VIR Vulnerability Intelligence Relay

Search

Found 43 results in 325ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2025-54518 unknown slesdebian debianwindows windows google 20d ago <p>This vulnerability was found and addressed by AMD. We are documenting it in the Security Update Guide to encourage customers to install the May 2026 version of Windows as soon as possible.</p> <p>…
CVE-2026-43487 unknown FIX slesdebian debian google 21d ago In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Disable LPM on ST1000DM010-2EP102 According to a user report, the ST1000DM010-2EP102 has problems with LPM, cau…
CVE-2026-43486 unknown FIX slesdebian debian google 21d ago In the Linux kernel, the following vulnerability has been resolved: arm64: contpte: fix set_access_flags() no-op check for SMMU/ATS faults contpte_ptep_set_access_flags() compared the gathered ptep…
CVE-2026-43482 unknown FIX slesdebian debian google 21d ago In the Linux kernel, the following vulnerability has been resolved: sched_ext: Disable preemption between scx_claim_exit() and kicking helper work scx_claim_exit() atomically sets exit_kind, which …
CVE-2026-5588 unknown debian debian sles google 2mo ago Bouncy Castle Crypto Package For Java: Use of a Broken or Risky Cryptographic Algorithm vulnerability in bcpkix modules
CVE-2026-34481 unknown FIX debian debian sles google 2mo ago Apache Log4j JSON Template Layout: Improper serialization of non-finite floating-point values in JsonTemplateLayout
CVE-2026-34480 unknown debian debian sles google 2mo ago Apache Log4j Core's XmlLayout https://logging.apache.org/log4j/2.x/manual/layouts.html#XmlLayout , in versions up to and including 2.25.3, fails to sanitize characters forbidden by the XML 1.0 spec…
CVE-2026-34478 unknown FIX debian debian sles google 2mo ago Apache Log4j Core: log injection in `Rfc5424Layout` due to silent configuration incompatibility
CVE-2026-34487 unknown FIX slesdebian debian google 2mo ago Insertion of Sensitive Information into Log File vulnerability in the cloud membership for clustering component of Apache Tomcat exposed the Kubernetes bearer token. This issue affects Apache Tomcat…
CVE-2026-29146 unknown FIX slesdebian debian google 2mo ago Padding Oracle vulnerability in Apache Tomcat's EncryptInterceptor with default configuration. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.0.0-M1 through 10.1.52, from …
CVE-2026-39883 unknown FIX debian debian google 2mo ago OpenTelemetry-Go is the Go implementation of OpenTelemetry. From 1.15.0 to 1.42.0, the fix for CVE-2026-24051 changed the Darwin ioreg command to use an absolute path but left the BSD kenv command us…
CVE-2026-29181 unknown FIX debian debian google 2mo ago OpenTelemetry-Go is the Go implementation of OpenTelemetry. From 1.36.0 to 1.40.0, multi-value baggage: header extraction parses each header field-value independently and aggregates members across va…
CVE-2026-33997 unknown FIX debian debian sles google 2mo ago Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. D…
CVE-2026-33871 unknown slesdebian debian google 2mo ago Netty HTTP/2 CONTINUATION Frame Flood DoS via Zero-Byte Frame Bypass
CVE-2026-33870 unknown slesdebian debian google 2mo ago Netty: HTTP Request Smuggling via Chunked Extension Quoted-String Parsing
CVE-2026-24734 unknown FIX slesdebian debian google 4mo ago Improper Input Validation vulnerability in Apache Tomcat Native, Apache Tomcat. When using an OCSP responder, Tomcat Native (and Tomcat's FFM port of the Tomcat Native code) did not complete verific…
CVE-2026-24051 unknown FIX debian debian google 4mo ago OpenTelemetry-Go is the Go implementation of OpenTelemetry. The OpenTelemetry Go SDK in version v1.20.0-1.39.0 is vulnerable to Path Hijacking (Untrusted Search Paths) on macOS/Darwin systems. The re…
CVE-2025-68239 unknown FIX slesdebian debian google 6mo ago In the Linux kernel, the following vulnerability has been resolved: binfmt_misc: restore write access before closing files opened by open_exec() bm_register_write() opens an executable file using o…
CVE-2025-48913 unknown google 10mo ago Apache CXF: Untrusted JMS configuration can lead to RCE
CVE-2024-12798 unknown slesdebian debian google 2y ago QOS.CH logback-core Expression Language Injection vulnerability
CVE-2023-2976 unknown FIX slesdebian debian google 3y ago Guava vulnerable to insecure use of temporary directory
CVE-2020-8908 unknown FIX slesdebian debian google 5y ago Information Disclosure in Guava
CVE-2026-23441 unknown FIX slesdebian debian google In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent concurrent access to IPSec ASO context The query or updating IPSec offload object is through Access ASO WQE. T…
CVE-2026-23439 unknown FIX slesdebian debian google In the Linux kernel, the following vulnerability has been resolved: udp_tunnel: fix NULL deref caused by udp_sock_create6 when CONFIG_IPV6=n When CONFIG_IPV6 is disabled, the udp_sock_create6() fun…
CVE-2026-23417 unknown FIX slesdebian debian google In the Linux kernel, the following vulnerability has been resolved: bpf: Fix constant blinding for PROBE_MEM32 stores BPF_ST | BPF_PROBE_MEM32 immediate stores are not handled by bpf_jit_blind_insn…
CVE-2026-23411 unknown FIX slesdebian debian google In the Linux kernel, the following vulnerability has been resolved: apparmor: fix race between freeing data and fs accessing it AppArmor was putting the reference to i_private data on its end after…
CVE-2026-23410 unknown FIX slesdebian debian google In the Linux kernel, the following vulnerability has been resolved: apparmor: fix race on rawdata dereference There is a race condition that leads to a use-after-free situation: because the rawdata…
CVE-2026-23409 unknown FIX slesdebian debian google In the Linux kernel, the following vulnerability has been resolved: apparmor: fix differential encoding verification Differential encoding allows loops to be created if it is abused. To prevent thi…
CVE-2026-23408 unknown FIX slesdebian debian google In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix double free of ns_name in aa_replace_profiles() if ns_name is NULL after 1071 error = aa_unpack(udata, &lh,…
CVE-2026-23407 unknown FIX slesdebian debian google In the Linux kernel, the following vulnerability has been resolved: apparmor: fix missing bounds check on DEFAULT table in verify_dfa() The verify_dfa() function only checks DEFAULT_TABLE bounds wh…
CVE-2026-23406 unknown FIX slesdebian debian google In the Linux kernel, the following vulnerability has been resolved: apparmor: fix side-effect bug in match_char() macro usage The match_char() macro evaluates its character parameter multiple times…
CVE-2026-23405 unknown FIX slesdebian debian google In the Linux kernel, the following vulnerability has been resolved: apparmor: fix: limit the number of levels of policy namespaces Currently the number of policy namespaces is not bounded relying o…
CVE-2026-23404 unknown FIX slesdebian debian google In the Linux kernel, the following vulnerability has been resolved: apparmor: replace recursive profile removal with iterative approach The profile removal code uses recursion when removing nested …
CVE-2026-23403 unknown FIX slesdebian debian google In the Linux kernel, the following vulnerability has been resolved: apparmor: fix memory leak in verify_header The function sets `*ns = NULL` on every call, leaking the namespace string allocated i…
CVE-2026-23391 unknown FIX slesdebian debian google In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_CT: drop pending enqueued packets on template removal Templates refer to objects that can go away while packets are…
CVE-2026-23375 unknown FIX slesdebian debian google In the Linux kernel, the following vulnerability has been resolved: mm: thp: deny THP for files on anonymous inodes file_thp_enabled() incorrectly allows THP for files on anonymous inodes (e.g. gue…
CVE-2026-23374 unknown FIX slesdebian debian google In the Linux kernel, the following vulnerability has been resolved: blktrace: fix __this_cpu_read/write in preemptible context tracing_record_cmdline() internally uses __this_cpu_read() and __this_…
CVE-2026-23368 unknown FIX slesdebian debian google In the Linux kernel, the following vulnerability has been resolved: net: phy: register phy led_triggers during probe to avoid AB-BA deadlock There is an AB-BA deadlock when both LEDS_TRIGGER_NETDEV…
CVE-2026-23138 unknown FIX slesdebian debian google In the Linux kernel, the following vulnerability has been resolved: tracing: Add recursion protection in kernel stack trace recording A bug was reported about an infinite recursion caused by tracin…
CVE-2026-23004 unknown FIX slesdebian debian google In the Linux kernel, the following vulnerability has been resolved: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() syzbot was able to crash the kernel in rt6_uncached_list_flu…
CVE-2025-39764 unknown FIX slesdebian debian google In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: remove refcounting in expectation dumpers Same pattern as previous patch: do not keep the expectation objec…
CVE-2025-22125 unknown FIX slesdebian debian google In the Linux kernel, the following vulnerability has been resolved: md/raid1,raid10: don't ignore IO flags If blk-wbt is enabled by default, it's found that raid write performance is quite bad beca…
CVE-2025-21709 unknown FIX slesdebian debian google In the Linux kernel, the following vulnerability has been resolved: kernel: be more careful about dup_mmap() failures and uprobe registering If a memory allocation fails during dup_mmap(), the mapl…