VIR Vulnerability Intelligence Relay

Search

Found 5,149 results in 579ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2025-5024 medium 5.5 FIX rheldebian debian sles 11mo ago RHSA-2025:10742: gnome-remote-desktop security update (Moderate)
CVE-2025-48060 medium 5.5 FIX rhel rockydebian debian 11mo ago jq is a command-line JSON processor. In versions up to and including 1.7.1, a heap-buffer-overflow is present in function `jv_string_vfmt` in the jq_fuzz_execute harness from oss-fuzz. This crash hap…
CVE-2024-23337 medium 5.5 FIX rhel rocky sles 11mo ago jq is a command-line JSON processor. In versions up to and including 1.7.1, an integer overflow arises when assigning value using an index of 2147483647, the signed integer limit. This causes a denia…
CVE-2025-22004 medium 5.5 FIX rhel rocky sles 11mo ago In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lec_send() The ->send() operation frees skb so save the length before calling ->send() to avoid a…
CVE-2025-21759 medium 5.5 FIX rhel rocky sles 11mo ago In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: extend RCU protection in igmp6_send() igmp6_send() can be called without RTNL or RCU being held. Extend RCU protect…
CVE-2024-54661 medium 5.5 FIX rhel rocky sles 11mo ago readline.sh in socat before1.8.0.2 relies on the /tmp/$USER/stderr2 file.
CVE-2025-5702 medium 5.5 FIX rheldebian debian sles 11mo ago Moderate: glibc security update
CVE-2023-52933 medium 5.5 FIX rhel slesdebian debian 11mo ago In the Linux kernel, the following vulnerability has been resolved: Squashfs: fix handling and sanity checking of xattr_ids count A Sysbot [1] corrupted filesystem exposes two flaws in the handling…
CVE-2024-53064 medium 5.5 FIX rocky slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: idpf: fix idpf_vc_core_init error path In an event where the platform running the device control plane is rebooted, reset is dete…
CVE-2022-48919 medium 5.5 FIX rocky slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: cifs: fix double free race when mount fails in cifs_get_root() When cifs_get_root() fails during cifs_smb3_do_mount() we call dea…
CVE-2025-5455 medium 5.5 FIX rhel sles rocky 1y ago An issue was found in the private API function qDecodeDataUrl() in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. If the function was called with malformed…
CVE-2025-47268 medium 5.5 FIX rheldebian debian sles 1y ago Moderate: iputils security update
CVE-2025-3576 medium 5.9 5.9 FIX rhel rockydebian debian 1y ago RHSA-2025:8411: krb5 security update (Moderate)
CVE-2025-25724 medium 5.5 FIX rheldebian debian sles 1y ago Moderate: libarchive security update
CVE-2025-24495 medium 5.5 FIX rhel rockydebian debian 1y ago RHSA-2025:10991: microcode_ctl security update (Moderate)
CVE-2025-20623 medium 5.5 FIX rhel rockydebian debian 1y ago RHSA-2025:10991: microcode_ctl security update (Moderate)
CVE-2025-20012 medium 5.5 FIX rhel rockydebian debian 1y ago RHSA-2025:10991: microcode_ctl security update (Moderate)
CVE-2024-45332 medium 5.5 FIX rhel rocky sles 1y ago RHSA-2025:10991: microcode_ctl security update (Moderate)
CVE-2024-43420 medium 5.5 FIX rhel rocky sles 1y ago RHSA-2025:10991: microcode_ctl security update (Moderate)
CVE-2024-28956 medium 5.5 FIX rhel rocky sles 1y ago Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information dis…
CVE-2025-3891 medium 5.5 FIX rhel rockydebian debian 1y ago RHSA-2025:4597: mod_auth_openidc:2.3 security update (Moderate)
CVE-2025-37738 medium 5.5 FIX rhel rocky sles 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: ignore xattrs past end Once inside 'ext4_xattr_inode_dec_ref_all' we should ignore xattrs entries past the 'end' entry. Th…
CVE-2025-23150 medium 5.5 FIX rhel rocky sles 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one error in do_split Syzkaller detected a use-after-free issue in ext4_insert_dentry that was caused by out-of-…
CVE-2025-22104 medium 5.5 FIX rhel sles rocky 1y ago In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Use kernel helpers for hex dumps Previously, when the driver was printing hex dumps, the buffer was cast to an 8 byte lo…
CVE-2025-21919 medium 5.5 FIX rhel rocky sles 1y ago In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list child_cfs_rq_on_list attempts to convert a 'prev' pointer to …
CVE-2025-21883 medium 5.5 FIX rhel sles rocky 1y ago In the Linux kernel, the following vulnerability has been resolved: ice: Fix deinitializing VF in error path If ice_ena_vfs() fails after calling ice_create_vf_entries(), it frees all VFs without r…
CVE-2022-49395 medium 5.5 FIX rocky slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: um: Fix out-of-bounds read in LDT setup syscall_stub_data() expects the data_count parameter to be the number of longs, not bytes…
CVE-2025-4802 medium 5.5 FIX rhel rockydebian debian 1y ago RHSA-2025:8686: glibc security update (Moderate)
CVE-2023-24824 medium 5.5 FIX rockydebian debian rhel 1y ago RHSA-2025:8427: pandoc security update (Moderate)
CVE-2020-16156 medium 5.5 FIX arch arch rocky sles 1y ago RHSA-2025:8432: perl-CPAN security update (Moderate)
CVE-2022-3424 medium 5.5 FIX rhel slesdebian debian 1y ago A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_ass…
CVE-2025-21964 medium 5.5 FIX rhel sles rocky 1y ago In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing acregmax mount option User-provided mount parameter acregmax of type u32 is intended …
CVE-2025-47273 medium 5.5 FIX rhel rocky sles 1y ago RHSA-2025:14900: python39:3.9 security update (Moderate)
CVE-2025-4123 medium 6.1 7.1 EXPFIX rhel rocky sles grafana 1y ago RHSA-2025:7894: grafana security update (Important)
CVE-2025-31257 medium 4.7 4.7 FIX rhel rockyarch arch apple 1y ago This issue was addressed with improved memory handling. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously…
CVE-2022-4055 medium 5.5 rhel slesdebian debian 1y ago Moderate: xdg-utils security update
CVE-2025-27832 medium 5.5 FIX rheldebian debian sles 1y ago RHSA-2025:8421: ghostscript security update (Moderate)
CVE-2020-13790 medium 5.5 FIX rocky slesdebian debian 1y ago RHSA-2025:7540: libjpeg-turbo security update (Moderate)
CVE-2019-19012 medium 5.5 FIX rockydebian debian rhel 1y ago RHSA-2025:7539: ruby:2.5 security update (Moderate)
CVE-2025-71151 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory and information leak in smb3_reconfigure() In smb3_reconfigure(), if smb3_sync_session_ctx_passwords() fails, th…
CVE-2025-68179 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: s390: Disable ARCH_WANT_OPTIMIZE_HUGETLB_VMEMMAP As reported by Luiz Capitulino enabling HVO on s390 leads to reproducible crashe…
CVE-2025-31498 medium 5.5 FIX rhel rockydebian debian 1y ago RHSA-2025:4461: nodejs:20 security update (Moderate)
CVE-2025-30472 medium 5.5 FIX rheldebian debian sles 1y ago Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orf_token_endian_convert in exec/totemsrp.c via a large UDP packet.
CVE-2025-26465 medium 6.8 6.8 FIX rhel rocky sles openbsdnetappredhat 1y ago A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occur…
CVE-2025-24528 medium 5.5 FIX rheldebian debian sles 1y ago RHSA-2025:2722: krb5 security update (Moderate)
CVE-2025-23419 medium 5.5 FIX rhel slesdebian debian 1y ago When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers. Thi…
CVE-2025-22087 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Fix array bounds error with may_goto may_goto uses an additional 8 bytes on the stack, which causes the interpreters[] array…
CVE-2025-21888 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix a WARN during dereg_mr for DM type Memory regions (MR) of type DM (device memory) do not have an associated umem. …
CVE-2025-21694 medium 5.5 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix softlockup in __read_vmcore (part 2) Since commit 5cbcb62dddf5 ("fs/proc: fix softlockup in __read_vmcore") the numb…
CVE-2025-21689 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() This patch addresses a null-ptr-deref in qt2_process_read_urb…
CVE-2025-21669 medium 5.5 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: discard packets if the transport changes If the socket has been de-assigned or assigned to another transport, we mu…
CVE-2025-21668 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: add missing loop break condition Currently imx8mp_blk_ctrl_remove() will continue the for loop until a…
CVE-2025-21666 medium 5.5 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] Recent reports have shown how we sometimes call vsock_*_has_data() w…
CVE-2025-21663 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwmac-tegra: Read iommu stream id from device tree Nvidia's Tegra MGBE controllers require the IOMMU "Stream ID" (SI…
CVE-2025-21646 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: afs: Fix the maximum cell name length The kafs filesystem limits the maximum length of a cell to 256 bytes, but a problem occurs …
CVE-2025-1272 medium 5.5 FIX rheldebian debian 1y ago The Linux Kernel lockdown mode for kernel versions starting on 6.12 and above for Fedora Linux has the lockdown mode disabled without any warning. This may allow an attacker to gain access to sensiti…
CVE-2025-0938 medium 5.5 FIX rocky rhel sles 1y ago The Python standard library functions `urllib.parse.urlsplit` and `urlparse` accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only mean…
CVE-2025-0690 medium 5.5 FIX rheldebian debian sles 1y ago Moderate: grub2 security update
CVE-2025-0677 medium 5.5 FIX rheldebian debian sles 1y ago Moderate: grub2 security update
CVE-2025-0622 medium 5.5 FIX rheldebian debian sles 1y ago Moderate: grub2 security update
CVE-2024-8418 medium 5.5 FIX debian debian rhel sles 1y ago A flaw was found in Aardvark-dns, which is vulnerable to a Denial of Service attack due to the serial processing of TCP DNS queries. An attacker can exploit this flaw by keeping a TCP connection open…
CVE-2024-58099 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame Andrew and Nikolay reported connectivity issues with Cilium's service lo…
CVE-2024-58064 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: tests: Fix potential NULL dereference in test_cfg80211_parse_colocated_ap() kunit_kzalloc() may return NULL, dere…
CVE-2024-58009 medium 5.5 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc A NULL sock pointer is passed into l2cap_sock_alloc() when it is c…
CVE-2024-58005 medium 5.5 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: tpm: Change to kvalloc() in eventlog/acpi.c The following failure was reported on HPE ProLiant D320: [ 10.693310][ T1] tpm_…
CVE-2024-57940 medium 5.5 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: exfat: fix the infinite loop in exfat_readdir() If the file system is corrupted so that a cluster is linked to itself in the clus…
CVE-2024-57931 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: selinux: ignore unknown extended permissions When evaluating extended permissions, ignore unknown permissions instead of calling …
CVE-2024-57903 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: net: restrict SO_REUSEPORT to inet sockets After blamed commit, crypto sockets could accidentally be destroyed from RCU call back…
CVE-2024-57898 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: clear link ID from bitmap during link delete after clean up Currently, during link deletion, the link ID is first…
CVE-2024-57894 medium 5.5 rhel sles 1y ago RHSA-2025:6966: kernel security update (Moderate)
CVE-2024-57890 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevent integer overflow issue In the expression "cmd.wqe_size * cmd.wr_count", both variables are u32 values that c…
CVE-2024-57888 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker After commit 746ae46c1113 ("drm/sched: Mar…
CVE-2024-57885 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: fix sleeping function called from invalid context at print message Address a bug in the kernel that triggers a "slee…
CVE-2024-57884 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() The task sometimes continues looping in …
CVE-2024-57879 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: iso: Always release hdev at the end of iso_listen_bis Since hci_get_route holds the device before returning, the hdev …
CVE-2024-57852 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: smc: Handle missing SCM device Commit ca61d6836e6f ("firmware: qcom: scm: fix a NULL-pointer dereference") m…
CVE-2024-57843 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: virtio-net: fix overflow inside virtnet_rq_alloc When the frag just got a page, then may lead to regression on VM. Specially if t…
CVE-2024-57809 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: PCI: imx6: Fix suspend/resume support on i.MX6QDL The suspend/resume functionality is currently broken on the i.MX6QDL platform, …
CVE-2024-57798 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() While receiving an MST up request message from one …
CVE-2024-56827 medium 5.5 FIX rhel slesdebian debian 1y ago Moderate: openjpeg2 security update
CVE-2024-56826 medium 5.5 FIX rhel slesdebian debian 1y ago Moderate: openjpeg2 security update
CVE-2024-56783 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level cgroup maximum depth is INT_MAX by default, there is a cgroup …
CVE-2024-56779 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur The action force umount(umount -f) will attempt to kill all rpc_ta…
CVE-2024-56760 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: PCI/MSI: Handle lack of irqdomain gracefully Alexandre observed a warning emitted from pci_msi_setup_msi_irqs() on a RISCV platfo…
CVE-2024-56757 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: add intf release flow when usb disconnect MediaTek claim an special usb intr interface for ISO data t…
CVE-2024-56729 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: smb: Initialize cfid->tcon before performing network ops Avoid leaking a tcon ref when a lease break races with opening the cache…
CVE-2024-56693 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: brd: defer automatic disk creation until module initialization succeeds My colleague Wupeng found the following problems during f…
CVE-2024-56688 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: sunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport Since transport->sock has been set to NULL during reset transport, XPRT_…
CVE-2024-56667 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix NULL pointer dereference in capture_engine When the intel_context structure contains NULL, it raises a NULL pointer…
CVE-2024-56664 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close() Element replace (with a socket different from the one stored) may race…
CVE-2024-56663 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one Since the netlink attribute range validation provides inclusive checking, …
CVE-2024-56654 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Fix using rcu_read_(un)lock while iterating The usage of rcu_read_(un)lock while inside list_for_each_entry…
CVE-2024-56653 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtk: avoid UAF in btmtk_process_coredump hci_devcd_append may lead to the release of the skb, so it cannot be access…
CVE-2024-56647 medium 5.5 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: net: Fix icmp host relookup triggering ip_rt_bug arp link failure may trigger ip_rt_bug while xfrm enabled, call trace is: WARNI…
CVE-2024-56644 medium 5.5 FIX rhel rocky sles 1y ago In the Linux kernel, the following vulnerability has been resolved: net/ipv6: release expired exception dst cached in socket Dst objects get leaked in ip6_negative_advice() when this function is ex…
CVE-2024-56642 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free of kernel socket in cleanup_bearer(). syzkaller reported a use-after-free of UDP kernel socket in cleanu…
CVE-2024-56623 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix use after free on unload System crash is observed with stack trace warning of use after free. There are 2 sign…
CVE-2024-56616 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Fix MST sideband message body length check Fix the MST sideband message body length check, which must be at least 1 b…
CVE-2024-56614 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: xsk: fix OOB map writes when deleting elements Jordy says: " In the xsk_map_delete_elem function an unsigned integer (map->max_e…
CVE-2024-56611 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix migrate_to_node() assuming there is at least one VMA in a MM We currently assume that there is at least one VMA…