVE-2026-43065 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: ext4: always drain queued discard work in ext4_mb_release() While reviewing recent ext4 patch[1], Sashiko raised the following co…
CVE-2026-43064 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix not releasing workqueue on .release() The workqueue associated with an DSA/IAA device is not released when t…
CVE-2026-43061 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fix TX deadlock when using DMA `dmaengine_terminate_async` does not guarantee that the `__dma_tx_complete` callback…
CVE-2026-39103 medium 5.5 5.5 debian debian gpac 1mo ago Buffer Overflow vulnerability in GPAC before commit v391dc7f4d234988ea0bc3cc294eb725eddf8f702 allows an attacker to cause a denial of service via the src/scenegraph/svg_attributes.c, svg_parse_string…
CVE-2026-34956 medium 5.9 5.9 FIX slesdebian debianwindows windows 1mo ago A flaw was found in Open vSwitch. When Open vSwitch is configured with a conntrack flow using FTP helpers over the userspace datapath, a remote attacker can send a specially crafted FTP stream with a…
CVE-2026-34002 medium 6.1 6.1 FIX sles rheldebian debian x.org 1mo ago A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB (X Keyboard Extension) modifier map handling. An attacker with access to the X11 server can exploit …
CVE-2025-61669 medium 6.1 6.1 debian debian jupyter 1mo ago Jupyter Server has an open redirection vulnerability in `next` query parameter
CVE-2026-43868 medium 5.3 5.3 FIX debian debianwindows windows apache 1mo ago Apache Thrift has a Memory Allocation with Excessive Size Value Vulnerability
CVE-2026-44029 medium 5.3 5.3 FIX slesdebian debian 1mo ago An issue was discovered in Nix before 2.34.7. Writing to arbitrary files can occur via "nix-prefetch-url --unpack" or "nix store prefetch-file --unpack" directory traversal. The fixed versions are 2.…
CVE-2026-35536 medium 5.5 FIX rhel sles rocky 1mo ago Tornado vulnerabilities
CVE-2026-31958 medium 5.5 FIX rhel sles rocky 1mo ago Tornado vulnerabilities
CVE-2026-29111 medium 5.5 FIX rhel slesdebian debian 1mo ago Moderate: systemd security update
CVE-2026-42309 medium 5.5 5.5 FIX slesdebian debian python 1mo ago Pillow has a heap buffer overflow with nested list coordinates
CVE-2026-42146 medium 5.5 5.5 FIX debian debian 1mo ago CImg Library is a C++ library for image processing. Prior to commit c3aacf5, the nb_colors field read from the BMP file header is used directly to compute an allocation size without validating it aga…
CVE-2026-42144 medium 6.1 6.1 FIX debian debian 1mo ago CImg Library is a C++ library for image processing. Prior to commit 4ca26bc, there is an integer overflow vulnerability in the W*H*D size computation inside _load_pnm() that can bypass the memory all…
CVE-2026-42027 critical 9.8 9.8 FIX debian debian apache 1mo ago Arbitrary Class Instantiation via Model Manifest in Apache OpenNLP ExtensionLoader Versions Affected: before 2.5.9, before 3.0.0-M3 Description:  The ExtensionLoader.instantiateExtension(C…
CVE-2026-40682 critical 9.1 9.1 FIX debian debian apache 1mo ago XML External Entity (XXE) via Unsanitized Dictionary Parsing in Apache OpenNLP DictionaryEntryPersistor Versions Affected: before 2.5.9, before 3.0.0-M3 Description: The DictionaryEntryPersistor …
CVE-2026-37458 medium 6.5 6.5 FIX debian debian sleswindows windows frrouting 1mo ago FRR vulnerabilities
CVE-2025-70071 medium 5.9 5.9 debian debian sles 1mo ago An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXParser.cpp, ParseVectorDataArray()
CVE-2026-33523 medium 6.5 6.5 FIX debian debian sleswindows windows apache 1mo ago Apache HTTP Server vulnerabilities
CVE-2026-33007 medium 5.3 5.3 FIX debian debian rhel sles apache 1mo ago Apache HTTP Server vulnerabilities
CVE-2026-33006 medium 4.8 4.8 FIX debian debian sleswindows windows apache 1mo ago Apache HTTP Server vulnerabilities
CVE-2025-70072 medium 6.5 6.5 debian debian sles 1mo ago An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXConverter.cpp, FBXConverter::ConvertMeshMultiMaterial() components
CVE-2025-70070 medium 6.5 6.5 debian debian sles 1mo ago An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXMeshGeometry.cpp, MeshGeometry::MeshGeometry()
CVE-2026-34032 medium 5.3 5.3 FIX debian debian rhel sles apache 1mo ago Apache HTTP Server vulnerabilities
CVE-2026-33857 medium 5.3 5.3 FIX debian debian rhel sles apache 1mo ago Apache HTTP Server vulnerabilities
CVE-2025-70067 critical 9.8 9.8 debian debian sles 1mo ago Buffer Overflow vulnerability exists in Assimp versions up to 6.0.2 in the FBX Importer. The vulnerability occurs in aiMaterial::AddBinaryProperty, where a property key string from a crafted FBX file…
CVE-2026-43864 low 2.5 2.5 slesdebian debian 1mo ago mutt before 2.3.2 has a show_sig_summary NULL pointer dereference.
CVE-2026-43863 low 3.7 3.7 slesdebian debian 1mo ago mutt before 2.3.2 has an infinite loop in data_object_to_stream in crypt-gpgme.c.
CVE-2026-43862 low 3.7 3.7 slesdebian debian 1mo ago In mutt before 2.3.2, the imap_auth_gss security level is mishandled.
CVE-2026-43861 low 3.7 3.7 slesdebian debian 1mo ago mutt before 2.3.2 does not check for '\0' in url_pct_decode.
CVE-2026-43860 low 3.7 3.7 slesdebian debian 1mo ago mutt before 2.3.2 sometimes truncates the hash_passwd by one byte for IMAP auth_cram MD5 digest.
CVE-2026-43859 low 3.7 3.7 slesdebian debian 1mo ago mutt before 2.3.2 sometimes uses strfcpy instead of memcpy for the IMAP auth_cram MD5 digest.
CVE-2026-43077 medium 5.5 5.5 FIX rhel sles rocky 1mo ago Linux kernel vulnerabilities
CVE-2026-42258 critical 9.8 9.8 debian debianwindows windows ruby-lang 1mo ago net-imap vulnerable to command Injection via unvalidated Symbol inputs
CVE-2026-42257 critical 9.8 9.8 debian debianwindows windows ruby-lang 1mo ago net-imap vulnerable to command Injection via "raw" arguments to multiple commands
CVE-2026-42256 medium 6.5 6.5 slesdebian debianwindows windows ruby-lang 1mo ago net-imap vulnerable to denial of service via high iteration count for `SCRAM-*` authentication
CVE-2026-31402 critical 9.8 9.8 FIX rhel sles rocky 1mo ago Important: kernel security update
CVE-2026-40561 medium 5.3 5.3 FIX debian debian kazuho 1mo ago Starlet versions through 0.31 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Starlet incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both head…
CVE-2026-6525 medium 5.5 5.5 FIX slesdebian debian wireshark 1mo ago IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.4
CVE-2026-43058 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: media: vidtv: fix pass-by-value structs causing MSAN warnings vidtv_ts_null_write_into() and vidtv_ts_pcr_write_into() take their…
CVE-2026-35233 medium 4.4 4.4 FIX debian debian 1mo ago An unprivileged attacker can craft a user-space process with a malicious ELF binary containing an out-of-range sh_link field. When root-level dtrace attaches to -- or instruments -- that process (via…
CVE-2026-21996 medium 5.5 5.5 FIX debian debian 1mo ago An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuild_file_symtab()
CVE-2026-42481 medium 5.5 5.5 debian debian opencascade 1mo ago Open CASCADE Technology (OCCT) V8_0_0_rc5 contains multiple vulnerabilities in its IGES and STEP file parsers that can be triggered by crafted IGES or STEP files. These issues include an out-of-bound…