VIR Vulnerability Intelligence Relay

Search

Found 10,537 results in 1000ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-35177 medium 5.5 FIX slesdebian debian rhel 23h ago RHSA-2026:22717: vim security update (Moderate)
CVE-2026-5419 low 3.7 3.7 FIX debian debian sles rhel 2d ago RHSA-2026:20612: gnutls security update (Important)
CVE-2025-53020 high 8.0 FIX debian debian sles rhel 3d ago Important: httpd:2.4 security update
CVE-2026-4408 critical 9.0 9.0 FIX slesdebian debian rhel 7d ago Important: samba security update
CVE-2026-34079 high 8.0 FIX debian debian sles rhel 7d ago RHSA-2026:21756: flatpak security update (Important)
CVE-2026-34078 high 8.0 FIX debian debian sles rhel 7d ago RHSA-2026:21756: flatpak security update (Important)
CVE-2026-23392 high 8.0 FIX sles rheldebian debian 7d ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: release flowtable after rcu grace period on error Call synchronize_rcu() after unregistering the hooks from…
CVE-2025-71089 high 8.0 FIX sles rheldebian debian 7d ago In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIG_X86 is set Patch series "Fix stale IOTLB entries for kernel address space", v7. This proposes a f…
CVE-2025-68366 high 8.0 FIX sles rheldebian debian 7d ago In the Linux kernel, the following vulnerability has been resolved: nbd: defer config unlock in nbd_genl_connect There is one use-after-free warning when running NBD_CMD_CONNECT and NBD_CLEAR_SOCK:…
CVE-2025-68347 high 8.0 FIX slesdebian debianalmalinux almalinux 7d ago In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events The DSP event handling code in hwdep_read() could write mor…
CVE-2025-68183 high 8.0 FIX sles rheldebian debian 7d ago In the Linux kernel, the following vulnerability has been resolved: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr Currently when both IMA and EVM are in fix mode, the IMA …
CVE-2025-38653 high 8.0 FIX rhel slesdebian debian 7d ago In the Linux kernel, the following vulnerability has been resolved: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al Check pde->proc_ops->proc_lseek directly may ca…
CVE-2026-1933 medium 6.5 6.5 FIX slesdebian debian rhel redhatsamba 7d ago A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem wri…
CVE-2026-2340 medium 6.5 6.5 FIX slesdebian debian rhel redhatsamba 7d ago A flaw was found in Samba’s vfs_worm module. The module is intended to provide write-once, read-many (WORM) protections by preventing modification of files after a configurable grace period. Due to i…
CVE-2026-3012 high 8.0 8.0 FIX slesdebian debian rhel 8d ago Important: samba security update
CVE-2026-8975 high 8.8 8.8 FIX rheldebian debian sles mozilla 8d ago Important: thunderbird security update
CVE-2026-8974 high 8.8 8.8 FIX rheldebian debian sles mozilla 8d ago Important: thunderbird security update
CVE-2026-8970 high 8.8 8.8 FIX rheldebian debian sles mozilla 8d ago Important: thunderbird security update
CVE-2026-8968 high 7.5 7.5 FIX rheldebian debian sles mozilla 8d ago Important: thunderbird security update
CVE-2026-8962 high 8.1 8.1 FIX rheldebian debian sles mozilla 8d ago Important: thunderbird security update
CVE-2026-8961 medium 6.5 6.5 FIX rheldebian debian sles mozilla 8d ago Important: thunderbird security update
CVE-2026-8959 critical 9.6 9.6 FIX rheldebian debian sles mozilla 8d ago Important: thunderbird security update
CVE-2026-8958 high 8.6 8.6 FIX rheldebian debian sles mozilla 8d ago Important: thunderbird security update
CVE-2026-8957 high 8.8 8.8 FIX rheldebian debian sles mozilla 8d ago Important: thunderbird security update
CVE-2026-8956 critical 9.8 9.8 FIX rheldebian debian sles mozilla 8d ago Important: thunderbird security update
CVE-2026-8955 high 8.8 8.8 FIX rheldebian debian sles mozilla 8d ago Important: thunderbird security update
CVE-2026-8954 high 7.5 7.5 FIX rheldebian debian sles mozilla 8d ago Important: thunderbird security update
CVE-2026-8953 critical 9.6 9.6 FIX rheldebian debian sles mozilla 8d ago Important: thunderbird security update
CVE-2026-8950 critical 9.3 9.3 FIX rheldebian debian sles mozilla 8d ago Important: thunderbird security update
CVE-2026-8947 high 7.3 7.3 FIX rheldebian debian sles mozilla 8d ago Important: thunderbird security update
CVE-2026-8946 high 7.5 7.5 FIX rheldebian debian sles mozilla 8d ago Important: thunderbird security update
CVE-2026-8401 critical 9.8 9.8 FIX rheldebian debian sles mozilla 8d ago Important: thunderbird security update
CVE-2026-8391 medium 5.3 5.3 FIX rheldebian debianalmalinux almalinux mozilla 8d ago Important: thunderbird security update
CVE-2026-8388 medium 6.5 6.5 FIX rheldebian debianalmalinux almalinux mozilla 8d ago Important: thunderbird security update
CVE-2026-42899 high 7.5 7.5 FIX rhelmacos macos linux-kernel microsoft 8d ago Important: .NET 9.0 security update
CVE-2026-34043 high 8.0 FIX rheldebian debianalmalinux almalinux 8d ago RHSA-2026:21291: .NET 8.0 security update (Important)
CVE-2026-42015 medium 5.3 5.3 FIX debian debian sles rhel 8d ago RHSA-2026:20612: gnutls security update (Important)
CVE-2026-42013 high 8.2 8.2 FIX debian debian sles rhel 8d ago RHSA-2026:20612: gnutls security update (Important)
CVE-2026-42012 high 7.1 7.1 FIX debian debian rhelwindows windows 8d ago RHSA-2026:20612: gnutls security update (Important)
CVE-2026-5260 high 8.2 8.2 FIX debian debian sles rhel 8d ago RHSA-2026:20612: gnutls security update (Important)
CVE-2026-48864 high 7.8 7.8 debian debian sles rhel opensuseredhat 8d ago A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker-controlled compressed data within `.solv` files due to insufficient input validation. An attacker ca…
CVE-2026-4480 critical 9.0 9.0 FIX slesdebian debian rhel redhatsamba 8d ago Important: samba security update
CVE-2026-8094 critical 9.8 9.8 FIX rheldebian debian sles mozilla 9d ago RHSA-2026:20566: firefox security update (Important)
CVE-2026-8092 high 8.1 8.1 FIX rheldebian debian sles mozilla 9d ago Memory safety bugs present in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of th…
CVE-2026-8090 high 7.3 7.3 FIX rheldebian debian sles mozilla 9d ago Use-after-free in the DOM: Networking component. This vulnerability was fixed in Firefox 150.0.2, Firefox ESR 140.10.2, Firefox ESR 115.35.2, Thunderbird 150.0.2, and Thunderbird 140.10.2.
CVE-2026-4438 medium 5.5 FIX rheldebian debian sles google 9d ago Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS host…
CVE-2026-4437 medium 5.5 FIX rheldebian debian sles google 9d ago Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from…
CVE-2026-42014 high 8.0 FIX debian debian sles rhel 9d ago RHSA-2026:20612: gnutls security update (Important)
CVE-2026-4046 medium 5.5 FIX rheldebian debian sles google 9d ago RHSA-2026:20587: glibc security update (Moderate)
CVE-2026-40386 medium 5.5 FIX debian debian sles rhel 9d ago Moderate: libexif security update
CVE-2026-40385 medium 5.5 FIX debian debian sles rhel 9d ago Moderate: libexif security update
CVE-2026-2332 critical 9.1 9.1 FIX rheldebian debian sles eclipse 9d ago Jetty has HTTP Request Smuggling via Chunked Extension Quoted-String Parsing
CVE-2026-9149 medium 6.5 6.5 FIX debian debian sleswindows windows opensuseredhat 14d ago A flaw was found in libsolv. This heap buffer overflow vulnerability occurs when a victim processes a specially crafted `.solv` file containing negative size values in the `repo_add_solv` function. T…
CVE-2026-9150 medium 6.5 6.5 FIX debian debian sleswindows windows opensuseredhat 14d ago A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could …
CVE-2026-9064 high 7.5 7.5 debian debian sles rhel redhat 15d ago A flaw was found in 389-ds-base. The get_ldapmessage_controls_ext() function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated a…
CVE-2026-46333 high 7.1 7.1 FIX rhel slesdebian debian google 15d ago In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - t…
CVE-2026-46300 high 7.8 8.8 EXPFIX rhel slesdebian debian aws 15d ago In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() can attach paged frags from @from to @to. If @from…
CVE-2026-43163 medium 4.7 4.7 FIX rhel slesdebian debian 15d ago In the Linux kernel, the following vulnerability has been resolved: md/bitmap: fix GPF in write_page caused by resize race A General Protection Fault occurs in write_page() during array resize: RIP…
CVE-2026-43128 high 7.8 7.8 FIX rhel slesdebian debian 15d ago In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fix double dma_buf_unpin in failure path In ib_umem_dmabuf_get_pinned_with_dma_device(), the call to ib_umem_dmabuf_ma…
CVE-2026-37555 high 7.5 7.5 FIX rheldebian debian sles libsndfile_project 15d ago RHSA-2026:19559: libsndfile security update (Important)
CVE-2026-31607 critical 9.8 9.8 FIX rhel slesdebian debian 15d ago In the Linux kernel, the following vulnerability has been resolved: usbip: validate number_of_packets in usbip_pack_ret_submit() When a USB/IP client receives a RET_SUBMIT response, usbip_pack_ret_…
CVE-2026-31532 high 7.8 7.8 FIX rhel slesdebian debian google 15d ago In the Linux kernel, the following vulnerability has been resolved: can: raw: fix ro->uniq use-after-free in raw_rcv() raw_release() unregisters raw CAN receive filters via can_rx_unregister(), but…
CVE-2026-23401 high 8.0 FIX rhel slesdebian debian google 15d ago In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE When installing an emulated MMIO SPTE, do so *after*…
CVE-2026-23204 high 7.1 7.1 FIX rocky rhel sles 15d ago In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_u32: use skb_header_pointer_careful() skb_header_pointer() does not fully validate negative @offset values. Use s…
CVE-2026-22990 high 8.0 FIX rhel slesdebian debian 15d ago In the Linux kernel, the following vulnerability has been resolved: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() If the osdmap is (maliciously) corrupted such that the incremen…
CVE-2026-22984 high 8.0 FIX rhel slesdebian debian 15d ago In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in handle_auth_done() Perform an explicit bounds check on payload_len to avoid a p…
CVE-2025-71116 high 8.0 FIX rhel slesdebian debian 15d ago In the Linux kernel, the following vulnerability has been resolved: libceph: make decode_pool() more resilient against corrupted osdmaps If the osdmap is (maliciously) corrupted such that the encod…
CVE-2025-68741 high 8.0 FIX rhel slesdebian debian 15d ago In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix improper freeing of purex item In qla2xxx_process_purls_iocb(), an item is allocated via qla27xx_copy_multiple…
CVE-2025-39766 high 7.8 7.8 FIX rhel slesdebian debian 15d ago In the Linux kernel, the following vulnerability has been resolved: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit The following setup can trigger a WARNING in htb_activate …
CVE-2026-7323 high 7.3 7.3 FIX rheldebian debianalmalinux almalinux mozilla 16d ago Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have…
CVE-2026-7322 high 7.3 7.3 FIX rheldebian debianalmalinux almalinux mozilla 16d ago Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have…
CVE-2026-7321 critical 9.6 9.6 FIX rheldebian debianalmalinux almalinux mozilla 16d ago RHSA-2026:20586: thunderbird security update (Important)
CVE-2026-7320 high 7.5 7.5 FIX rheldebian debianalmalinux almalinux mozilla 16d ago Information disclosure due to incorrect boundary conditions in the Audio/Video component. This vulnerability was fixed in Firefox 150.0.1, Firefox ESR 140.10.1, Firefox ESR 115.35.1, Thunderbird 150.…
CVE-2026-5713 high 8.0 FIX rhel slesdebian debian 16d ago Important: python3.14 security update
CVE-2026-4893 medium 5.3 5.3 FIX rheldebian debian sles 16d ago RHSA-2026:20589: dnsmasq security update (Important)
CVE-2026-4892 high 8.4 8.4 FIX rheldebian debian sles 16d ago RHSA-2026:20589: dnsmasq security update (Important)
CVE-2026-4891 medium 5.3 5.3 FIX rheldebian debian sles 16d ago RHSA-2026:20589: dnsmasq security update (Important)
CVE-2026-4890 high 7.5 7.5 FIX rheldebian debian sles 16d ago RHSA-2026:20589: dnsmasq security update (Important)
CVE-2026-4519 high 8.0 FIX rocky rheldebian debian 16d ago The webbrowser.open() API would accept leading dashes in the URL which could be handled as command line options for certain web browsers. New behavior rejects leading dashes. Users are recommended …
CVE-2026-4224 high 8.0 FIX rhel slesdebian debian 16d ago When an Expat parser with a registered ElementDeclHandler parses an inline document type definition containing a deeply nested content model a C stack overflow occurs.
CVE-2026-41035 high 7.8 7.8 FIX rhel slesdebian debian samba 16d ago RHSA-2026:17481: rsync security update (Important)
CVE-2026-40356 medium 5.9 5.9 FIX rheldebian debian sles 16d ago RHSA-2026:16799: krb5 security update (Important)
CVE-2026-40355 medium 5.9 5.9 FIX rheldebian debian sles 16d ago RHSA-2026:16799: krb5 security update (Important)
CVE-2026-39373 low 2.5 FIX rhel slesdebian debian 16d ago Low: python-jwcrypto security update
CVE-2026-3644 high 8.0 FIX rhel slesdebian debian 16d ago RHSA-2026:10950: python3.12 security update (Important)
CVE-2026-34000 medium 6.1 6.1 FIX rhel slesdebian debian x.org 16d ago A flaw was found in the X.Org X server. This out-of-bounds read vulnerability in the XKB geometry processing, specifically within the `CheckSetGeom()` and `XkbAddGeomKeyAlias` functions, allows an at…
CVE-2026-33984 high 8.0 FIX rheldebian debian sles 16d ago RHSA-2026:8945: freerdp security update (Important)
CVE-2026-33983 high 8.0 FIX rheldebian debian sles 16d ago RHSA-2026:8945: freerdp security update (Important)
CVE-2026-33810 high 8.0 FIX rheldebian debian sles 16d ago Important: opentelemetry-collector security update
CVE-2026-32710 medium 5.5 FIX rhel slesdebian debian 16d ago MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before 11.4.10 and 11.8 before 11.8.6 via a bug in JSON_SCHEMA_VALID() function. Un…
CVE-2026-32281 high 8.0 FIX rheldebian debian sles google 16d ago Inefficient policy validation in crypto/x509
CVE-2026-31790 high 7.5 7.5 FIX rhel slesdebian debian opensslgoogle 16d ago Moderate: openssl security update
CVE-2026-31677 medium 5.5 5.5 FIX rhel slesdebian debian google 16d ago In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - limit RX SG extraction by receive buffer budget Make af_alg_get_rsgl() limit each RX scatterlist extraction to t…
CVE-2026-30892 medium 5.5 FIX rheldebian debian rocky 16d ago Moderate: crun security update
CVE-2026-3085 high 8.0 FIX rheldebian debian rocky 16d ago GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Int…
CVE-2026-3083 high 8.0 FIX rheldebian debian rocky 16d ago GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interactio…
CVE-2026-3082 high 8.0 FIX rheldebian debian rocky 16d ago RHSA-2026:6750: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good security update (Important)
CVE-2026-2923 high 8.0 FIX rheldebian debian rocky 16d ago RHSA-2026:6750: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good security update (Important)
CVE-2026-2922 high 8.0 FIX rheldebian debian rocky 16d ago Important: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update
CVE-2026-2921 high 8.0 FIX rheldebian debian rocky 16d ago RHSA-2026:6750: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good security update (Important)