VIR Vulnerability Intelligence Relay

Search

Found 5,398 results in 736ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-5419 low 3.7 3.7 FIX debian debian sles rhel 4d ago A flaw was found in gnutls. The PKCS#7 padding check, performed during decryption, was not constant-time. This timing side-channel could allow a remote attacker to potentially leak sensitive informat…
CVE-2026-46243 high 7.1 7.1 FIX debian debian slesalmalinux almalinux 4d ago In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions cifs.spnego key descriptions contain authority-bearing fields such as pid,…
CVE-2026-4408 critical 9.0 9.0 FIX slesdebian debian rhel 8d ago Important: samba security update
CVE-2026-34079 high 8.0 FIX debian debian sles rhel 9d ago Important: flatpak security update
CVE-2026-34078 high 8.0 FIX debian debian sles rhel 9d ago Important: flatpak security update
CVE-2026-23392 high 8.0 FIX sles rheldebian debian 9d ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: release flowtable after rcu grace period on error Call synchronize_rcu() after unregistering the hooks from…
CVE-2025-71089 high 8.0 FIX sles rheldebian debian 9d ago In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIG_X86 is set Patch series "Fix stale IOTLB entries for kernel address space", v7. This proposes a f…
CVE-2025-68366 high 8.0 FIX sles rheldebian debian 9d ago In the Linux kernel, the following vulnerability has been resolved: nbd: defer config unlock in nbd_genl_connect There is one use-after-free warning when running NBD_CMD_CONNECT and NBD_CLEAR_SOCK:…
CVE-2025-68347 high 8.0 FIX slesdebian debianalmalinux almalinux 9d ago In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events The DSP event handling code in hwdep_read() could write mor…
CVE-2025-68183 high 8.0 FIX sles rheldebian debian 9d ago In the Linux kernel, the following vulnerability has been resolved: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr Currently when both IMA and EVM are in fix mode, the IMA …
CVE-2025-38653 high 8.0 FIX rhel slesdebian debian 9d ago In the Linux kernel, the following vulnerability has been resolved: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al Check pde->proc_ops->proc_lseek directly may ca…
CVE-2026-3012 high 8.0 8.0 FIX slesdebian debian rhel 9d ago Important: samba security update
CVE-2026-8975 high 8.8 8.8 FIX rheldebian debian sles mozilla 10d ago Important: thunderbird security update
CVE-2026-8974 high 8.8 8.8 FIX rheldebian debian sles mozilla 10d ago Important: thunderbird security update
CVE-2026-8970 high 8.8 8.8 FIX rheldebian debian sles mozilla 10d ago Important: thunderbird security update
CVE-2026-8968 high 7.5 7.5 FIX rheldebian debian sles mozilla 10d ago Important: thunderbird security update
CVE-2026-8962 high 8.1 8.1 FIX rheldebian debian sles mozilla 10d ago Important: thunderbird security update
CVE-2026-8959 critical 9.6 9.6 FIX rheldebian debian sles mozilla 10d ago Important: thunderbird security update
CVE-2026-8958 high 8.6 8.6 FIX rheldebian debian sles mozilla 10d ago Important: thunderbird security update
CVE-2026-8957 high 8.8 8.8 FIX rheldebian debian sles mozilla 10d ago Important: thunderbird security update
CVE-2026-8956 critical 9.8 9.8 FIX rheldebian debian sles mozilla 10d ago Important: thunderbird security update
CVE-2026-8955 high 8.8 8.8 FIX rheldebian debian sles mozilla 10d ago Important: thunderbird security update
CVE-2026-8954 high 7.5 7.5 FIX rheldebian debian sles mozilla 10d ago Important: thunderbird security update
CVE-2026-8953 critical 9.6 9.6 FIX rheldebian debian sles mozilla 10d ago Important: thunderbird security update
CVE-2026-8950 critical 9.3 9.3 FIX rheldebian debian sles mozilla 10d ago Important: thunderbird security update
CVE-2026-8947 high 7.3 7.3 FIX rheldebian debian sles mozilla 10d ago Important: thunderbird security update
CVE-2026-8946 high 7.5 7.5 FIX rheldebian debian sles mozilla 10d ago Important: thunderbird security update
CVE-2026-8401 critical 9.8 9.8 FIX rheldebian debian sles mozilla 10d ago Important: thunderbird security update
CVE-2026-42899 high 7.5 7.5 FIX rhelmacos macos linux-kernel microsoft 10d ago Loop with unreachable exit condition ('infinite loop') in ASP.NET Core allows an unauthorized attacker to deny service over a network.
CVE-2026-34043 high 8.0 FIX rheldebian debianalmalinux almalinux 10d ago RHSA-2026:21291: .NET 8.0 security update (Important)
CVE-2026-42013 high 8.2 8.2 FIX debian debian sles rhel 10d ago RHSA-2026:20612: gnutls security update (Important)
CVE-2026-42012 high 7.1 7.1 FIX debian debian rhelwindows windows 10d ago RHSA-2026:20612: gnutls security update (Important)
CVE-2026-5260 high 8.2 8.2 FIX debian debian sles rhel 10d ago RHSA-2026:20612: gnutls security update (Important)
CVE-2026-48864 high 7.8 7.8 debian debian sles rhel opensuseredhat 10d ago A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker-controlled compressed data within `.solv` files due to insufficient input validation. An attacker ca…
CVE-2026-4480 critical 9.0 9.0 FIX slesdebian debian rhel redhatsamba 10d ago Important: samba security update
CVE-2026-8094 critical 9.8 9.8 FIX rheldebian debian sles mozilla 11d ago RHSA-2026:20566: firefox security update (Important)
CVE-2026-8092 high 8.1 8.1 FIX rheldebian debian sles mozilla 11d ago Memory safety bugs present in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of th…
CVE-2026-8090 high 7.3 7.3 FIX rheldebian debian sles mozilla 11d ago Use-after-free in the DOM: Networking component. This vulnerability was fixed in Firefox 150.0.2, Firefox ESR 140.10.2, Firefox ESR 115.35.2, Thunderbird 150.0.2, and Thunderbird 140.10.2.
CVE-2026-42014 high 8.0 FIX debian debian sles rhel 11d ago RHSA-2026:20612: gnutls security update (Important)
CVE-2026-2332 critical 9.1 9.1 FIX rheldebian debian sles eclipse 11d ago Jetty has HTTP Request Smuggling via Chunked Extension Quoted-String Parsing
CVE-2026-5946 high 7.5 7.5 FIX debian debian sleswindows windows isc 16d ago RHSA-2026:23360: bind9.16 security update (Important)
CVE-2026-3039 high 7.5 7.5 FIX debian debian sleswindows windows isc 16d ago RHSA-2026:23360: bind9.16 security update (Important)
CVE-2026-9064 high 7.5 7.5 debian debian sles rhel redhat 16d ago A flaw was found in 389-ds-base. The get_ldapmessage_controls_ext() function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated a…
CVE-2026-46333 high 7.1 7.1 FIX rhel slesdebian debian google 17d ago RHSA-2026:23470: kpatch-patch-4_18_0-553_109_1, kpatch-patch-4_18_0-553_40_1, kpatch-patch-4_18_0-553_53_1, kpatch-patch-4_18_0-553_72_1, and kpatch-patch-4_18_0-553_85_1 security update (Important)
CVE-2026-46300 high 7.8 8.8 EXPFIX rhel slesdebian debian awsgoogle 17d ago RHSA-2026:23470: kpatch-patch-4_18_0-553_109_1, kpatch-patch-4_18_0-553_40_1, kpatch-patch-4_18_0-553_53_1, kpatch-patch-4_18_0-553_72_1, and kpatch-patch-4_18_0-553_85_1 security update (Important)
CVE-2026-43128 high 7.8 7.8 FIX rhel slesdebian debian 17d ago In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fix double dma_buf_unpin in failure path In ib_umem_dmabuf_get_pinned_with_dma_device(), the call to ib_umem_dmabuf_ma…
CVE-2026-37555 high 7.5 7.5 FIX rheldebian debian sles libsndfile_project 17d ago RHSA-2026:19559: libsndfile security update (Important)
CVE-2026-31607 critical 9.8 9.8 FIX rhel slesdebian debian 17d ago In the Linux kernel, the following vulnerability has been resolved: usbip: validate number_of_packets in usbip_pack_ret_submit() When a USB/IP client receives a RET_SUBMIT response, usbip_pack_ret_…
CVE-2026-31532 high 7.8 7.8 FIX rhel slesdebian debian google 17d ago In the Linux kernel, the following vulnerability has been resolved: can: raw: fix ro->uniq use-after-free in raw_rcv() raw_release() unregisters raw CAN receive filters via can_rx_unregister(), but…
CVE-2026-23401 high 8.0 FIX rhel slesdebian debian google 17d ago In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE When installing an emulated MMIO SPTE, do so *after*…
CVE-2026-23204 high 7.1 7.1 FIX rocky rhel sles 17d ago Moderate: kernel security update
CVE-2026-22990 high 8.0 FIX rhel slesdebian debian 17d ago In the Linux kernel, the following vulnerability has been resolved: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() If the osdmap is (maliciously) corrupted such that the incremen…
CVE-2026-22984 high 8.0 FIX rhel slesdebian debian 17d ago In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in handle_auth_done() Perform an explicit bounds check on payload_len to avoid a p…
CVE-2025-71116 high 8.0 FIX rhel slesdebian debian 17d ago In the Linux kernel, the following vulnerability has been resolved: libceph: make decode_pool() more resilient against corrupted osdmaps If the osdmap is (maliciously) corrupted such that the encod…
CVE-2025-68741 high 8.0 FIX rhel slesdebian debian 17d ago Important: kernel security update
CVE-2025-39766 high 7.8 7.8 FIX rhel slesdebian debian 17d ago Important: kernel security update
CVE-2026-7323 high 7.3 7.3 FIX rheldebian debianalmalinux almalinux mozilla 18d ago Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have…
CVE-2026-7322 high 7.3 7.3 FIX rheldebian debianalmalinux almalinux mozilla 18d ago Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have…
CVE-2026-7321 critical 9.6 9.6 FIX rheldebian debianalmalinux almalinux mozilla 18d ago RHSA-2026:20586: thunderbird security update (Important)
CVE-2026-7320 high 7.5 7.5 FIX rheldebian debianalmalinux almalinux mozilla 18d ago Information disclosure due to incorrect boundary conditions in the Audio/Video component. This vulnerability was fixed in Firefox 150.0.1, Firefox ESR 140.10.1, Firefox ESR 115.35.1, Thunderbird 150.…
CVE-2026-5713 high 8.0 FIX rhel slesdebian debian 18d ago Important: python3.14 security update
CVE-2026-4892 high 8.4 8.4 FIX rheldebian debian sles 18d ago RHSA-2026:20589: dnsmasq security update (Important)
CVE-2026-4890 high 7.5 7.5 FIX rheldebian debian sles 18d ago RHSA-2026:20589: dnsmasq security update (Important)
CVE-2026-4519 high 8.0 FIX rocky rheldebian debian 18d ago Important: python3.12 security update
CVE-2026-4224 high 7.5 7.5 FIX rhel slesdebian debian python 18d ago Important: python3.12 security update
CVE-2026-41035 high 7.8 7.8 FIX rhel slesdebian debian samba 18d ago Important: rsync security update
CVE-2026-39373 low 2.5 FIX rhel slesdebian debian 18d ago Low: python-jwcrypto security update
CVE-2026-3644 high 7.5 7.5 FIX rhel slesdebian debian python 18d ago Important: python3.12 security update
CVE-2026-33984 high 8.0 FIX rheldebian debian sles 18d ago RHSA-2026:8945: freerdp security update (Important)
CVE-2026-33983 high 8.0 FIX rheldebian debian sles 18d ago RHSA-2026:8945: freerdp security update (Important)
CVE-2026-33810 high 8.0 FIX rheldebian debian sles 18d ago When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. This only affe…
CVE-2026-32281 high 8.0 FIX rheldebian debian sles google 18d ago Inefficient policy validation in crypto/x509
CVE-2026-31790 high 7.5 7.5 FIX rhel slesdebian debian opensslgoogle 18d ago Moderate: openssl security update
CVE-2026-3085 high 8.0 FIX rheldebian debian rocky 18d ago GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Int…
CVE-2026-3083 high 8.0 FIX rheldebian debian rocky 18d ago GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interactio…
CVE-2026-3082 high 8.0 FIX rheldebian debian rocky 18d ago RHSA-2026:6750: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good security update (Important)
CVE-2026-2923 high 8.0 FIX rheldebian debian rocky 18d ago RHSA-2026:6750: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good security update (Important)
CVE-2026-2922 high 8.0 FIX rheldebian debian rocky 18d ago Important: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update
CVE-2026-2921 high 8.0 FIX rheldebian debian rocky 18d ago RHSA-2026:6750: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good security update (Important)
CVE-2026-2920 high 8.0 FIX rheldebian debian rocky 18d ago RHSA-2026:6750: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good security update (Important)
CVE-2026-28871 high 8.0 FIX rhel slesdebian debian 18d ago A logic issue was addressed with improved checks. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4. Visiting a maliciously crafted website …
CVE-2026-28859 high 8.0 FIX rhel slesdebian debian 18d ago The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. A malicious website may …
CVE-2026-28857 high 8.0 FIX rhel slesdebian debian 18d ago The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may le…
CVE-2026-27137 high 8.0 FIX rheldebian debian sles 18d ago Incorrect enforcement of email constraints in crypto/x509
CVE-2026-24842 high 8.0 FIX rhel slesdebian debian 18d ago Important: linux-sgx security update
CVE-2026-23950 high 8.0 FIX rheldebian debian 18d ago Important: linux-sgx security update
CVE-2026-23745 high 8.0 FIX rhel slesdebian debian 18d ago Important: linux-sgx security update
CVE-2026-23243 high 7.8 7.8 FIX rhel slesdebian debian 18d ago In the Linux kernel, the following vulnerability has been resolved: RDMA/umad: Reject negative data_len in ib_umad_write ib_umad_write computes data_len from user-controlled count and the MAD heade…
CVE-2026-23060 high 8.0 FIX rhel slesdebian debian 18d ago Important: kernel security update
CVE-2026-2297 high 8.0 FIX rhel slesdebian debian 18d ago Important: python3.12 security update
CVE-2026-2291 high 7.3 7.3 FIX rheldebian debian sles 18d ago RHSA-2026:20589: dnsmasq security update (Important)
CVE-2026-20691 high 8.0 FIX rhel slesdebian debian 18d ago An authorization issue was addressed with improved state management. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. A maliciously crafted…
CVE-2026-20676 high 8.0 FIX rhel slesdebian debian 18d ago This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A website may be able to track users through…
CVE-2026-20665 high 8.0 FIX rhel slesdebian debian 18d ago This issue was addressed through improved state management. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, wat…
CVE-2026-20664 high 8.0 FIX rhel slesdebian debian 18d ago The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may le…
CVE-2026-20652 high 8.0 FIX rhel slesdebian debian 18d ago The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A remote attacker m…
CVE-2026-20644 high 8.0 FIX rhel slesdebian debian 18d ago The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciou…
CVE-2026-20643 high 8.0 FIX rhel slesdebian debian 18d ago A cross-origin issue in the Navigation API was addressed with improved input validation. This issue is fixed in Background Security Improvements for iOS, iPadOS, and macOS, Safari 26.4, iOS 18.7.7 an…
CVE-2026-20636 high 8.0 FIX rhel slesdebian debian 18d ago The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web content may le…
CVE-2026-20635 high 8.0 FIX rhel slesdebian debian 18d ago The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS …