VIR Vulnerability Intelligence Relay

Search

Found 725 results in 419ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-5419 low 3.7 3.7 FIX debian debian sles rhel 2d ago RHSA-2026:20612: gnutls security update (Important)
CVE-2026-4408 critical 9.0 9.0 FIX slesdebian debian rhel 7d ago A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is config…
CVE-2026-8959 critical 9.6 9.6 FIX rheldebian debian sles mozilla 8d ago Important: thunderbird security update
CVE-2026-8956 critical 9.8 9.8 FIX rheldebian debian sles mozilla 8d ago Important: thunderbird security update
CVE-2026-8953 critical 9.6 9.6 FIX rheldebian debian sles mozilla 8d ago Important: thunderbird security update
CVE-2026-8950 critical 9.3 9.3 FIX rheldebian debian sles mozilla 8d ago Important: thunderbird security update
CVE-2026-8401 critical 9.8 9.8 FIX rheldebian debian sles mozilla 8d ago Important: thunderbird security update
CVE-2026-4480 critical 9.0 9.0 FIX slesdebian debian rhel redhatsamba 9d ago A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution charac…
CVE-2026-8094 critical 9.8 9.8 FIX rheldebian debian sles mozilla 9d ago RHSA-2026:20566: firefox security update (Important)
CVE-2026-2332 critical 9.1 9.1 FIX rheldebian debian sles eclipse 9d ago Jetty has HTTP Request Smuggling via Chunked Extension Quoted-String Parsing
CVE-2026-31607 critical 9.8 9.8 FIX rhel slesdebian debian 15d ago In the Linux kernel, the following vulnerability has been resolved: usbip: validate number_of_packets in usbip_pack_ret_submit() When a USB/IP client receives a RET_SUBMIT response, usbip_pack_ret_…
CVE-2026-7321 critical 9.6 9.6 FIX rheldebian debianalmalinux almalinux mozilla 16d ago RHSA-2026:20586: thunderbird security update (Important)
CVE-2026-39373 low 2.5 FIX rhel slesdebian debian 16d ago Low: python-jwcrypto security update
CVE-2026-0968 low 3.1 3.1 FIX rheldebian debian sles libssh 16d ago Moderate: libssh security update
CVE-2026-0965 low 3.3 3.3 FIX rheldebian debian sles libssh 16d ago Moderate: libssh security update
CVE-2025-9615 low 3.3 3.3 FIX rhel slesdebian debian 16d ago Low: NetworkManager security update
CVE-2025-8277 low 3.1 3.1 FIX rheldebian debian sles 16d ago Moderate: libssh security update
CVE-2025-68121 critical 10.0 10.0 FIX rocky rheldebian debian golanggoogle 16d ago RHSA-2026:22714: osbuild-composer security update (Important)
CVE-2025-55754 critical 9.6 9.6 FIX rhel slesdebian debian apache 16d ago Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. Tomcat did not escape ANSI escape sequences in log messages. If Tomcat was running in a console on a Win…
CVE-2025-4878 low 3.6 3.6 FIX rheldebian debian sles 16d ago Moderate: libssh security update
CVE-2026-28780 critical 9.8 9.8 FIX debian debian rhel sles apache 29d ago Heap-based Buffer Overflow vulnerability in mod_proxy_ajp of Apache HTTP Server. If mod_proxy_ajp connects to a malicious AJP server this AJP server can send a malicious AJP message back to mod_proxy…
CVE-2026-31402 critical 9.8 9.8 FIX rhel sles rocky 1mo ago In the Linux kernel, the following vulnerability has been resolved: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache The NFSv4.0 replay cache uses a fixed 112-byte inline buffer (rp_ibuf[NFSD4_…
CVE-2026-3832 low 3.7 3.7 FIX debian debian rhel gnuredhat 1mo ago RHSA-2026:20612: gnutls security update (Important)
CVE-2026-4800 critical 9.8 9.8 FIX rheldebian debian rocky lodash 1mo ago Important: pcs security update
CVE-2026-31685 critical 9.4 9.4 FIX sles rheldebian debian 1mo ago In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6t_eui64: reject invalid MAC header for all packets `eui64_mt6()` derives a modified EUI-64 from the Ethernet source…
CVE-2026-4631 critical 10.0 EXPFIX rheldebian debian sles 2mo ago Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit…
CVE-2026-23455 critical 9.1 9.1 FIX sles rheldebian debian 2mo ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() In DecodeQ931(), the UserUserIE code path reads a 16-bit leng…
CVE-2026-4698 critical 9.8 9.8 FIX rocky rheldebian debian mozilla 2mo ago JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-2786 critical 9.8 9.8 FIX rocky rheldebian debian mozilla 3mo ago Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-1709 critical 9.5 FIX rhel sles rocky 4mo ago Critical: keylime security update
CVE-2025-47151 critical 9.5 FIX rocky rheldebian debian 7mo ago RHSA-2025:21628: lasso security update (Critical)
CVE-2024-56433 low 2.5 rhel rockydebian debian 7mo ago Low: shadow-utils security update
CVE-2025-61748 low 3.7 3.7 FIX rhel slesdebian debian oracle 8mo ago RHSA-2025:18824: java-21-openjdk security update (Moderate)
CVE-2025-22871 critical 9.1 9.1 FIX rhel rockydebian debian 10mo ago Moderate: git-lfs security update
CVE-2022-29458 low 2.5 FIX rhel sles rocky 10mo ago ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.
CVE-2025-8283 low 3.7 3.7 FIX slesdebian debian rhel redhat 10mo ago A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AA…
CVE-2025-49796 critical 9.1 9.1 FIX arch arch rhel rocky 11mo ago A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input f…
CVE-2025-49794 critical 9.1 9.1 FIX arch arch rhel rocky 11mo ago A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the <sch:name path="..."/> schema elements. …
CVE-2025-6170 low 2.5 2.5 FIX arch arch slesdebian debian redhatxmlsoft 1y ago A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, …
CVE-2024-50044 low 3.3 3.3 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change rfcomm_sk_state_change attempts to use sock_lock so it must ne…
CVE-2024-47685 critical 9.1 9.1 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() syzbot reported that nf_reject_ip6_tcphdr_put() was possibly sending ga…
CVE-2023-4752 low 2.5 FIX rhel sles rocky 1y ago Use After Free in GitHub repository vim/vim prior to 9.0.1858.
CVE-2022-45063 low 2.5 FIX rhel sles rocky 1y ago Low: xterm security update
CVE-2024-38564 low 2.5 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE bpf_prog_attach uses attach_type_to_prog_type to enf…
CVE-2024-7592 low 2.5 FIX rhel sles rocky 2y ago There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard library module. When parsing cookies that contained backslashes for quoted characters in the cookie…
CVE-2024-27043 low 2.5 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: media: edia: dvbdev: fix a use-after-free In dvb_register_device, *pdvbdev is set equal to dvbdev, which is freed in several erro…
CVE-2018-12699 low 2.5 FIX debian debian sles rocky 2y ago RHSA-2024:9689: binutils security update (Low)
CVE-2024-6501 low 2.5 FIX rhel slesdebian debian 2y ago Low: NetworkManager security update
CVE-2024-6126 low 2.5 FIX rheldebian debian sles 2y ago A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pam_env's user_readenv option, which leads to a denial of service (DoS) attack.
CVE-2024-5742 low 2.5 FIX rhel rocky sles 2y ago RHSA-2024:6986: nano security update (Low)
CVE-2024-5535 critical 9.1 9.1 FIX rhel rocky sles 2y ago RHSA-2025:1673: mysql:8.0 security update (Important)
CVE-2024-4741 low 2.5 FIX rhel sles rocky 2y ago Low: openssl security update
CVE-2024-4603 low 2.5 FIX rhel sles rocky 2y ago Low: openssl security update
CVE-2024-38612 critical 9.8 9.8 FIX rhel slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix invalid unregister error path The error path of seg6_init() is wrong in case CONFIG_IPV6_SEG6_LWTUNNEL is not defin…
CVE-2024-29039 low 2.5 FIX rhel sles rocky 2y ago Low: tpm2-tools security update
CVE-2024-29038 low 2.5 FIX rhel sles rocky 2y ago Low: tpm2-tools security update
CVE-2024-26461 low 2.5 rhel sles rocky 2y ago RHSA-2024:3268: krb5 security update (Low)
CVE-2024-26458 low 2.5 rhel rocky sles 2y ago RHSA-2024:3268: krb5 security update (Low)
CVE-2024-2314 low 2.5 FIX rheldebian debian rocky 2y ago RHSA-2024:8831: bcc security update (Low)
CVE-2024-2313 low 2.5 FIX rheldebian debian rocky 2y ago RHSA-2024:8830: bpftrace security update (Low)
CVE-2021-3903 low 2.5 FIX rhelarch arch sles 2y ago vim is vulnerable to Heap-based Buffer Overflow
CVE-2024-36387 low 2.5 FIX debian debian rhel sles 2y ago Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance.
CVE-2024-47175 low 3.5 EXPFIX rhel rockydebian debian 2y ago Low: cups security update
CVE-2024-45492 critical 9.8 9.8 FIX rhel rockydebian debian libexpat_project 2y ago RHSA-2024:6989: expat security update (Moderate)
CVE-2024-45491 critical 9.8 9.8 FIX rhel rockydebian debian libexpat_project 2y ago RHSA-2024:8859: xmlrpc-c security update (Moderate)
CVE-2024-37371 critical 9.1 9.1 FIX rhelarch arch rocky mit 2y ago RHSA-2025:1673: mysql:8.0 security update (Important)
CVE-2024-35845 critical 9.1 9.1 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: dbg-tlv: ensure NUL termination The iwl_fw_ini_debug_info_tlv is used as a string, so we must ensure the string is…
CVE-2024-3596 critical 9.0 9.0 FIX rhel rockydebian debian freeradiusbroadcom 2y ago RHSA-2024:8860: krb5 security update (Important)
CVE-2024-4418 low 2.5 FIX rhel rocky sles 2y ago RHSA-2024:4351: virt:rhel and virt-devel:rhel security and bug fix update (Low)
CVE-2024-35960 critical 9.1 9.1 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Properly link new fs rules into the tree Previously, add_rule_fg would only add newly created rules from the handle int…
CVE-2023-2953 low 2.5 FIX rocky slesdebian debian 2y ago RHSA-2024:4264: openldap security update (Low)
CVE-2024-5629 low 2.5 FIX rocky slesdebian debian 2y ago RHSA-2025:8419: python36:3.6 security update (Low)
CVE-2020-21710 low 2.5 FIX slesdebian debian rocky 2y ago RHSA-2024:2966: ghostscript security update (Low)
CVE-2024-35176 low 2.5 FIX rocky slesdebian debian 2y ago RHSA-2024:5338: pcs security update (Low)
CVE-2024-25629 low 2.5 FIX rheldebian debian rocky 2y ago RHSA-2024:4249: c-ares security update (Low)
CVE-2023-6918 low 2.5 FIX rhel rocky sles 2y ago RHSA-2024:3233: libssh security update (Low)
CVE-2023-6004 low 2.5 FIX rhel rocky sles 2y ago RHSA-2024:3233: libssh security update (Low)
CVE-2023-52620 low 2.5 2.5 FIX rhel rocky sles 2y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow timeout for anonymous sets Never used from userspace, disallow these parameters.
CVE-2023-3817 low 2.5 FIX rocky rhel sles 2y ago RHSA-2023:7877: openssl security update (Low)
CVE-2023-3446 low 2.5 FIX rocky rhel sles 2y ago RHSA-2024:0888: edk2 security update (Low)
CVE-2023-32636 low 2.5 FIX rhel slesdebian debian 2y ago Low: mingw-glib2 security update
CVE-2023-2975 low 2.5 FIX rhel slesdebian debian 2y ago Low: openssl and openssl-fips-provider security update
CVE-2023-1729 low 2.5 FIX rhel slesdebian debian 2y ago Low: LibRaw security update
CVE-2022-48554 low 2.5 FIX rheldebian debian rocky 2y ago File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: "File" is the name of an Open Source project.
CVE-2024-3864 low 2.5 FIX rhel rockydebian debian 2y ago Memory safety bug present in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited…
CVE-2024-3861 low 2.5 FIX rhel rockydebian debian 2y ago If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free. This vulnerability affects Firefox < 125, Firefox ESR < 11…
CVE-2024-3859 low 2.5 FIX rhel rockydebian debian 2y ago On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font. This vulnerability affects Firefox < 125, Firefox E…
CVE-2024-3857 low 2.5 FIX rhel rockydebian debian 2y ago The JIT created incorrect code for arguments in certain cases. This led to potential use-after-free crashes during garbage collection. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, …
CVE-2024-3854 low 2.5 FIX rhel rockydebian debian 2y ago In some code patterns the JIT incorrectly optimized switch statements and generated code with out-of-bounds-reads. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 11…
CVE-2024-3852 low 2.5 FIX rhel rockydebian debian 2y ago GetBoundName could return the wrong version of an object when JIT optimizations were applied. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.
CVE-2024-3302 low 2.5 FIX rhel rockydebian debian 2y ago There was no limit to the number of HTTP/2 CONTINUATION frames that would be processed. A server could abuse this to create an Out of Memory condition in the browser. This vulnerability affects Firef…
CVE-2024-2609 low 2.5 FIX rhel rockydebian debian 2y ago The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This vulnerability affects Firefox < 124, Firefox ESR …
CVE-2024-29944 critical 9.5 FIX rhel rockydebian debian 2y ago An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process. Note: This vulnerability affects Desktop Firefox only, …
CVE-2024-2616 critical 9.5 FIX rhel rockydebian debian 2y ago RHSA-2024:1484: firefox security update (Critical)
CVE-2023-3674 low 2.5 FIX rhel rockyalmalinux almalinux 2y ago Low: keylime security update
CVE-2024-2408 low 2.5 FIX rocky slesdebian debian 3y ago RHSA-2023:7877: openssl security update (Low)
CVE-2023-4641 low 2.5 FIX rhel slesdebian debian 3y ago RHSA-2023:7112: shadow-utils security and bug fix update (Low)
CVE-2023-4016 low 2.5 FIX rhel rocky sles 3y ago RHSA-2023:7187: procps-ng security update (Low)
CVE-2023-32665 low 2.5 FIX rhel slesdebian debian 3y ago Low: glib2 security and bug fix update
CVE-2023-32611 low 2.5 FIX rhel slesdebian debian 3y ago Low: glib2 security and bug fix update