VIR Vulnerability Intelligence Relay

Search

Found 26,504 results in 1579ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-47165 medium 5.5 FIX debian debian 13d ago ImageMagick: Information Disclosure in distributed pixel cache server because it is not using a challenge–response authentication model
CVE-2026-46693 medium 5.5 FIX debian debian 13d ago ImageMagick: Race Condition in distributed pixel cache server can result in file descriptor hijacking
CVE-2026-46692 medium 5.5 FIX debian debian 13d ago ImageMagick: Heap Buffer Over-Write in distributed pixel cache server
CVE-2026-46598 medium 5.3 5.3 FIX debian debian sleswindows windows golang 13d ago For certain crafted inputs, a 'ed25519.PrivateKey' was created by casting malformed wire bytes, leading to a panic when used.
CVE-2026-39835 medium 5.3 5.3 FIX debian debian sleswindows windows golang 13d ago SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could be caused to panic by a client presenting a certificate. CertChecker now returns an…
CVE-2026-39828 medium 6.3 6.3 FIX debian debian sleswindows windows golang 13d ago When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as forc…
CVE-2026-39827 medium 6.5 6.5 FIX debian debian sleswindows windows golang 13d ago An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users.…
CVE-2026-5091 medium 5.1 5.1 FIX debian debian 14d ago Catalyst::Plugin::Authentication versions through 0.10024 for Perl is susceptible to timing attacks. These versions use Perl's built-in eq comparison. Discrepencies in timing could be used to guess…
CVE-2026-6841 medium 6.1 6.1 FIX debian debian bestpractical 14d ago Request Tracker is vulnerable to a reflected cross-site scripting (XSS) vulnerability via the "Page" parameter in GET requests. An attacker can craft a URL that, when opened, results in arbitrary Jav…
CVE-2026-43496 unknown FIX slesdebian debianwindows windows 14d ago In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_red: Replace direct dequeue call with peek and qdisc_dequeue_peeked When red qdisc has children (eg qfq qdisc) who…
CVE-2026-42396 medium 6.5 6.5 FIX debian debian powerdns 14d ago Insufficient Validation of Member Zone Data May Cause Catalog Zone Transfer to Fail
CVE-2026-41999 medium 4.8 4.8 FIX debian debian powerdns 14d ago Incorrect Behaviour of Views with TCP PROXY Requests
CVE-2026-44076 medium 6.7 6.7 FIX slesdebian debian 14d ago Insufficient sanitization of volume paths in Netatalk 3.1.0 through 4.4.2 allows a local privileged user to inject OS commands and execute arbitrary code via a crafted volume path.
CVE-2026-44073 medium 5.0 5.0 FIX slesdebian debian 14d ago Authentication modules in Netatalk 1.5.0 through 4.4.2 fail to check the return value of seteuid(), which may allow a remote authenticated attacker to retain elevated privileges under error condition…
CVE-2026-44067 medium 4.2 4.2 FIX slesdebian debian 14d ago A heap over-read in extended attribute (EA) header parsing in Netatalk 2.1.0 through 4.4.2 allows a remote authenticated attacker to obtain limited information or cause a minor service disruption via…
CVE-2026-44065 medium 4.2 4.2 FIX slesdebian debian 14d ago An off-by-two error in lp_write() in papd in Netatalk 2.0.0 through 4.4.2 allows an adjacent network attacker to modify limited data or cause a minor service disruption via crafted print data.
CVE-2026-44063 medium 4.2 4.2 FIX slesdebian debian 14d ago An LDAP injection vulnerability in Netatalk 2.1.0 through 4.4.2 allows a remote authenticated attacker to manipulate LDAP queries and obtain limited information or modify LDAP entries via crafted fil…
CVE-2026-44061 medium 5.9 5.9 FIX slesdebian debian 14d ago Netatalk 1.5.0 through 4.4.2 uses DES-ECB for authentication with a timing side channel, which allows a remote attacker to recover authentication credentials via timing analysis.
CVE-2026-44059 medium 4.5 4.5 FIX slesdebian debian 14d ago A race condition in the privilege toggle mechanism in Netatalk 2.2.5 through 4.4.2 allows a local attacker to obtain limited information, modify limited data, or cause a minor service disruption.
CVE-2026-44056 medium 6.4 6.4 FIX slesdebian debian 14d ago A stack-based buffer overflow in desktop.c in Netatalk 1.3 through 4.2.2 allows a remote authenticated attacker to cause a denial of service, obtain limited information, or modify limited data.
CVE-2026-44054 medium 6.5 6.5 FIX slesdebian debian 14d ago Netatalk 2.0.0 through 4.4.2 generates AFP session tokens derived from predictable process IDs, which allows a remote authenticated attacker to cause a denial of service by exploiting the reconnect m…
CVE-2026-9149 medium 6.5 6.5 FIX debian debian sleswindows windows opensuseredhat 15d ago A flaw was found in libsolv. This heap buffer overflow vulnerability occurs when a victim processes a specially crafted `.solv` file containing negative size values in the `repo_add_solv` function. T…
CVE-2026-9150 medium 6.5 6.5 FIX debian debian sleswindows windows opensuseredhat 15d ago A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could …
CVE-2026-9124 medium 5.3 5.3 FIX debian debianmacos macos linux-kernel google 15d ago Insufficient validation of untrusted input in Input in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a craf…
CVE-2026-9122 medium 6.5 6.5 FIX debian debianmacos macoswindows windows google 15d ago Out of bounds read in GPU in Google Chrome on Mac prior to 148.0.7778.179 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium …
CVE-2026-9116 medium 4.3 4.3 FIX debian debianmacos macos linux-kernel google 15d ago Insufficient policy enforcement in ServiceWorker in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: …
CVE-2026-9115 medium 4.3 4.3 FIX debian debianmacos macos linux-kernel google 15d ago Insufficient policy enforcement in Service Worker in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severi…
CVE-2026-9113 medium 4.3 4.3 FIX debian debianmacos macos linux-kernel google 15d ago Out of bounds read in GPU in Google Chrome on Mac prior to 148.0.7778.179 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)
CVE-2026-9110 medium 4.2 4.2 FIX debian debianmacos macos linux-kernel google 15d ago Inappropriate implementation in UI in Google Chrome on Windows prior to 148.0.7778.179 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML pag…
CVE-2026-9100 medium 5.9 5.9 FIX slesdebian debian 15d ago The MongoDB C Driver's legacy GridFS API accepts malformed file metadata from the database without adequate validation. Crafted documents in a GridFS collection may cause any application that reads t…
CVE-2026-5950 medium 5.3 5.3 FIX debian debian sleswindows windows isc 15d ago An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cause severe resource exhaustion by sendin…
CVE-2026-5947 medium 5.9 5.9 FIX debian debian sleswindows windows isc 15d ago Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG(0), it begins work to validate that signature. …
CVE-2026-3592 medium 5.3 5.3 FIX debian debian sleswindows windows isc 15d ago BIND resolvers are vulnerable to an amplified resource consumption/exhaustion attack. If a victim resolver makes a query to a specially crafted zone, the resolver will consume disproportionate resou…
CVE-2026-44608 medium 5.9 5.9 FIX slesdebian debianwindows windows nlnetlabs 15d ago NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a locking inconsistency vulnerability that when certain conditions are met (multi-threaded, RPZ XFR reload, RPZ zone with 'rpz-nsip'/'…
CVE-2026-44390 medium 5.3 5.3 FIX slesdebian debianwindows windows nlnetlabs 15d ago NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability when handling replies with very large RRsets that Unbound needs to perform name compression for. Malicious upstream responses…
CVE-2026-42923 medium 5.3 5.3 FIX slesdebian debianwindows windows nlnetlabs 15d ago NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability in the DNSSEC validator where the code path to consult the negative cache for DS records does not take into account the limit…
CVE-2026-42534 medium 5.3 5.3 FIX slesdebian debianwindows windows nlnetlabs 15d ago NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability in the jostle logic that could defeat its purpose and degrade resolution performance. Retransmits of the same query could ren…
CVE-2026-32792 medium 5.3 5.3 FIX slesdebian debianwindows windows nlnetlabs 15d ago NLnet Labs Unbound 1.6.2 up to and including version 1.25.0 has a denial of service vulnerability when compiled with DNSCrypt support ('--enable-dnscrypt'). A bad DNSCrypt query could underflow Unbou…
CVE-2026-47732 unknown FIX debian debian 15d ago Sandbox: multiple `__toString()` policy bypasses via unguarded string coercion points
CVE-2026-47730 unknown FIX debian debian 15d ago XSS in profiler HtmlDumper via unescaped template and profile names
CVE-2026-47212 unknown FIX debian debian 15d ago Symfony: Twilio SMS Notifier allows unauthenticated webhook injection due to missing X-Twilio-Signature verification
CVE-2026-46638 medium 5.5 FIX debian debian 15d ago Twig: `{% sandbox %}{% include %}` skips checkSecurity() on cached templates (incomplete fix for CVE-2024-45411)
CVE-2026-46634 medium 5.5 FIX debian debian 15d ago Twig: `template_from_string()` escapes a SourcePolicy-driven sandbox via synthesized template name
CVE-2026-46627 unknown FIX debian debian 15d ago Sandbox does not protect against resource exhaustion
CVE-2026-46626 unknown FIX debian debian 15d ago CVE-2026-46626: SymfonyRuntime CVE-2024-50340 Patch Bypass: Web Requests Can Still Set APP_ENV/APP_DEBUG via parse_str/SAPI Argv Mismatch
CVE-2026-45756 unknown FIX debian debian 15d ago Symfony's JsonPath Evaluates Attacker-Controlled Regular Expressions in match()/search() Without Limits — ReDoS
CVE-2026-45755 unknown FIX debian debian 15d ago Symfony's Mailtrap Mailer Webhook Parser Never Verifies the X-Mt-Signature HMAC — Unauthenticated Webhook Event Injection
CVE-2026-45754 unknown FIX debian debian 15d ago Symfony's Mailjet Mailer Webhook Parser Never Verifies the Configured Secret — Unauthenticated Webhook Event Injection
CVE-2026-45753 unknown FIX debian debian 15d ago Symfony's HtmlSanitizer UrlAttributeSanitizer Omits action/formaction/poster/cite — `javascript`: URI Survives Sanitization (XSS)
CVE-2026-45075 medium 5.5 FIX debian debian 15d ago Synfony's HEAD Request Bypasses methods: ['GET'] Filter in #[IsGranted] / #[IsSignatureValid] / #[IsCsrfTokenValid]
CVE-2026-45074 medium 5.5 FIX debian debian 15d ago Symfony's Cas2Handler Derives CAS service URL from Client Host Header → Cross-Service Ticket Replay
CVE-2026-45073 medium 5.5 FIX debian debian 15d ago Symfony Vulnerable to SQL Injection in PdoAdapter::doClear() via Unsanitized $prefix
CVE-2026-45070 medium 5.5 FIX debian debian 15d ago Symfony has Email Header Injection via Non-Token Characters in Mime Parameter Names
CVE-2026-45069 medium 5.5 FIX debian debian 15d ago Symfony's OidcTokenHandler Accepts JWTs Missing aud/iss/exp Claims
CVE-2026-45068 medium 5.5 FIX debian debian 15d ago Symfony has an Argument Injection in SendmailTransport via Dash-Prefixed Recipient Address
CVE-2026-45066 medium 5.5 FIX debian debian 15d ago Symfony has an HtmlSanitizer allowLinkHosts() / allowMediaHosts() Bypass via URL-Parser Differentials and <area> Misclassification
CVE-2026-45065 medium 5.5 FIX debian debian 15d ago Symfony has a UrlGenerator Route-Requirement Bypass via Unanchored Regex Alternation → Off-Site //host URL Injection
CVE-2026-45064 medium 5.5 FIX debian debian 15d ago Symfony's HtmlSanitizer URL Attributes Pass Through BiDi Override Characters → Visual href Spoofing
CVE-2026-43620 medium 5.5 5.5 FIX slesdebian debianwindows windows samba 16d ago Rsync version 3.4.2 and prior contain a receiver-side out-of-bounds array read vulnerability in recv_files() in receiver.c that allows a malicious rsync server to crash the rsync client process. Atta…
CVE-2026-43619 medium 6.3 6.3 FIX slesdebian debianwindows windows samba 16d ago Rsync version 3.4.2 and prior contain symlink race condition vulnerabilities in path-based system calls including chmod, lchown, utimes, rename, unlink, mkdir, symlink, mknod, link, rmdir, and lstat …
CVE-2026-43617 medium 4.8 4.8 FIX slesdebian debianwindows windows samba 16d ago Rsync version 3.4.2 and prior contain an authorization bypass vulnerability in the rsync daemon's hostname-based access control list enforcement when configured with chroot. Attackers can bypass host…
CVE-2026-43163 medium 4.7 4.7 FIX rhel slesdebian debian 16d ago In the Linux kernel, the following vulnerability has been resolved: md/bitmap: fix GPF in write_page caused by resize race A General Protection Fault occurs in write_page() during array resize: RIP…
CVE-2026-5090 medium 6.1 6.1 FIX debian debian 16d ago Template::Plugin::HTML versions through 3.102 for Perl allows HTML and JavaScript to be injected. The html_filter function did not escape single quotes. HTML attributes inside of single quotes could…
CVE-2026-32814 medium 6.5 6.5 debian debian sles 16d ago libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, when decoding a HEIF grid image with strict_decoding=false (the default), a corrupted tile silently fails to …
CVE-2026-32739 medium 6.5 6.5 debian debian sles struktur 16d ago libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 800-byte HEIF sequence file causes an infinite loop in Box_stts::get_sample_duration(), consuming 1…
CVE-2026-32738 medium 6.5 6.5 debian debian sles struktur 16d ago libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 792-byte HEIF sequence file with samples_per_chunk=0 in the stsc box causes an unsigned integer und…
CVE-2026-48019 unknown debian debian 16d ago Laravel CRLF injection in default email rule
CVE-2026-8971 medium 6.5 6.5 FIX debian debian sles mozilla 16d ago Same-origin policy bypass in the Networking: JAR component. This vulnerability was fixed in Firefox 151 and Thunderbird 151.
CVE-2026-8951 medium 6.5 6.5 FIX debian debian sles mozilla 16d ago Spoofing issue in the Toolbar component in Firefox for Android. This vulnerability was fixed in Firefox 151.
CVE-2026-23557 medium 6.5 6.5 slesdebian debian 16d ago Any guest can cause xenstored to crash by issuing a XS_RESET_WATCHES command within a transaction due to an assert() triggering. In case xenstored was built with NDEBUG #defined nothing bad will hap…
CVE-2026-43492 unknown FIX slesdebian debianwindows windows 16d ago In the Linux kernel, the following vulnerability has been resolved: lib/crypto: mpi: Fix integer underflow in mpi_read_raw_from_sgl() Yiming reports an integer underflow in mpi_read_raw_from_sgl() …
CVE-2026-43491 unknown FIX slesdebian debianwindows windows 16d ago In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Limit the maximum server registration per node Current code does no bound checking on the number of servers added …
CVE-2026-4893 medium 5.3 5.3 FIX rheldebian debian sles 17d ago RHSA-2026:20589: dnsmasq security update (Important)
CVE-2026-4891 medium 5.3 5.3 FIX rheldebian debian sles 17d ago RHSA-2026:20589: dnsmasq security update (Important)
CVE-2026-40356 medium 5.9 5.9 FIX rheldebian debian sles 17d ago RHSA-2026:16799: krb5 security update (Important)
CVE-2026-40355 medium 5.9 5.9 FIX rheldebian debian sles 17d ago RHSA-2026:16799: krb5 security update (Important)
CVE-2026-32710 medium 5.5 FIX rhel slesdebian debian 17d ago MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before 11.4.10 and 11.8 before 11.8.6 via a bug in JSON_SCHEMA_VALID() function. Un…
CVE-2026-31677 medium 5.5 5.5 FIX rhel slesdebian debian google 17d ago In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - limit RX SG extraction by receive buffer budget Make af_alg_get_rsgl() limit each RX scatterlist extraction to t…
CVE-2026-30892 medium 5.5 FIX rheldebian debian rocky 17d ago Moderate: crun security update
CVE-2026-23868 medium 5.1 5.1 FIX rheldebian debian sles giflib_project 17d ago Giflib contains a double-free vulnerability that is the result of a shallow copy in GifMakeSavedImage and incorrect error handling. The conditions needed to trigger this vulnerability are difficult b…
CVE-2026-23040 medium 5.5 FIX rhel slesdebian debian 17d ago In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211_hwsim: fix typo in frequency notification The NAN notification is for 5745 MHz which corresponds to channel 149 an…
CVE-2026-0967 medium 5.5 5.5 FIX rheldebian debian sles libssh 17d ago Moderate: libssh security update
CVE-2026-0964 medium 6.3 6.3 FIX rheldebian debian sles libsshredhat 17d ago Moderate: libssh security update
CVE-2026-0865 medium 5.5 FIX rocky rheldebian debian 17d ago User-controlled header names and values containing newlines can allow injecting HTTP headers.
CVE-2025-8114 medium 4.7 4.7 FIX rheldebian debian sles libssh 17d ago Moderate: libssh security update
CVE-2025-5351 medium 6.5 6.5 FIX rheldebian debian sles libsshredhat 17d ago Moderate: libssh security update
CVE-2025-4877 medium 4.5 4.5 FIX rheldebian debian sles 17d ago Moderate: libssh security update
CVE-2025-40134 medium 5.5 FIX rhel slesdebian debian 17d ago In the Linux kernel, the following vulnerability has been resolved: dm: fix NULL pointer dereference in __dm_suspend() There is a race condition between dm device suspend and table load that can le…
CVE-2025-38470 medium 5.5 5.5 FIX rhel slesdebian debian 17d ago In the Linux kernel, the following vulnerability has been resolved: net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime Assuming the "rx-vlan-filter" feature is enabled on…
CVE-2025-38441 medium 5.5 FIX rhel slesdebian debian 17d ago In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() syzbot found a potential access to uninit-value in nf_…
CVE-2025-38405 medium 5.5 FIX rhel slesdebian debian 17d ago In the Linux kernel, the following vulnerability has been resolved: nvmet: fix memory leak of bio integrity If nvmet receives commands with metadata there is a continuous memory leak of kmalloc-128…
CVE-2025-38400 medium 5.5 5.5 FIX rhel slesdebian debian 17d ago In the Linux kernel, the following vulnerability has been resolved: nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails. syzbot reported a warning below [1] following a fault injectio…
CVE-2025-38279 medium 5.5 FIX rhel slesdebian debian 17d ago In the Linux kernel, the following vulnerability has been resolved: bpf: Do not include stack ptr register in precision backtracking bookkeeping Yi Lai reported an issue ([1]) where the following w…
CVE-2025-38166 medium 5.5 FIX rhel slesdebian debian 17d ago In the Linux kernel, the following vulnerability has been resolved: bpf: fix ktls panic with sockmap [ 2172.936997] ------------[ cut here ]------------ [ 2172.936999] kernel BUG at lib/iov_iter.c:…
CVE-2025-38097 medium 5.5 FIX rhel slesdebian debian 17d ago In the Linux kernel, the following vulnerability has been resolved: espintcp: remove encap socket caching to avoid reference leak The current scheme for caching the encap socket can lead to referen…
CVE-2025-38015 medium 5.5 FIX rhel slesdebian debian 17d ago In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix memory leak in error handling path of idxd_alloc Memory allocated for idxd is not freed if an error occurs d…
CVE-2025-37980 medium 5.5 FIX rhel slesdebian debian google 17d ago In the Linux kernel, the following vulnerability has been resolved: block: fix resource leak in blk_register_queue() error path When registering a queue fails after blk_mq_sysfs_register() is succe…
CVE-2025-22105 medium 5.5 5.5 FIX rhel slesdebian debian 17d ago In the Linux kernel, the following vulnerability has been resolved: bonding: check xdp prog when set bond mode Following operations can trigger a warning[1]: ip netns add ns1 ip netns exec…
CVE-2025-13465 medium 5.3 5.3 FIX rhel sles rocky lodash 17d ago Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the _.unset and _.omit functions. An attacker can pass crafted paths which cause Lodash to delete methods from global pr…
CVE-2025-12748 medium 5.5 5.5 FIX rhel slesdebian debian 17d ago Moderate: libvirt security update