VIR Vulnerability Intelligence Relay

Search

Found 5,504 results in 883ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-35177 medium 5.5 FIX slesdebian debian rhel 1d ago RHSA-2026:22717: vim security update (Moderate)
CVE-2026-5419 low 3.7 3.7 FIX debian debian sles rhel 2d ago RHSA-2026:20612: gnutls security update (Important)
CVE-2026-1933 medium 6.5 6.5 FIX slesdebian debian rhel redhatsamba 8d ago A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem wri…
CVE-2026-2340 medium 6.5 6.5 FIX slesdebian debian rhel redhatsamba 8d ago A flaw was found in Samba’s vfs_worm module. The module is intended to provide write-once, read-many (WORM) protections by preventing modification of files after a configurable grace period. Due to i…
CVE-2026-8961 medium 6.5 6.5 FIX rheldebian debian sles mozilla 8d ago Important: thunderbird security update
CVE-2026-8391 medium 5.3 5.3 FIX rheldebian debianalmalinux almalinux mozilla 8d ago Important: thunderbird security update
CVE-2026-8388 medium 6.5 6.5 FIX rheldebian debianalmalinux almalinux mozilla 8d ago Important: thunderbird security update
CVE-2026-42015 medium 5.3 5.3 FIX debian debian sles rhel 8d ago RHSA-2026:20612: gnutls security update (Important)
CVE-2026-4438 medium 5.5 FIX rheldebian debian sles google 9d ago Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS host…
CVE-2026-4437 medium 5.5 FIX rheldebian debian sles google 9d ago Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from…
CVE-2026-4046 medium 5.5 FIX rheldebian debian sles google 9d ago RHSA-2026:20587: glibc security update (Moderate)
CVE-2026-40386 medium 5.5 FIX debian debian sles rhel 9d ago Moderate: libexif security update
CVE-2026-40385 medium 5.5 FIX debian debian sles rhel 9d ago Moderate: libexif security update
CVE-2026-9149 medium 6.5 6.5 FIX debian debian sleswindows windows opensuseredhat 14d ago A flaw was found in libsolv. This heap buffer overflow vulnerability occurs when a victim processes a specially crafted `.solv` file containing negative size values in the `repo_add_solv` function. T…
CVE-2026-9150 medium 6.5 6.5 FIX debian debian sleswindows windows opensuseredhat 14d ago A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could …
CVE-2026-43163 medium 4.7 4.7 FIX rhel slesdebian debian 15d ago In the Linux kernel, the following vulnerability has been resolved: md/bitmap: fix GPF in write_page caused by resize race A General Protection Fault occurs in write_page() during array resize: RIP…
CVE-2026-4893 medium 5.3 5.3 FIX rheldebian debian sles 16d ago RHSA-2026:20589: dnsmasq security update (Important)
CVE-2026-4891 medium 5.3 5.3 FIX rheldebian debian sles 16d ago RHSA-2026:20589: dnsmasq security update (Important)
CVE-2026-40356 medium 5.9 5.9 FIX rheldebian debian sles 16d ago RHSA-2026:16799: krb5 security update (Important)
CVE-2026-40355 medium 5.9 5.9 FIX rheldebian debian sles 16d ago RHSA-2026:16799: krb5 security update (Important)
CVE-2026-39373 low 2.5 FIX rhel slesdebian debian 16d ago Low: python-jwcrypto security update
CVE-2026-34000 medium 6.1 6.1 FIX rhel slesdebian debian x.org 16d ago A flaw was found in the X.Org X server. This out-of-bounds read vulnerability in the XKB geometry processing, specifically within the `CheckSetGeom()` and `XkbAddGeomKeyAlias` functions, allows an at…
CVE-2026-32710 medium 5.5 FIX rhel slesdebian debian 16d ago MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before 11.4.10 and 11.8 before 11.8.6 via a bug in JSON_SCHEMA_VALID() function. Un…
CVE-2026-31677 medium 5.5 5.5 FIX rhel slesdebian debian google 16d ago In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - limit RX SG extraction by receive buffer budget Make af_alg_get_rsgl() limit each RX scatterlist extraction to t…
CVE-2026-30892 medium 5.5 FIX rheldebian debian rocky 16d ago Moderate: crun security update
CVE-2026-23868 medium 5.1 5.1 FIX rheldebian debian sles giflib_project 16d ago Giflib contains a double-free vulnerability that is the result of a shallow copy in GifMakeSavedImage and incorrect error handling. The conditions needed to trigger this vulnerability are difficult b…
CVE-2026-23040 medium 5.5 FIX rhel slesdebian debian 16d ago In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211_hwsim: fix typo in frequency notification The NAN notification is for 5745 MHz which corresponds to channel 149 an…
CVE-2026-0968 low 3.1 3.1 FIX rheldebian debian sles libssh 16d ago Moderate: libssh security update
CVE-2026-0967 medium 5.5 5.5 FIX rheldebian debian sles libssh 16d ago Moderate: libssh security update
CVE-2026-0965 low 3.3 3.3 FIX rheldebian debian sles libssh 16d ago Moderate: libssh security update
CVE-2026-0964 medium 6.3 6.3 FIX rheldebian debian sles libsshredhat 16d ago Moderate: libssh security update
CVE-2026-0865 medium 5.5 FIX rocky rheldebian debian 16d ago User-controlled header names and values containing newlines can allow injecting HTTP headers.
CVE-2025-9615 low 3.3 3.3 FIX rhel slesdebian debian 16d ago Low: NetworkManager security update
CVE-2025-8277 low 3.1 3.1 FIX rheldebian debian sles 16d ago Moderate: libssh security update
CVE-2025-8114 medium 4.7 4.7 FIX rheldebian debian sles libssh 16d ago Moderate: libssh security update
CVE-2025-5351 medium 6.5 6.5 FIX rheldebian debian sles libsshredhat 16d ago Moderate: libssh security update
CVE-2025-4878 low 3.6 3.6 FIX rheldebian debian sles 16d ago Moderate: libssh security update
CVE-2025-4877 medium 4.5 4.5 FIX rheldebian debian sles 16d ago Moderate: libssh security update
CVE-2025-40134 medium 5.5 FIX rhel slesdebian debian 16d ago In the Linux kernel, the following vulnerability has been resolved: dm: fix NULL pointer dereference in __dm_suspend() There is a race condition between dm device suspend and table load that can le…
CVE-2025-38470 medium 5.5 5.5 FIX rhel slesdebian debian 16d ago In the Linux kernel, the following vulnerability has been resolved: net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime Assuming the "rx-vlan-filter" feature is enabled on…
CVE-2025-38441 medium 5.5 FIX rhel slesdebian debian 16d ago In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() syzbot found a potential access to uninit-value in nf_…
CVE-2025-38405 medium 5.5 FIX rhel slesdebian debian 16d ago In the Linux kernel, the following vulnerability has been resolved: nvmet: fix memory leak of bio integrity If nvmet receives commands with metadata there is a continuous memory leak of kmalloc-128…
CVE-2025-38400 medium 5.5 5.5 FIX rhel slesdebian debian 16d ago In the Linux kernel, the following vulnerability has been resolved: nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails. syzbot reported a warning below [1] following a fault injectio…
CVE-2025-38279 medium 5.5 FIX rhel slesdebian debian 16d ago In the Linux kernel, the following vulnerability has been resolved: bpf: Do not include stack ptr register in precision backtracking bookkeeping Yi Lai reported an issue ([1]) where the following w…
CVE-2025-38166 medium 5.5 FIX rhel slesdebian debian 16d ago In the Linux kernel, the following vulnerability has been resolved: bpf: fix ktls panic with sockmap [ 2172.936997] ------------[ cut here ]------------ [ 2172.936999] kernel BUG at lib/iov_iter.c:…
CVE-2025-38097 medium 5.5 FIX rhel slesdebian debian 16d ago In the Linux kernel, the following vulnerability has been resolved: espintcp: remove encap socket caching to avoid reference leak The current scheme for caching the encap socket can lead to referen…
CVE-2025-38015 medium 5.5 FIX rhel slesdebian debian 16d ago In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix memory leak in error handling path of idxd_alloc Memory allocated for idxd is not freed if an error occurs d…
CVE-2025-37980 medium 5.5 FIX rhel slesdebian debian google 16d ago In the Linux kernel, the following vulnerability has been resolved: block: fix resource leak in blk_register_queue() error path When registering a queue fails after blk_mq_sysfs_register() is succe…
CVE-2025-22105 medium 5.5 5.5 FIX rhel slesdebian debian 16d ago In the Linux kernel, the following vulnerability has been resolved: bonding: check xdp prog when set bond mode Following operations can trigger a warning[1]: ip netns add ns1 ip netns exec…
CVE-2025-13465 medium 5.3 5.3 FIX rhel sles rocky lodash 16d ago Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the _.unset and _.omit functions. An attacker can pass crafted paths which cause Lodash to delete methods from global pr…
CVE-2025-12748 medium 5.5 5.5 FIX rhel slesdebian debian 16d ago Moderate: libvirt security update
CVE-2025-11568 medium 4.4 4.4 FIX rocky rheldebian debian 16d ago RHSA-2025:23086: luksmeta security update (Moderate)
CVE-2025-11411 medium 5.5 FIX rhel slesdebian debian 16d ago Moderate: unbound security update
CVE-2024-33655 medium 5.5 FIX rhel slesdebian debian 16d ago Moderate: unbound security update
CVE-2024-12086 medium 6.8 6.8 FIX arch arch rhel sles sambaredhat 16d ago Important: rsync security update
CVE-2026-33416 medium 5.5 FIX rheldebian debian sles 17d ago Moderate: libpng security update
CVE-2026-33985 medium 5.5 FIX rheldebian debian sles 22d ago Moderate: freerdp security update
CVE-2026-31885 medium 5.5 FIX rheldebian debian sles 22d ago Moderate: freerdp security update
CVE-2026-31884 medium 5.5 FIX rheldebian debian sles 22d ago Moderate: freerdp security update
CVE-2026-31883 medium 5.5 FIX rheldebian debian sles 22d ago Moderate: freerdp security update
CVE-2026-29775 medium 5.5 FIX rheldebian debian sles 22d ago Moderate: freerdp security update
CVE-2026-27951 medium 5.5 FIX rheldebian debian sles 22d ago Moderate: freerdp security update
CVE-2026-26986 medium 5.5 FIX rheldebian debian sles 22d ago Moderate: freerdp security update
CVE-2026-25952 medium 5.5 FIX rheldebian debian sles 22d ago Moderate: freerdp security update
CVE-2026-6735 medium 6.1 6.1 FIX slesdebian debianwindows windows php 25d ago Important: php:8.2 security update
CVE-2026-5119 medium 5.9 5.9 FIX rheldebian debian sles gnome 29d ago A flaw was found in libsoup. When establishing HTTPS tunnels through a configured HTTP proxy, sensitive session cookies are transmitted in cleartext within the initial HTTP CONNECT request. A network…
CVE-2026-34002 medium 6.1 6.1 FIX sles rheldebian debian x.org 29d ago A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB (X Keyboard Extension) modifier map handling. An attacker with access to the X11 server can exploit …
CVE-2026-35536 medium 5.5 FIX rhel sles rocky 1mo ago Moderate: python-tornado security update
CVE-2026-31958 medium 5.5 FIX rhel sles rocky 1mo ago Moderate: python-tornado security update
CVE-2026-29111 medium 5.5 FIX rhel slesdebian debian 1mo ago Moderate: systemd security update
CVE-2026-33007 medium 5.3 5.3 FIX debian debian rhel sles apache 1mo ago A NULL pointer dereference in the mod_authn_socache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward proxy configuration. …
CVE-2026-34032 medium 5.3 5.3 FIX debian debian rhel sles apache 1mo ago Improper Null Termination, Out-of-bounds Read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which f…
CVE-2026-33857 medium 5.3 5.3 FIX debian debian rhel sles apache 1mo ago Out-of-bounds Read vulnerability in mod_proxy_ajp of Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the…
CVE-2026-43077 medium 5.5 5.5 FIX rhel sles rocky 1mo ago In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Fix minimum RX size check for decryption The check for the minimum receive buffer size did not take the tag …
CVE-2026-3832 low 3.7 3.7 FIX debian debian rhel gnuredhat 1mo ago RHSA-2026:20612: gnutls security update (Important)
CVE-2026-3833 medium 6.5 6.5 FIX debian debian sles rhel gnuredhat 1mo ago RHSA-2026:20612: gnutls security update (Important)
CVE-2026-31684 medium 5.5 5.5 FIX sles rheldebian debian 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: sched: act_csum: validate nested VLAN headers tcf_csum_act() walks nested VLAN headers directly from skb->data when an skb s…
CVE-2026-23865 medium 5.3 5.3 FIX rheldebian debian sles freetype 1mo ago RHSA-2026:9689: java-21-openjdk security update (Important)
CVE-2026-2708 medium 5.3 5.3 debian debian sles rhel gnome 1mo ago A request smuggling vulnerability exists in libsoup's HTTP/1 header parsing logic. The soup_message_headers_append_common() function in libsoup/soup-message-headers.c unconditionally appends each hea…
CVE-2026-6845 medium 5.0 5.0 debian debian sles rhel gnuredhat 1mo ago A flaw was found in binutils, specifically within the `readelf` utility. This vulnerability allows a local attacker to cause a Denial of Service (DoS) by tricking a user into processing a specially c…
CVE-2026-6844 medium 5.5 5.5 debian debian sles rhel gnuredhat 1mo ago A flaw was found in the `readelf` utility of the binutils package. A local attacker could exploit two Denial of Service (DoS) vulnerabilities by providing a specially crafted Executable and Linkable …
CVE-2026-6843 medium 5.5 5.5 FIX debian debian rhel gnuredhat 1mo ago A flaw was found in nano. A local user could exploit a format string vulnerability in the `statusline()` function. By creating a directory with a name containing `printf` specifiers, the application …
CVE-2026-40919 medium 5.5 5.5 FIX debian debian rhel gimp 2mo ago A flaw was found in GIMP. This vulnerability, a buffer overflow in the `file-seattle-filmworks` plugin, can be exploited when a user opens a specially crafted Seattle Filmworks file. A remote attacke…
CVE-2026-40918 medium 5.5 5.5 FIX debian debian rhel gimp 2mo ago A flaw was found in GIMP. Processing a specially crafted PVR image file with large dimensions can lead to a denial of service (DoS). This occurs due to a stack-based buffer overflow and an out-of-bou…
CVE-2026-40916 medium 5.5 5.5 FIX debian debian rhel gimp 2mo ago A flaw was found in GIMP. A stack buffer overflow vulnerability in the TIM image loader's 4BPP decoding path allows a local user to cause a Denial of Service (DoS). By opening a specially crafted TIM…
CVE-2026-28421 medium 5.3 5.3 FIX rocky rhel sles 2mo ago Important: vim security update
CVE-2026-28417 medium 4.4 4.4 FIX rocky rhel sles 2mo ago Important: vim security update
CVE-2026-21717 medium 5.9 5.9 FIX rhel slesdebian debian 2mo ago RHSA-2026:7670: nodejs:24 security update (Important)
CVE-2026-21713 medium 5.9 5.9 FIX rhel slesdebian debian 2mo ago RHSA-2026:7670: nodejs:24 security update (Important)
CVE-2026-21712 medium 5.7 5.7 FIX rhel slesdebian debian 2mo ago RHSA-2026:7670: nodejs:24 security update (Important)
CVE-2026-5745 medium 5.5 5.5 debian debian sles rhel libarchiveredhat 2mo ago A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archive_acl_from_text_nl() function. When processing a malformed ACL …
CVE-2026-23210 medium 5.5 FIX rhel slesdebian debian 2mo ago In the Linux kernel, the following vulnerability has been resolved: ice: Fix PTP NULL pointer dereference during VSI rebuild Fix race condition where PTP periodic work runs while VSI is being rebui…
CVE-2025-71238 medium 5.5 FIX slesdebian debian rocky 2mo ago In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix bsg_done() causing double free Kernel panic observed on system, [5353358.825191] BUG: unable to handle page f…
CVE-2025-38109 medium 5.5 FIX rhel slesdebian debian 2mo ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix ECVF vports unload on shutdown flow Fix shutdown flow UAF when a virtual function is created on the embedded chip (…
CVE-2026-2625 medium 5.5 5.5 FIX rheldebian debian redhatsequoia-pgp 2mo ago A flaw was found in rust-rpm-sequoia. An attacker can exploit this vulnerability by providing a specially crafted Red Hat Package Manager (RPM) file. During the RPM signature verification process, th…
CVE-2025-10158 medium 5.5 FIX rocky rhel sles 2mo ago RHSA-2026:6436: rsync security update (Moderate)
CVE-2023-40403 medium 5.5 FIX rhel rocky sles 2mo ago RHSA-2025:8676: libxslt security update (Moderate)
CVE-2026-5164 medium 5.5 5.5 rhel redhat 2mo ago A flaw was found in virtio-win. The `RhelDoUnMap()` function does not properly validate the number of descriptors provided by a user during an unmap request. A local user could exploit this input val…
CVE-2026-23209 medium 5.5 FIX rocky rhel sles 2mo ago In the Linux kernel, the following vulnerability has been resolved: macvlan: fix error recovery in macvlan_common_newlink() valis provided a nice repro to crash the kernel: ip link add p1 type vet…
CVE-2026-23193 medium 5.5 FIX rhel sles rocky 2mo ago In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() In iscsit_dec_session_usage_count(), the function cal…