VIR Vulnerability Intelligence Relay

Search

Found 2,374 results in 718ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-31777 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Check the error for index mapping The ctxfi driver blindly assumed a proper value returned from daio_device_index(),…
CVE-2026-31771 high 8.1 8.1 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: move wake reason storage into validated event handlers hci_store_wake_reason() is called from hci_event_pac…
CVE-2026-31769 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: gpib: fix use-after-free in IO ioctl handlers The IBRD, IBWRT, IBCMD, and IBWAIT ioctl handlers use a gpib_descriptor pointer aft…
CVE-2026-31767 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: drm/i915/dsi: Don't do DSC horizontal timing adjustments in command mode Stop adjusting the horizontal timing values based on the…
CVE-2026-31729 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: validate connector number in ucsi_notify_common() The connector number extracted from CCI via UCSI_CCI_CONNECTO…
CVE-2026-31725 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_ecm: Fix net_device lifecycle with device_move The net_device is allocated during function instance creation and r…
CVE-2026-31724 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_eem: Fix net_device lifecycle with device_move The net_device is allocated during function instance creation and r…
CVE-2026-31723 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_subset: Fix net_device lifecycle with device_move The net_device is allocated during function instance creation an…
CVE-2026-31722 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_rndis: Fix net_device lifecycle with device_move The net_device is allocated during function instance creation and…
CVE-2026-31721 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_hid: move list and spinlock inits from bind to alloc There was an issue when you did the following: - setup and bi…
CVE-2026-31717 high 8.8 8.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate owner of durable handle on reconnect Currently, ksmbd does not verify if the user attempting to reconnect to a du…
CVE-2026-31715 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: f2fs: fix UAF caused by decrementing sbi->nr_pages[] in f2fs_write_end_io() The xfstests case "generic/107" and syzbot have both …
CVE-2026-31712 high 8.3 8.3 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: ksmbd: require minimum ACE size in smb_check_perm_dacl() Both ACE-walk loops in smb_check_perm_dacl() only guard against an under…
CVE-2026-31711 high 7.5 7.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: smb: server: fix active_num_conn leak on transport allocation failure Commit 77ffbcac4e56 ("smb: server: fix leak of active_num_c…
CVE-2026-31709 high 8.8 8.8 FIX sles rheldebian debian google 1mo ago In the Linux kernel, the following vulnerability has been resolved: smb: client: validate the whole DACL before rewriting it in cifsacl build_sec_desc() and id_mode_to_cifs_acl() derive a DACL poin…
CVE-2026-31708 high 8.1 8.1 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOB read in smb2_ioctl_query_info QUERY_INFO path smb2_ioctl_query_info() has two response-copy branches: PASSTH…
CVE-2026-31707 high 7.1 7.1 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate response sizes in ipc_validate_msg() ipc_validate_msg() computes the expected message size for each response type…
CVE-2026-31706 high 8.8 8.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate num_aces and harden ACE walk in smb_inherit_dacl() smb_inherit_dacl() trusts the on-disk num_aces value from the …
CVE-2026-31704 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: ksmbd: use check_add_overflow() to prevent u16 DACL size overflow set_posix_acl_entries_dacl() and set_ntacl_dacl() accumulate AC…
CVE-2026-31702 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: f2fs: fix use-after-free of sbi in f2fs_compress_write_end_io() In f2fs_compress_write_end_io(), dec_page_count(sbi, type) can br…
CVE-2026-31700 high 7.8 7.8 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd() In tpacket_snd(), when PACKET_VNET_HDR is enabled, vnet_hdr point…
CVE-2026-31699 high 7.1 7.1 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed When retrieving the PEK CSR, don't attempt to copy the …
CVE-2026-31698 high 7.1 7.1 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed When retrieving the PDH cert, don't attempt to cop…
CVE-2026-31697 high 7.1 7.1 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed When retrieving the ID for the CPU, don't attempt to cop…
CVE-2026-31696 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix missing validation of ticket length in non-XDR key preparsing In rxrpc_preparse(), there are two paths for parsing key…
CVE-2026-31694 high 7.8 7.8 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: fuse: reject oversized dirents in page cache fuse_add_dirent_to_cache() computes a serialized dirent size from the server-control…
CVE-2026-33116 high 7.5 7.5 rhel linux-kernelmacos macos microsoft 2mo ago Important: .NET 8.0 security update
CVE-2026-32226 medium 5.9 5.9 windows windows microsoft 2mo ago Concurrent execution using shared resource with improper synchronization ('race condition') in .NET Framework allows an unauthorized attacker to deny service over a network.
CVE-2026-32223 medium 6.8 6.8 FIX windows windows 2mo ago Heap-based buffer overflow in Windows USB Print Driver allows an unauthorized attacker to elevate privileges with a physical attack.
CVE-2026-32202 medium 4.3 6.8 KEVEXPFIX windows windows 2mo ago Microsoft Windows Shell contains a protection mechanism failure vulnerability that allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-32181 medium 5.5 5.5 FIX windows windows 2mo ago Improper privilege management in Microsoft Windows allows an authorized attacker to deny service locally.
CVE-2026-32157 high 8.8 8.8 FIX windows windows microsoft 2mo ago Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVE-2026-32154 high 7.8 7.8 FIX windows windows 2mo ago Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.
CVE-2026-32152 high 7.8 7.8 FIX windows windows 2mo ago Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.
CVE-2026-32077 high 7.8 7.8 FIX windows windows 2mo ago Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.
CVE-2026-26151 high 7.1 7.1 FIX windows windows 2mo ago Insufficient ui warning of dangerous operations in Windows Remote Desktop allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-23666 high 7.5 7.5 windows windows microsoft 2mo ago Improper input validation in .NET Framework allows an unauthorized attacker to deny service over a network.
CVE-2026-26128 high 7.8 7.8 FIX windows windows 3mo ago Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally.
CVE-2026-25187 high 7.8 7.8 FIX windows windows 3mo ago Improper link resolution before file access ('link following') in Winlogon allows an authorized attacker to elevate privileges locally.
CVE-2026-25180 medium 5.5 5.5 FIX windows windows microsoft 3mo ago Out-of-bounds read in Microsoft Graphics Component allows an unauthorized attacker to disclose information locally.
CVE-2026-24285 high 7.0 7.0 FIX windows windows microsoft 3mo ago Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.
CVE-2026-20931 high 8.0 8.0 FIX windows windows 5mo ago External control of file name or path in Windows Telephony Service allows an authorized attacker to elevate privileges over an adjacent network.
CVE-2026-20921 high 7.5 7.5 FIX windows windows 5mo ago Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.
CVE-2026-20864 high 7.8 7.8 FIX windows windows 5mo ago Heap-based buffer overflow in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally.
CVE-2026-20817 high 7.8 7.8 FIX windows windows 5mo ago Improper handling of insufficient permissions or privileges in Windows Error Reporting allows an authorized attacker to elevate privileges locally.
CVE-2025-53799 medium 5.5 5.5 FIX windows windows microsoft 9mo ago Use of uninitialized resource in Windows Imaging Component allows an unauthorized attacker to disclose information locally.
CVE-2025-30388 high 7.8 7.8 FIX windows windows microsoft 1y ago Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
CVE-2025-26687 high 7.5 7.5 FIX windows windows microsoft 1y ago Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network.
CVE-2025-21338 high 7.8 7.8 FIX windows windows microsoft 1y ago GDI+ Remote Code Execution Vulnerability
CVE-2024-38250 high 7.8 7.8 FIX windows windows microsoft 2y ago Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2023-44487 high 7.5 10.0 KEVEXPFIX rocky rheldebian debian siemensietfnghttp2 3y ago Moderate: nginx:1.22 security update
CVE-2023-29335 high 7.5 7.5 windows windows microsoft 3y ago Microsoft Word Security Feature Bypass Vulnerability
CVE-2022-44702 high 7.8 7.8 windows windows microsoft 4y ago Windows Terminal Remote Code Execution Vulnerability
CVE-2022-26934 medium 6.5 6.5 windows windows microsoft 4y ago Windows Graphics Component Information Disclosure Vulnerability
CVE-2022-26926 high 7.8 7.8 windows windows 4y ago Windows Address Book Remote Code Execution Vulnerability
CVE-2022-26826 high 7.2 7.2 windows windows 4y ago Windows DNS Server Remote Code Execution Vulnerability
CVE-2022-26795 high 7.8 7.8 windows windows 4y ago Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2020-17103 high 7.0 7.0 windows windows 6y ago Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2020-1574 medium 5.5 5.5 windows windows 6y ago A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitra…
CVE-2018-3639 medium 5.5 6.5 EXPFIX slesdebian debian rhel intelarmredhat 8y ago Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of i…
CVE-2017-11305 medium 6.5 6.5 linux-kernel rhelwindows windows adobe 9y ago A regression affecting Adobe Flash Player version 27.0.0.187 (and earlier versions) causes the unintended reset of the global settings preference file when a user clears browser data.
CVE-2017-11930 high 7.5 7.5 windows windows microsoft 9y ago ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows …
CVE-2017-11927 medium 6.5 6.5 windows windows 9y ago Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709…
CVE-2017-11919 medium 5.3 5.3 windows windows microsoft 9y ago ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Windows 10 Gold, 1511, 1607, 1703, 1709, Windows …
CVE-2017-11918 high 7.5 8.5 EXP windows windows microsoft 9y ago ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how the scripting engine …
CVE-2017-11914 high 7.5 8.5 EXP windows windows microsoft 9y ago ChakraCore vulnerable to privilege escalation due to exposure from scriptFunction
CVE-2017-11913 high 7.5 7.5 windows windows microsoft 9y ago Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2…
CVE-2017-11912 high 7.5 7.5 windows windows microsoft 9y ago ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in W…
CVE-2017-11911 high 7.5 8.5 EXP windows windows microsoft 9y ago ChakraCore RCE Vulnerability
CVE-2017-11910 high 7.5 7.5 windows windows microsoft 9y ago ChakraCore vulnerable to remote code execution due to insufficient InlineCache check
CVE-2017-11909 high 7.5 8.5 EXP windows windows microsoft 9y ago ChakraCore vulnerable to remote code execution
CVE-2017-11908 high 7.5 7.5 windows windows microsoft 9y ago ChakraCore RCE Vulnerability
CVE-2017-11907 high 7.5 8.5 EXP windows windows microsoft 9y ago Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2…
CVE-2017-11906 medium 5.3 6.3 EXP windows windows microsoft 9y ago Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Serv…
CVE-2017-11905 high 7.5 7.5 windows windows microsoft 9y ago ChakraCore RCE Vulnerability
CVE-2017-11903 high 7.5 8.5 EXP windows windows microsoft 9y ago Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2…
CVE-2017-11901 high 7.5 7.5 windows windows microsoft 9y ago Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 …
CVE-2017-11895 high 7.5 7.5 windows windows microsoft 9y ago ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Internet Explorer and Microsoft Edge in Windows 1…
CVE-2017-11894 high 7.5 7.5 windows windows microsoft 9y ago ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and and Internet Explorer adn Microsoft Edge …
CVE-2017-11893 high 7.5 8.5 EXP windows windows microsoft 9y ago ChakraCore vulnerable to remote code execution
CVE-2017-11890 high 7.5 8.5 EXP windows windows microsoft 9y ago Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allow an attacker…
CVE-2017-11889 high 7.5 7.5 windows windows microsoft 9y ago ChakraCore RCE Vulnerability
CVE-2017-11888 high 7.5 7.5 windows windows microsoft 9y ago Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how Microsoft Edge…
CVE-2017-11887 medium 5.3 5.3 windows windows microsoft 9y ago Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows …
CVE-2017-11886 high 7.5 7.5 windows windows microsoft 9y ago Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allow an attacker…
CVE-2017-11885 medium 6.6 7.6 EXP windows windows 9y ago Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709…
CVE-2017-11940 high 7.8 7.8 windows windows microsoft 9y ago The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Se…
CVE-2017-11937 high 7.8 7.8 windows windows microsoft 9y ago The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Se…
CVE-2017-11880 medium 4.7 4.7 windows windows 9y ago Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attac…
CVE-2017-11873 high 7.5 8.5 EXP windows windows microsoft 9y ago ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to ho…
CVE-2017-11872 medium 6.5 6.5 windows windows microsoft 9y ago Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to force the browser to send data that would otherwise be restricted to a destination website of the atta…
CVE-2017-11871 high 7.5 7.5 windows windows microsoft 9y ago Chakra Core vulnerable to privilege escalation due to reading an invalid pointer
CVE-2017-11870 high 7.5 8.5 EXP windows windows microsoft 9y ago Chakra Core vulnerable to privilege escalation when writing to JavaScript null scope objects
CVE-2017-11869 high 7.5 7.5 windows windows microsoft 9y ago Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 …
CVE-2017-11866 high 7.5 7.5 windows windows microsoft 9y ago ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due…
CVE-2017-11863 medium 6.1 6.1 windows windows microsoft 9y ago Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to trick a user into loading a page containing malicious c…
CVE-2017-11862 high 7.5 7.5 windows windows microsoft 9y ago Chakra Core vulnerable to privilege escalation due to type confusion
CVE-2017-11861 high 7.5 8.5 EXP windows windows microsoft 9y ago Microsoft Edge in Windows 10 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engin…
CVE-2017-11858 high 7.5 7.5 windows windows microsoft 9y ago ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Wi…
CVE-2017-11856 high 7.5 7.5 windows windows microsoft 9y ago Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 …