VIR Vulnerability Intelligence Relay

Search

Found 5,038 results in 630ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-5419 low 3.7 3.7 FIX debian debian sles rhel 3d ago A flaw was found in gnutls. The PKCS#7 padding check, performed during decryption, was not constant-time. This timing side-channel could allow a remote attacker to potentially leak sensitive informat…
CVE-2026-46243 high 7.8 7.8 FIX debian debian slesalmalinux almalinux 3d ago RHSA-2026:23259: kernel-rt security update (Important)
CVE-2026-34079 high 8.0 FIX debian debian sles rhel 8d ago Important: flatpak security update
CVE-2026-34078 high 8.0 FIX debian debian sles rhel 8d ago Important: flatpak security update
CVE-2026-23392 high 8.0 FIX sles rheldebian debian 8d ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: release flowtable after rcu grace period on error Call synchronize_rcu() after unregistering the hooks from…
CVE-2025-71089 high 8.0 FIX sles rheldebian debian 8d ago In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIG_X86 is set Patch series "Fix stale IOTLB entries for kernel address space", v7. This proposes a f…
CVE-2025-68366 high 8.0 FIX sles rheldebian debian 8d ago In the Linux kernel, the following vulnerability has been resolved: nbd: defer config unlock in nbd_genl_connect There is one use-after-free warning when running NBD_CMD_CONNECT and NBD_CLEAR_SOCK:…
CVE-2025-68347 high 8.0 FIX slesdebian debianalmalinux almalinux 8d ago In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events The DSP event handling code in hwdep_read() could write mor…
CVE-2025-68183 high 8.0 FIX sles rheldebian debian 8d ago In the Linux kernel, the following vulnerability has been resolved: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr Currently when both IMA and EVM are in fix mode, the IMA …
CVE-2025-38653 high 8.0 FIX rhel slesdebian debian 8d ago In the Linux kernel, the following vulnerability has been resolved: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al Check pde->proc_ops->proc_lseek directly may ca…
CVE-2026-3012 high 8.0 8.0 FIX slesdebian debian rhel 9d ago Important: samba security update
CVE-2026-8975 high 8.8 8.8 FIX rheldebian debian sles mozilla 9d ago Important: thunderbird security update
CVE-2026-8974 high 8.8 8.8 FIX rheldebian debian sles mozilla 9d ago Important: thunderbird security update
CVE-2026-8970 high 8.8 8.8 FIX rheldebian debian sles mozilla 9d ago Important: thunderbird security update
CVE-2026-8968 high 7.5 7.5 FIX rheldebian debian sles mozilla 9d ago Important: thunderbird security update
CVE-2026-8962 high 8.1 8.1 FIX rheldebian debian sles mozilla 9d ago Important: thunderbird security update
CVE-2026-8958 high 8.6 8.6 FIX rheldebian debian sles mozilla 9d ago Important: thunderbird security update
CVE-2026-8957 high 8.8 8.8 FIX rheldebian debian sles mozilla 9d ago Important: thunderbird security update
CVE-2026-8955 high 8.8 8.8 FIX rheldebian debian sles mozilla 9d ago Important: thunderbird security update
CVE-2026-8954 high 7.5 7.5 FIX rheldebian debian sles mozilla 9d ago Important: thunderbird security update
CVE-2026-8947 high 7.3 7.3 FIX rheldebian debian sles mozilla 9d ago Important: thunderbird security update
CVE-2026-8946 high 7.5 7.5 FIX rheldebian debian sles mozilla 9d ago Important: thunderbird security update
CVE-2026-42899 high 7.5 7.5 FIX rhelmacos macos linux-kernel microsoft 9d ago Important: .NET 9.0 security update
CVE-2026-34043 high 8.0 FIX rheldebian debianalmalinux almalinux 9d ago RHSA-2026:21291: .NET 8.0 security update (Important)
CVE-2026-42013 high 8.2 8.2 FIX debian debian sles rhel 9d ago RHSA-2026:20612: gnutls security update (Important)
CVE-2026-42012 high 7.1 7.1 FIX debian debian rhelwindows windows 9d ago RHSA-2026:20612: gnutls security update (Important)
CVE-2026-5260 high 8.2 8.2 FIX debian debian sles rhel 9d ago RHSA-2026:20612: gnutls security update (Important)
CVE-2026-48864 high 7.8 7.8 debian debian sles rhel opensuseredhat 9d ago A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker-controlled compressed data within `.solv` files due to insufficient input validation. An attacker ca…
CVE-2026-8092 high 8.1 8.1 FIX rheldebian debian sles mozilla 10d ago Memory safety bugs present in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of th…
CVE-2026-8090 high 7.3 7.3 FIX rheldebian debian sles mozilla 10d ago Use-after-free in the DOM: Networking component. This vulnerability was fixed in Firefox 150.0.2, Firefox ESR 140.10.2, Firefox ESR 115.35.2, Thunderbird 150.0.2, and Thunderbird 140.10.2.
CVE-2026-42014 high 8.0 FIX debian debian sles rhel 10d ago RHSA-2026:20612: gnutls security update (Important)
CVE-2026-5946 high 7.5 7.5 FIX debian debian sleswindows windows isc 16d ago RHSA-2026:23360: bind9.16 security update (Important)
CVE-2026-3039 high 7.5 7.5 FIX debian debian sleswindows windows isc 16d ago RHSA-2026:23360: bind9.16 security update (Important)
CVE-2026-9064 high 7.5 7.5 debian debian sles rhel redhat 16d ago A flaw was found in 389-ds-base. The get_ldapmessage_controls_ext() function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated a…
CVE-2026-46333 high 7.1 7.1 FIX rhel slesdebian debian google 16d ago In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - t…
CVE-2026-46300 high 7.8 8.8 EXPFIX rhel slesdebian debian aws 16d ago In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() can attach paged frags from @from to @to. If @from…
CVE-2026-43128 high 7.8 7.8 FIX rhel slesdebian debian 16d ago In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fix double dma_buf_unpin in failure path In ib_umem_dmabuf_get_pinned_with_dma_device(), the call to ib_umem_dmabuf_ma…
CVE-2026-37555 high 7.5 7.5 FIX rheldebian debian sles libsndfile_project 16d ago RHSA-2026:19559: libsndfile security update (Important)
CVE-2026-31532 high 7.8 7.8 FIX rhel slesdebian debian google 16d ago In the Linux kernel, the following vulnerability has been resolved: can: raw: fix ro->uniq use-after-free in raw_rcv() raw_release() unregisters raw CAN receive filters via can_rx_unregister(), but…
CVE-2026-23401 high 8.0 FIX rhel slesdebian debian google 16d ago In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE When installing an emulated MMIO SPTE, do so *after*…
CVE-2026-23204 high 7.1 7.1 FIX rocky rhel sles 16d ago Moderate: kernel security update
CVE-2026-22990 high 8.0 FIX rhel slesdebian debian 16d ago In the Linux kernel, the following vulnerability has been resolved: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() If the osdmap is (maliciously) corrupted such that the incremen…
CVE-2026-22984 high 8.0 FIX rhel slesdebian debian 16d ago In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in handle_auth_done() Perform an explicit bounds check on payload_len to avoid a p…
CVE-2025-71116 high 8.0 FIX rhel slesdebian debian 16d ago In the Linux kernel, the following vulnerability has been resolved: libceph: make decode_pool() more resilient against corrupted osdmaps If the osdmap is (maliciously) corrupted such that the encod…
CVE-2025-68741 high 8.0 FIX rhel slesdebian debian 16d ago Important: kernel security update
CVE-2025-39766 high 7.8 7.8 FIX rhel slesdebian debian 16d ago Important: kernel security update
CVE-2026-7323 high 7.3 7.3 FIX rheldebian debianalmalinux almalinux mozilla 17d ago Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have…
CVE-2026-7322 high 7.3 7.3 FIX rheldebian debianalmalinux almalinux mozilla 17d ago Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have…
CVE-2026-7320 high 7.5 7.5 FIX rheldebian debianalmalinux almalinux mozilla 17d ago Information disclosure due to incorrect boundary conditions in the Audio/Video component. This vulnerability was fixed in Firefox 150.0.1, Firefox ESR 140.10.1, Firefox ESR 115.35.1, Thunderbird 150.…
CVE-2026-5713 high 8.0 FIX rhel slesdebian debian 17d ago Important: python3.14 security update
CVE-2026-4892 high 8.4 8.4 FIX rheldebian debian sles 17d ago RHSA-2026:20589: dnsmasq security update (Important)
CVE-2026-4890 high 7.5 7.5 FIX rheldebian debian sles 17d ago RHSA-2026:20589: dnsmasq security update (Important)
CVE-2026-4519 high 8.0 FIX rocky rheldebian debian 17d ago Important: python3.12 security update
CVE-2026-4224 high 7.5 7.5 FIX rhel slesdebian debian python 17d ago Important: python3.12 security update
CVE-2026-41035 high 7.8 7.8 FIX rhel slesdebian debian samba 17d ago Important: rsync security update
CVE-2026-39373 low 2.5 FIX rhel slesdebian debian 17d ago Low: python-jwcrypto security update
CVE-2026-3644 high 7.5 7.5 FIX rhel slesdebian debian python 17d ago Important: python3.12 security update
CVE-2026-33984 high 8.0 FIX rheldebian debian sles 17d ago RHSA-2026:8945: freerdp security update (Important)
CVE-2026-33983 high 8.0 FIX rheldebian debian sles 17d ago RHSA-2026:8945: freerdp security update (Important)
CVE-2026-33810 high 8.0 FIX rheldebian debian sles 17d ago When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. This only affe…
CVE-2026-32281 high 8.0 FIX rheldebian debian sles google 17d ago Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This on…
CVE-2026-31790 high 7.5 7.5 FIX rhel slesdebian debian opensslgoogle 17d ago Moderate: openssl security update
CVE-2026-3085 high 8.0 FIX rheldebian debian rocky 17d ago GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Int…
CVE-2026-3083 high 8.0 FIX rheldebian debian rocky 17d ago GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interactio…
CVE-2026-3082 high 8.0 FIX rheldebian debian rocky 17d ago RHSA-2026:6750: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good security update (Important)
CVE-2026-2923 high 8.0 FIX rheldebian debian rocky 17d ago RHSA-2026:6750: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good security update (Important)
CVE-2026-2922 high 8.0 FIX rheldebian debian rocky 17d ago Important: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update
CVE-2026-2921 high 8.0 FIX rheldebian debian rocky 17d ago RHSA-2026:6750: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good security update (Important)
CVE-2026-2920 high 8.0 FIX rheldebian debian rocky 17d ago RHSA-2026:6750: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good security update (Important)
CVE-2026-28871 high 8.0 FIX rhel slesdebian debian 17d ago A logic issue was addressed with improved checks. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4. Visiting a maliciously crafted website …
CVE-2026-28859 high 8.0 FIX rhel slesdebian debian 17d ago The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. A malicious website may …
CVE-2026-28857 high 8.0 FIX rhel slesdebian debian 17d ago The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may le…
CVE-2026-27137 high 8.0 FIX rheldebian debian sles 17d ago RHSA-2026:23228: image-builder security update (Important)
CVE-2026-24842 high 8.0 FIX rhel slesdebian debian 17d ago Important: linux-sgx security update
CVE-2026-23950 high 8.0 FIX rheldebian debian 17d ago Important: linux-sgx security update
CVE-2026-23745 high 8.0 FIX rhel slesdebian debian 17d ago Important: linux-sgx security update
CVE-2026-23243 high 7.8 7.8 FIX rhel slesdebian debian 17d ago In the Linux kernel, the following vulnerability has been resolved: RDMA/umad: Reject negative data_len in ib_umad_write ib_umad_write computes data_len from user-controlled count and the MAD heade…
CVE-2026-23060 high 8.0 FIX rhel slesdebian debian 17d ago Important: kernel security update
CVE-2026-2297 high 8.0 FIX rhel slesdebian debian 17d ago Important: python3.12 security update
CVE-2026-2291 high 7.3 7.3 FIX rheldebian debian sles 17d ago RHSA-2026:20589: dnsmasq security update (Important)
CVE-2026-20691 high 8.0 FIX rhel slesdebian debian 17d ago An authorization issue was addressed with improved state management. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. A maliciously crafted…
CVE-2026-20676 high 8.0 FIX rhel slesdebian debian 17d ago This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A website may be able to track users through…
CVE-2026-20665 high 8.0 FIX rhel slesdebian debian 17d ago This issue was addressed through improved state management. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, wat…
CVE-2026-20664 high 8.0 FIX rhel slesdebian debian 17d ago The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may le…
CVE-2026-20652 high 8.0 FIX rhel slesdebian debian 17d ago The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A remote attacker m…
CVE-2026-20644 high 8.0 FIX rhel slesdebian debian 17d ago The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciou…
CVE-2026-20643 high 8.0 FIX rhel slesdebian debian 17d ago A cross-origin issue in the Navigation API was addressed with improved input validation. This issue is fixed in Background Security Improvements for iOS, iPadOS, and macOS, Safari 26.4, iOS 18.7.7 an…
CVE-2026-20636 high 8.0 FIX rhel slesdebian debian 17d ago The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web content may le…
CVE-2026-20635 high 8.0 FIX rhel slesdebian debian 17d ago The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS …
CVE-2026-20608 high 8.0 FIX rhel slesdebian debian 17d ago This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing mal…
CVE-2026-1502 high 8.0 FIX rhel slesdebian debian 17d ago Important: python3.12 security update
CVE-2026-0968 low 3.1 3.1 FIX rheldebian debian sles libssh 17d ago Moderate: libssh security update
CVE-2026-0966 high 8.2 8.2 FIX rheldebian debian sles libsshredhat 17d ago Moderate: libssh security update
CVE-2026-0965 low 3.3 3.3 FIX rheldebian debian sles libssh 17d ago Moderate: libssh security update
CVE-2026-0672 high 8.0 FIX rhel slesdebian debian 17d ago Important: python3.12 security update
CVE-2025-9615 low 3.3 3.3 FIX rhel slesdebian debian 17d ago Low: NetworkManager security update
CVE-2025-8277 low 3.1 3.1 FIX rheldebian debian sles 17d ago Moderate: libssh security update
CVE-2025-61726 high 8.0 FIX rocky rheldebian debian google 17d ago RHSA-2026:23228: image-builder security update (Important)
CVE-2025-55668 high 8.0 FIX rhel slesdebian debian 17d ago Session Fixation vulnerability in Apache Tomcat via rewrite valve. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105. Old…
CVE-2025-4878 low 3.6 3.6 FIX rheldebian debian sles 17d ago Moderate: libssh security update