VIR Vulnerability Intelligence Relay

Search

Found 2,137 results in 203ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-5273 medium 6.3 6.3 FIX debian debianmacos macos linux-kernel google 2mo ago Use after free in CSS in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-5272 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 2mo ago Heap buffer overflow in GPU in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
CVE-2026-23171 high 7.8 7.8 FIX rhel sles rocky google 2mo ago Moderate: kernel security update
CVE-2026-23399 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 2mo ago In the Linux kernel, the following vulnerability has been resolved: nf_tables: nft_dynset: fix possible stateful expression memleak in error path If cloning the second stateful expression in the el…
CVE-2026-34040 high 8.0 FIX debian debian sles google 2mo ago Moby has AuthZ plugin bypass when provided oversized request bodies
CVE-2026-33997 unknown FIX debian debian sles google 2mo ago Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. D…
CVE-2026-33871 unknown slesdebian debian google 2mo ago Netty HTTP/2 CONTINUATION Frame Flood DoS via Zero-Byte Frame Bypass
CVE-2026-33870 unknown slesdebian debian google 2mo ago Netty: HTTP Request Smuggling via Chunked Extension Quoted-String Parsing
CVE-2025-61731 high 8.0 FIX rocky rheldebian debian google 2mo ago Important: golang security update
CVE-2026-23302 medium 4.7 4.7 FIX slesdebian debian linux-kernel google 2mo ago In the Linux kernel, the following vulnerability has been resolved: net: annotate data-races around sk->sk_{data_ready,write_space} skmsg (and probably other layers) are changing these pointers whi…
CVE-2026-33176 medium 5.5 FIX slesdebian debian google 3mo ago Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Support number helpers accept str…
CVE-2026-33170 medium 5.5 FIX slesdebian debian google 3mo ago Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, `SafeBuffer#%` does not propagate the `@…
CVE-2026-33169 medium 5.5 FIX slesdebian debian google 3mo ago Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework. `NumberToDelimitedConverter` uses a lookahead-based regular expression with `gsub!` to in…
CVE-2026-23277 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 3mo ago In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit teql_master_xmit() calls netdev_start_xmit(skb,…
CVE-2026-33210 high 8.0 FIX rheldebian debianalmalinux almalinux google 3mo ago Important: ruby:4.0 security update
CVE-2026-23269 high 7.1 7.1 FIX slesdebian debian linux-kernel google 3mo ago In the Linux kernel, the following vulnerability has been resolved: apparmor: validate DFA start states are in bounds in unpack_pdb Start states are read from untrusted data and used as indexes int…
CVE-2026-23268 high 7.8 7.8 FIX slesdebian debian linux-kernel google 3mo ago In the Linux kernel, the following vulnerability has been resolved: apparmor: fix unprivileged local user can do privileged policy management An unprivileged local user can load, replace, and remov…
CVE-2026-23255 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 3mo ago In the Linux kernel, the following vulnerability has been resolved: net: add proper RCU protection to /proc/net/ptype Yin Fengwei reported an RCU stall in ptype_seq_show() and provided a patch. Re…
CVE-2026-23245 high 7.8 7.8 FIX slesdebian debian linux-kernel google 3mo ago In the Linux kernel, the following vulnerability has been resolved: net/sched: act_gate: snapshot parameters with RCU on replace The gate action can be replaced while the hrtimer callback or dump p…
CVE-2026-2219 high 7.5 7.5 FIX debian debian sles debiangoogle 3mo ago It was discovered that dpkg-deb (a component of dpkg, the Debian package management system) does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, wh…
CVE-2026-27142 unknown FIX debian debian sles google 3mo ago Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag also has an http-equiv attribute with the value "refresh". A new GODEBUG set…
CVE-2026-27139 unknown FIX debian debian sles google 3mo ago On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impac…
CVE-2026-24734 unknown FIX slesdebian debian google 4mo ago Improper Input Validation vulnerability in Apache Tomcat Native, Apache Tomcat. When using an OCSP responder, Tomcat Native (and Tomcat's FFM port of the Tomcat Native code) did not complete verific…
CVE-2026-0915 medium 5.5 FIX rocky rheldebian debian google 4mo ago RHSA-2026:4772: glibc security update (Moderate)
CVE-2026-0861 medium 5.5 FIX rheldebian debian sles google 4mo ago Moderate: glibc security update
CVE-2025-15281 medium 5.5 FIX rocky rheldebian debian google 4mo ago RHSA-2026:4772: glibc security update (Moderate)
CVE-2025-61732 high 8.0 FIX rocky rheldebian debian google 4mo ago A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary.
CVE-2025-61728 high 8.0 FIX rocky rheldebian debian google 4mo ago archive/zip uses a super-linear file name indexing algorithm that is invoked the first time a file in an archive is opened. This can lead to a denial of service when consuming a maliciously construct…
CVE-2026-23157 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 4mo ago In the Linux kernel, the following vulnerability has been resolved: btrfs: do not strictly require dirty metadata threshold for metadata writepages [BUG] There is an internal report that over 1000 …
CVE-2025-40135 medium 5.5 FIX rocky rhel sles google 4mo ago Moderate: kernel security update
CVE-2026-24051 unknown FIX debian debian google 4mo ago OpenTelemetry-Go is the Go implementation of OpenTelemetry. The OpenTelemetry Go SDK in version v1.20.0-1.39.0 is vulnerable to Path Hijacking (Untrusted Search Paths) on macOS/Darwin systems. The re…
CVE-2025-68119 unknown FIX debian debian sles google 4mo ago Downloading and building modules with malicious version strings can cause local code execution. On systems with Mercurial (hg) installed, downloading modules from non-standard sources (e.g., custom d…
CVE-2025-71161 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 4mo ago In the Linux kernel, the following vulnerability has been resolved: dm-verity: disable recursive forward error correction There are two problems with the recursive correction: 1. It may cause deni…
CVE-2026-0994 high 8.0 rhel sles rocky google 4mo ago Important: protobuf security update
CVE-2025-61729 high 8.0 FIX rocky rheldebian debian google 5mo ago Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string con…
CVE-2026-21932 high 7.4 7.4 FIX slesdebian debian oraclegoogle 5mo ago Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: AWT, JavaFX). Supported versions that are affected are Oracle Jav…
CVE-2025-68239 unknown FIX slesdebian debian google 6mo ago In the Linux kernel, the following vulnerability has been resolved: binfmt_misc: restore write access before closing files opened by open_exec() bm_register_write() opens an executable file using o…
CVE-2025-22116 medium 5.5 FIX rhel slesdebian debian google 7mo ago In the Linux kernel, the following vulnerability has been resolved: idpf: check error for register_netdev() on init Current init logic ignores the error code from register_netdev(), which will caus…
CVE-2025-58188 unknown FIX debian debian sles google 7mo ago Validating certificate chains which contain DSA public keys can cause programs to panic, due to a interface cast that assumes they implement the Equal method. This affects programs which validate arb…
CVE-2025-61723 unknown FIX debian debian sles google 7mo ago The processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input. This affects programs which parse untrusted PEM inputs.
CVE-2025-58187 unknown FIX debian debian sles google 7mo ago Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. This affects programs which validate ar…
CVE-2025-38584 high 7.8 7.8 FIX slesdebian debian linux-kernel google 10mo ago In the Linux kernel, the following vulnerability has been resolved: padata: Fix pd UAF once and for all There is a race condition/UAF in padata_reorder that goes back to the initial commit. A refe…
CVE-2025-47907 high 8.0 rheldebian debian sles google 10mo ago Incorrect results returned from Rows.Scan in database/sql
CVE-2025-4674 high 8.0 FIX rhel rockydebian debian google 10mo ago Important: golang security update
CVE-2025-48913 unknown google 10mo ago Apache CXF: Untrusted JMS configuration can lead to RCE
CVE-2025-22866 high 8.0 FIX rheldebian debian sles google 1y ago Important: delve and golang security update
CVE-2024-12798 unknown slesdebian debian google 2y ago QOS.CH logback-core Expression Language Injection vulnerability
CVE-2014-1745 high 7.1 7.1 FIX sles rhel rocky google 2y ago Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other…
CVE-2023-6460 medium 5.5 5.5 google 3y ago Logging of the firestore key within nodejs-firestore
CVE-2023-2976 unknown FIX slesdebian debian google 3y ago Guava vulnerable to insecure use of temporary directory
CVE-2022-40897 medium 5.5 FIX rhel rocky sles google 3y ago RHSA-2024:2987: python27:2.7 security update (Moderate)
CVE-2022-42004 high 8.0 FIX rocky slesdebian debian google 4y ago Uncontrolled Resource Consumption in FasterXML jackson-databind
CVE-2022-42003 high 8.0 FIX rocky slesdebian debian google 4y ago Uncontrolled Resource Consumption in Jackson-databind
CVE-2022-38750 high 8.0 FIX rocky slesdebian debian google 4y ago snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write
CVE-2022-38749 high 8.0 FIX rocky slesdebian debian google 4y ago snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write
CVE-2022-2160 medium 6.5 6.5 FIX debian debianfedora fedora google 4y ago Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitiv…
CVE-2022-25647 high 7.5 7.5 FIX slesdebian debian googlenetapporacle 4y ago Deserialization of Untrusted Data in Gson
CVE-2021-39156 high 8.0 FIX arch arch google 5y ago Istio Fragments in Path May Lead to Authorization Policy Bypass
CVE-2021-39155 high 8.0 FIX arch arch google 5y ago Authorization Policy Bypass Due to Case Insensitive Host Comparison
CVE-2020-8908 unknown FIX slesdebian debian google 5y ago Information Disclosure in Guava
CVE-2019-13721 high 8.8 8.8 FIX arch archdebian debian google 7y ago Use after free in PDFium in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2017-5122 high 8.8 8.8 FIX arch archdebian debian google 9y ago arbitrary code execution in chromium
CVE-2017-5121 high 8.8 8.8 FIX arch arch rhelmacos macos google 9y ago arbitrary code execution in chromium
CVE-2017-5120 medium 6.5 6.5 FIX arch archmacos macos linux-kernel google 9y ago multiple issues in chromium
CVE-2017-5119 medium 4.3 4.3 FIX arch archdebian debian google 9y ago multiple issues in chromium
CVE-2017-5118 medium 4.3 4.3 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5117 medium 6.5 6.5 FIX arch arch linux-kerneldebian debian google 9y ago multiple issues in chromium
CVE-2017-5116 high 8.8 8.8 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5115 high 8.8 8.8 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5114 high 8.8 8.8 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5113 high 8.8 8.8 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5112 high 8.8 8.8 FIX arch arch google 9y ago multiple issues in chromium
CVE-2017-5111 high 8.8 8.8 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5110 medium 6.5 6.5 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5109 medium 4.3 4.3 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5108 high 8.8 8.8 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5107 medium 5.3 5.3 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5106 medium 6.5 6.5 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5105 medium 6.5 6.5 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5104 medium 6.5 6.5 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5103 medium 4.3 4.3 FIX arch archmacos macos linux-kernel google 9y ago multiple issues in chromium
CVE-2017-5102 medium 4.3 4.3 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5101 medium 6.5 6.5 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5100 high 8.8 8.8 FIX arch arch rheldebian debian google 9y ago multiple issues in chromium
CVE-2017-5099 high 8.8 8.8 FIX arch arch linux-kerneldebian debian google 9y ago multiple issues in chromium
CVE-2017-5098 high 8.8 8.8 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5097 high 8.8 8.8 FIX arch arch linux-kerneldebian debian google 9y ago multiple issues in chromium
CVE-2017-5096 medium 4.3 4.3 google 9y ago Insufficient policy enforcement during navigation between different schemes in Google Chrome prior to 60.0.3112.78 for Android allowed a remote attacker to perform cross origin content download via a…
CVE-2017-5095 high 8.8 8.8 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5094 medium 6.5 6.5 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5093 medium 6.5 6.5 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5092 high 8.8 8.8 FIX arch archdebian debian google 9y ago multiple issues in chromium
CVE-2017-5091 high 8.8 8.8 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5090 medium 6.5 6.5 macos macos google 9y ago Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.115 for Mac allowed a remote attacker to perform domain spoofing via a crafted domain name containing a U+0620 character…
CVE-2017-5089 medium 6.5 6.5 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5088 high 8.8 8.8 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5087 high 8.8 8.8 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5086 medium 6.5 6.5 FIX arch archmacos macos rhel google 9y ago multiple issues in chromium
CVE-2017-5083 medium 4.3 4.3 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2017-5082 medium 5.5 5.5 FIX arch arch google 9y ago multiple issues in chromium