2986 matches found
2026-04 .NET 10.0.7 Security Update for x64 Server (KB5091596)
2026-04 .NET 10.0.7 Security Update for x64 Server KB5091596...
PT-2026-33096
Name of the Vulnerable Software and Affected Versions RightFax versions prior to 25.4 Description An issue involving the deserialization of untrusted data allows for Object Injection. This flaw can lead to remote code execution without requiring authentication. Recommendations Update to version...
SUSE CVE-2026-35186
Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler backend contains a bug where translating the table.grow operator causes the result to be incorrectly typed. For 32-bit tables this means that the result of the operator, internally i...
2026-04 Dynamic Cumulative Update for Windows 10 Version 21H2 for x64-based Systems (KB5082200)
2026-04 Dynamic Cumulative Update for Windows 10 Version 21H2 for x64-based Systems KB5082200...
2026-04 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB5082198)
2026-04 Cumulative Update for Windows 10 Version 1607 for x64-based Systems KB5082198...
2026-04 Cumulative Update for .NET Framework 4.8 for Windows Server 2016 for x64 (KB5082411)
2026-04 Cumulative Update for .NET Framework 4.8 for Windows Server 2016 for x64 KB5082411...
Microsoft Windows UPnP 访问控制错误漏洞
Microsoft Windows UPnP is a device proxy provided by Microsoft Corporation. It serves as a proxy that allows Windows network connections to recognize the IP address of ZoneDirector. Microsoft Windows UPnP has a vulnerability related to access control. Attackers can exploit this vulnerability to...
Microsoft Windows Remote Desktop Licensing Service 访问控制错误漏洞
The Microsoft Windows Remote Desktop Licensing Service is a service provided by Microsoft that manages and verifies licenses for remote desktop connections. There is an access control vulnerability in the Microsoft Windows Remote Desktop Licensing Service. Attackers can exploit this vulnerability...
SUSE CVE-2026-31423
In the Linux kernel, the following vulnerability has been resolved: net/sched: schhfsc: fix divide-by-zero in rtscmin m2sm converts a u32 slope to a u64 scaled value. For large inputs e.g. m1=4000000000, the result can reach 2^32. rtscmin stores the difference of two such u64 values in a u32...
CVE-2026-31423
In the Linux kernel, the following vulnerability has been resolved: net/sched: schhfsc: fix divide-by-zero in rtscmin m2sm converts a u32 slope to a u64 scaled value. For large inputs e.g. m1=4000000000, the result can reach 2^32. rtscmin stores the difference of two such u64 values in a u32...
CVE-2026-31423
In the Linux kernel, the following vulnerability has been resolved: net/sched: schhfsc: fix divide-by-zero in rtscmin m2sm converts a u32 slope to a u64 scaled value. For large inputs e.g. m1=4000000000, the result can reach 2^32. rtscmin stores the difference of two such u64 values in a u32...
CVE-2026-31423
The CVE-2026-31423 issue affects the Linux kernel’s net/sched sch_hfsc; rtsc_min() can divide by a value derived from the difference of large u64 slopes, risking a divide-by-zero when the difference equals 2^32. The fix widens the internal counter to u64 and replaces do_div() with div64_u64() to ...
CVE-2026-31423 net/sched: sch_hfsc: fix divide-by-zero in rtsc_min()
In the Linux kernel, the following vulnerability has been resolved: net/sched: schhfsc: fix divide-by-zero in rtscmin m2sm converts a u32 slope to a u64 scaled value. For large inputs e.g. m1=4000000000, the result can reach 2^32. rtscmin stores the difference of two such u64 values in a u32...
Linux Distros Unpatched Vulnerability : CVE-2026-31423
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/sched: schhfsc: fix divide-by-zero in rtscmin m2sm converts a u32 slope to a u64 scaled value. For large inputs e.g. m1=4000000000, the result can reach 2^3...
PT-2026-32349
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A divide-by-zero error exists in the rtsc min function within the concave-curve intersection path. The m2sm function converts a u32 slope to a u64 scaled value; for large inputs, this...
CVE-2026-34945
Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler contains a bug where a 64-bit table, part of the memory64 proposal of WebAssembly, incorrectly translated the table.size instruction. This bug could lead to disclosing data on the...
CVE-2026-34971
Wasmtime is a runtime for WebAssembly. From 32.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Cranelift compilation backend contains a bug on aarch64 when performing a certain shape of heap accesses which means that the wrong address is accessed. When combined with explicit bounds checks a...
CVE-2026-34971 Wasmtime miscompiled guest heap access enables sandbox escape on aarch64 Cranelift
Wasmtime is a runtime for WebAssembly. From 32.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Cranelift compilation backend contains a bug on aarch64 when performing a certain shape of heap accesses which means that the wrong address is accessed. When combined with explicit bounds checks a...
CVE-2026-34945 Wasmtime leaks host data with 64-bit tables and Winch
Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler contains a bug where a 64-bit table, part of the memory64 proposal of WebAssembly, incorrectly translated the table.size instruction. This bug could lead to disclosing data on the...
RUSTSEC-2026-0086 Host data leakage with 64-bit tables and Winch
This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-m9w2-8782-2946 For more information see the GitHub-hosted security advisory...