VIR Vulnerability Intelligence Relay

Search

Found 9,809 results in 1864ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-40915 high 7.8 7.8 FIX debian debian rhel gimp 2mo ago A flaw was found in GIMP. A remote attacker could exploit an integer overflow vulnerability in the FITS image loader by providing a specially crafted FITS file. This integer overflow leads to a zero-…
CVE-2026-33412 high 8.0 FIX rocky rhel sles 2mo ago Important: vim security update
CVE-2026-28421 medium 5.3 5.3 FIX rocky rhel sles 2mo ago Important: vim security update
CVE-2026-28417 medium 4.4 4.4 FIX rocky rhel sles 2mo ago Important: vim security update
CVE-2026-5734 high 8.0 FIX rhelalmalinux almalinuxdebian debian 2mo ago Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with e…
CVE-2026-5732 high 8.0 FIX rhelalmalinux almalinuxdebian debian 2mo ago Incorrect boundary conditions, integer overflow in the Graphics: Text component. This vulnerability was fixed in Firefox 149.0.2, Firefox ESR 140.9.1, Thunderbird 149.0.2, and Thunderbird 140.9.1.
CVE-2026-5731 high 8.0 FIX rhelalmalinux almalinuxdebian debian 2mo ago Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and …
CVE-2026-1519 high 7.5 7.5 FIX rheldebian debian sles isc 2mo ago Important: bind security update
CVE-2006-10003 high 8.0 FIX sles rheldebian debian 2mo ago RHSA-2026:7681: perl-XML-Parser security update (Important)
CVE-2006-10002 high 8.0 FIX sles rheldebian debian 2mo ago RHSA-2026:7681: perl-XML-Parser security update (Important)
CVE-2026-4878 high 7.0 7.0 FIX rheldebian debian sles libcap_projectredhatgoogle 2mo ago A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. This allows an attacker with write access to…
CVE-2026-27904 high 8.0 FIX rocky rhel sles 2mo ago RHSA-2026:8339: nodejs:20 security update (Important)
CVE-2026-27135 high 7.5 7.5 FIX rocky rhel sles nghttp2google 2mo ago RHSA-2026:8339: nodejs:20 security update (Important)
CVE-2026-26996 high 8.0 FIX rocky rhel sles 2mo ago RHSA-2026:8339: nodejs:20 security update (Important)
CVE-2026-2581 high 8.0 FIX rheldebian debianalmalinux almalinux 2mo ago RHSA-2026:7670: nodejs:24 security update (Important)
CVE-2026-25547 high 8.0 FIX rocky rhel sles 2mo ago RHSA-2026:7123: nodejs:22 security update (Important)
CVE-2026-2229 high 8.0 FIX rocky rheldebian debian 2mo ago RHSA-2026:7670: nodejs:24 security update (Important)
CVE-2026-21717 medium 5.9 5.9 FIX rhel slesdebian debian 2mo ago RHSA-2026:7670: nodejs:24 security update (Important)
CVE-2026-21716 high 8.0 FIX rhel slesdebian debian 2mo ago RHSA-2026:7670: nodejs:24 security update (Important)
CVE-2026-21715 high 8.0 FIX rhel slesdebian debian 2mo ago RHSA-2026:7670: nodejs:24 security update (Important)
CVE-2026-21714 high 8.0 FIX rhel slesdebian debian 2mo ago RHSA-2026:7670: nodejs:24 security update (Important)
CVE-2026-21713 medium 5.9 5.9 FIX rhel slesdebian debian 2mo ago RHSA-2026:7670: nodejs:24 security update (Important)
CVE-2026-21712 medium 5.7 5.7 FIX rhel slesdebian debian 2mo ago RHSA-2026:7670: nodejs:24 security update (Important)
CVE-2026-21711 high 8.0 FIX rhel slesdebian debian 2mo ago RHSA-2026:7670: nodejs:24 security update (Important)
CVE-2026-21710 high 8.0 FIX rocky rhel sles 2mo ago RHSA-2026:8339: nodejs:20 security update (Important)
CVE-2026-1528 high 8.0 FIX rocky rheldebian debian 2mo ago RHSA-2026:7670: nodejs:24 security update (Important)
CVE-2026-1527 high 8.0 FIX rheldebian debianalmalinux almalinux 2mo ago RHSA-2026:7670: nodejs:24 security update (Important)
CVE-2026-1526 high 8.0 FIX rocky rheldebian debian 2mo ago RHSA-2026:7670: nodejs:24 security update (Important)
CVE-2026-1525 high 8.0 FIX rocky rheldebian debian 2mo ago RHSA-2026:7670: nodejs:24 security update (Important)
CVE-2026-34588 high 8.0 FIX rhel slesdebian debian 2mo ago Important: openexr security update
CVE-2026-28390 high 7.5 7.5 FIX slesdebian debian rhel opensslgoogle 2mo ago Moderate: compat-openssl11 security update
CVE-2026-5745 medium 5.5 5.5 debian debian sles rhel libarchiveredhat 2mo ago A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archive_acl_from_text_nl() function. When processing a malformed ACL …
CVE-2026-32647 high 8.0 FIX rhelalmalinux almalinux rocky 2mo ago RHSA-2026:6907: nginx:1.24 security update (Important)
CVE-2026-27784 high 8.0 FIX rhelalmalinux almalinux rocky 2mo ago RHSA-2026:6907: nginx:1.24 security update (Important)
CVE-2026-27654 high 8.0 FIX rhel rocky sles 2mo ago RHSA-2026:6907: nginx:1.24 security update (Important)
CVE-2026-27651 high 8.0 FIX rhel rocky sles 2mo ago RHSA-2026:6907: nginx:1.24 security update (Important)
CVE-2026-5673 high 7.1 7.1 debian debian sles rhel xiph 2mo ago A flaw was found in libtheora. This heap-based out-of-bounds read vulnerability exists within the AVI (Audio Video Interleave) parser, specifically in the avi_parse_input_file() function. A local att…
CVE-2026-31408 high 8.8 8.8 FIX sles rheldebian debian 2mo ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold sco_recv_frame() reads conn->sk under sco_conn_lo…
CVE-2026-23231 high 7.8 8.8 EXPFIX rhel slesdebian debian 2mo ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix use-after-free in nf_tables_addchain() nf_tables_addchain() publishes the chain to table->chains via li…
CVE-2026-23210 medium 5.5 FIX rhel slesdebian debian 2mo ago In the Linux kernel, the following vulnerability has been resolved: ice: Fix PTP NULL pointer dereference during VSI rebuild Fix race condition where PTP periodic work runs while VSI is being rebui…
CVE-2026-23111 high 7.8 7.8 FIX rhel slesdebian debian 2mo ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() nft_map_catchall_activate() has an inverted eleme…
CVE-2025-71238 medium 5.5 FIX slesdebian debian rocky 2mo ago In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix bsg_done() causing double free Kernel panic observed on system, [5353358.825191] BUG: unable to handle page f…
CVE-2025-38109 medium 5.5 FIX rhel slesdebian debian 2mo ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix ECVF vports unload on shutdown flow Fix shutdown flow UAF when a virtual function is created on the embedded chip (…
CVE-2025-15270 high 8.0 FIX rheldebian debian sles 2mo ago Important: fontforge security update
CVE-2026-2625 medium 5.5 5.5 FIX rheldebian debian redhatsequoia-pgp 2mo ago A flaw was found in rust-rpm-sequoia. An attacker can exploit this vulnerability by providing a specially crafted Red Hat Package Manager (RPM) file. During the RPM signature verification process, th…
CVE-2026-4177 high 8.0 FIX debian debian rocky rhel 2mo ago RHSA-2026:6470: perl-YAML-Syck security update (Important)
CVE-2026-3497 high 7.5 7.5 FIX rocky rhel sles canonicalopenbsd 2mo ago Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the OpenSSH u…
CVE-2026-31806 high 8.0 FIX rocky rheldebian debian 2mo ago RHSA-2026:6918: freerdp security update (Important)
CVE-2026-24684 high 8.0 FIX rocky rheldebian debian 2mo ago RHSA-2026:6918: freerdp security update (Important)
CVE-2026-24683 high 8.0 FIX rocky rheldebian debian 2mo ago RHSA-2026:6918: freerdp security update (Important)
CVE-2026-24681 high 8.0 FIX rocky rheldebian debian 2mo ago RHSA-2026:6918: freerdp security update (Important)
CVE-2026-24679 high 8.0 FIX rocky rheldebian debian 2mo ago RHSA-2026:6918: freerdp security update (Important)
CVE-2026-24676 high 8.0 FIX rocky rheldebian debian 2mo ago RHSA-2026:6918: freerdp security update (Important)
CVE-2026-24675 high 8.0 FIX rocky rheldebian debian 2mo ago RHSA-2026:6918: freerdp security update (Important)
CVE-2026-24491 high 8.0 FIX rocky rheldebian debian 2mo ago RHSA-2026:6918: freerdp security update (Important)
CVE-2026-23948 high 8.0 FIX rocky rheldebian debian 2mo ago RHSA-2026:6918: freerdp security update (Important)
CVE-2026-23732 high 8.0 FIX rocky rheldebian debian 2mo ago RHSA-2026:6918: freerdp security update (Important)
CVE-2026-22856 high 8.0 FIX rocky rheldebian debian 2mo ago RHSA-2026:6918: freerdp security update (Important)
CVE-2026-22854 high 8.0 FIX rocky rheldebian debian 2mo ago RHSA-2026:6918: freerdp security update (Important)
CVE-2026-22852 high 8.0 FIX rocky rheldebian debian 2mo ago RHSA-2026:6918: freerdp security update (Important)
CVE-2025-10158 medium 5.5 FIX rocky rhel sles 2mo ago RHSA-2026:6436: rsync security update (Moderate)
CVE-2026-33526 high 8.0 FIX rhel rocky sles 2mo ago RHSA-2026:8317: squid:4 security update (Important)
CVE-2026-32748 high 8.0 FIX rhel rocky sles 2mo ago RHSA-2026:8317: squid:4 security update (Important)
CVE-2023-40403 medium 5.5 FIX rhel rocky sles 2mo ago RHSA-2025:8676: libxslt security update (Moderate)
CVE-2026-5165 high 7.8 7.8 rhel redhat 2mo ago A flaw was found in virtio-win, specifically within the VirtIO Block (BLK) device. When the device undergoes a reset, it fails to properly manage memory, resulting in a use-after-free vulnerability. …
CVE-2026-5164 medium 5.5 5.5 rhel redhat 2mo ago A flaw was found in virtio-win. The `RhelDoUnMap()` function does not properly validate the number of descriptors provided by a user during an unmap request. A local user could exploit this input val…
CVE-2026-4371 high 8.0 FIX rhel rocky sles 2mo ago RHSA-2026:6917: thunderbird security update (Important)
CVE-2026-3889 high 8.0 FIX rhel rocky sles 2mo ago RHSA-2026:6917: thunderbird security update (Important)
CVE-2026-26965 high 8.0 FIX rocky rheldebian debian 2mo ago RHSA-2026:6005: freerdp security update (Important)
CVE-2026-26955 high 8.0 FIX rocky rheldebian debian 2mo ago RHSA-2026:6005: freerdp security update (Important)
CVE-2026-23209 medium 5.5 FIX rocky rhel sles 2mo ago In the Linux kernel, the following vulnerability has been resolved: macvlan: fix error recovery in macvlan_common_newlink() valis provided a nice repro to crash the kernel: ip link add p1 type vet…
CVE-2026-23193 medium 5.5 FIX rhel sles rocky 2mo ago In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() In iscsit_dec_session_usage_count(), the function cal…
CVE-2026-23191 high 8.0 FIX rhel sles rocky 2mo ago In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix racy access at PCM trigger The PCM trigger callback of aloop driver tries to check the PCM state and stop the st…
CVE-2026-23171 high 7.8 7.8 FIX rhel sles rocky google 2mo ago In the Linux kernel, the following vulnerability has been resolved: bonding: fix use-after-free due to enslave fail after slave array update Fix a use-after-free which happens due to enslave failur…
CVE-2026-23144 medium 5.5 FIX rhel sles rocky 2mo ago In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: cleanup attrs subdirs on context dir setup failure When a context DAMON sysfs directory setup is failed after set…
CVE-2025-40096 high 8.0 FIX rocky rhel sles 2mo ago In the Linux kernel, the following vulnerability has been resolved: drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies When adding dependencies with drm_sched_job_add_depen…
CVE-2025-38180 medium 5.5 FIX rocky rhel sles 2mo ago In the Linux kernel, the following vulnerability has been resolved: net: atm: fix /proc/net/atm/lec handling /proc/net/atm/lec must ensure safety against dev_lec[] changes. It appears it had dev_p…
CVE-2026-4948 medium 5.5 5.5 FIX debian debian sles rhel firewalld 2mo ago A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus (Desktop Bus) setters, setZoneSettings2 and setPolicySettings. This mis-au…
CVE-2026-2100 medium 5.3 5.3 FIX rhel slesdebian debian p11-kit_projectredhat 2mo ago A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the C_DeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters se…
CVE-2026-4721 high 8.0 FIX rocky rheldebian debian 2mo ago Memory safety bugs present in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume tha…
CVE-2026-4720 high 8.0 FIX rocky rheldebian debian 2mo ago Memory safety bugs present in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort…
CVE-2026-4719 high 8.0 FIX rocky rheldebian debian 2mo ago Incorrect boundary conditions in the Graphics: Text component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4718 high 8.0 FIX rocky rheldebian debian 2mo ago Undefined behavior in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4717 high 8.0 FIX rocky rheldebian debian 2mo ago Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4716 high 8.0 FIX rocky rheldebian debian 2mo ago Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4715 high 8.0 FIX rocky rheldebian debian 2mo ago Uninitialized memory in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4714 high 8.0 FIX rocky rheldebian debian 2mo ago Incorrect boundary conditions in the Audio/Video component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4713 high 8.0 FIX rocky rheldebian debian 2mo ago Incorrect boundary conditions in the Graphics component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4712 high 8.0 FIX rocky rheldebian debian 2mo ago Information disclosure in the Widget: Cocoa component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4711 high 8.0 FIX rocky rheldebian debian 2mo ago Use-after-free in the Widget: Cocoa component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4710 high 8.0 FIX rocky rheldebian debian 2mo ago Incorrect boundary conditions in the Audio/Video component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4709 high 8.0 FIX rocky rheldebian debian 2mo ago Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4708 high 8.0 FIX rocky rheldebian debian 2mo ago Incorrect boundary conditions in the Graphics component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4707 high 8.0 FIX rocky rheldebian debian 2mo ago Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4706 high 8.0 FIX rocky rheldebian debian 2mo ago Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4705 high 8.0 FIX rocky rheldebian debian 2mo ago Undefined behavior in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4704 high 8.0 FIX rocky rheldebian debian 2mo ago Denial-of-service in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4702 high 8.0 FIX rocky rheldebian debian 2mo ago JIT miscompilation in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4701 high 8.0 FIX rocky rheldebian debian 2mo ago Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4700 high 8.0 FIX rocky rheldebian debian 2mo ago Mitigation bypass in the Networking: HTTP component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.