1272 matches found
CVE-2026-25613
CVE-2026-25613 : MongoDB server vulnerability where an authorized user can disable the server by issuing a query against a collection that contains an invalid compound wildcard index. Root cause described in connected documents is related to incorrect data handling of compound wildcard indexes, e...
CVE-2026-25613 An unsafe cast in the MongoDB query planner can result in a segmentation fault.
An authorized user may disable the MongoDB server by issuing a query against a collection that contains an invalid compound wildcard index...
An unsafe cast in the MongoDB query planner can result in a segmentation fault.
An authorized user may disable the MongoDB server by issuing a query against a collection that contains an invalid compound wildcard index...
CVE-2026-25139
RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things IoT devices and other embedded devices. In version 2025.10 and prior, multiple out-of-bounds read allow any unauthenticated user, with ability to send or manipulate input packets, to...
alertwise (=1.0.0), cjkcms-seo (=2.4.0) +18 more potentially affected by CVE-2026-25517 via wagtail (>=6.0.0 <=6.3.1)
wagtail PYPI version =6.0.0, =6.0.0, =2.1.0, =0.1.1, =1.9.0, =2.8.0, =0.0.9, =0.14.0, =0.6.0, =0.7.0 - wagtail-sb-codefield =0.4.0 - wagtail-sb-fontawesome =0.3.0 and more Source cves: CVE-2026-25517 Source advisory: SNYK:PYTHON-WAGTAIL-15189141...
Libgcrypt 1.12.0
Libgcrypt is a general-purpose cryptographic library based on the code from GnuPG. It provides functions for all cryptographic building blocks: symmetric ciphers AES, DES, Blowfish, CAST5, Twofish, and Arcfour, hash algorithms MD4, MD5, RIPE-MD160, SHA-1, and TIGER-192, MACs HMAC for all hash...
Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2025-58063)
The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-58063 advisory. - CoreDNS is a DNS server that chains plugins. Starting in version 1.2.0 and prior to version...
Azure Linux 3.0 Security Update: kernel (CVE-2025-37858)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37858 advisory. - In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Prevent integer overflow in AG...
Azure Linux 3.0 Security Update: kernel (CVE-2025-37803)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37803 advisory. - In the Linux kernel, the following vulnerability has been resolved: udmabuf: fix a buf size overflow issue...
kernel: nbd: fix incomplete validation of ioctl arg
A flaw has been found in the Linux kernel’s NBD drivers.The issue stems from incomplete validation of IOCTL arguments passed to the NBD driver. Specifically, oversized or unchecked arguments may lead to a signed integer overflow in blockwritefullpage and misuse of argument values cast to int in...
CVE-2025-71085
In the Linux kernel, the following vulnerability has been resolved: ipv6: BUG in pskbexpandhead as part of calipsoskbuffsetattr There exists a kernel oops caused by a BUGONnhead INTMAX i.e. intskbheadroomskb + lendelta skbheadroomskb is meant to ensure that delta = headroom - skbheadroomskb is...
CVE-2025-71085
The CVE-2025-71085 issue is a Linux kernel vulnerability: an oops/BUG_ON occurs in skb handling within calipso_skbuff_setattr() when headroom grows beyond INT_MAX, due to an implicit cast in __skb_cow() and a delta calculation that can become negative. The root cause is an integer overflow path t...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992780)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992780 advisory. In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Prevent integer overflow in AG size calculation The JFS filesystem calculates allocation...
CVE-2023-54238
In the Linux kernel, the following vulnerability has been resolved: mlx5: fix skb leak while fifo resync and push During ptp resync operation SKBs were poped from the fifo but were never freed neither by napiconsume nor by devkfreeskbany. Add call to napiconsumeskb to properly free SKBs. Another...
CVE-2023-54238
In the Linux kernel, the following vulnerability has been resolved: mlx5: fix skb leak while fifo resync and push During ptp resync operation SKBs were poped from the fifo but were never freed neither by napiconsume nor by devkfreeskbany. Add call to napiconsumeskb to properly free SKBs. Another...
UBUNTU-CVE-2023-54238
In the Linux kernel, the following vulnerability has been resolved: mlx5: fix skb leak while fifo resync and push During ptp resync operation SKBs were poped from the fifo but were never freed neither by napiconsume nor by devkfreeskbany. Add call to napiconsumeskb to properly free SKBs. Another...
CVE-2023-54238 mlx5: fix skb leak while fifo resync and push
In the Linux kernel, the following vulnerability has been resolved: mlx5: fix skb leak while fifo resync and push During ptp resync operation SKBs were poped from the fifo but were never freed neither by napiconsume nor by devkfreeskbany. Add call to napiconsumeskb to properly free SKBs. Another...
CVE-2023-54238 mlx5: fix skb leak while fifo resync and push
In the Linux kernel, the following vulnerability has been resolved: mlx5: fix skb leak while fifo resync and push During ptp resync operation SKBs were poped from the fifo but were never freed neither by napiconsume nor by devkfreeskbany. Add call to napiconsumeskb to properly free SKBs. Another...
PT-2025-54067
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to memory management within the mlx5 driver. Specifically, a memory leak occurs during Precision Time Protocol PTP resynchronization operations,...
OSV-2025-989 Bad-cast to UT_hash_bucket' (aka 'struct UT_hash_bucket')password_file__cleanup
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=468922225 Crash type: Bad-cast Crash state: Bad-cast to UThashbucket' aka 'struct UThashbucket'passwordfilecleanup mosquittosecuritycleanupdefault brokerfuzzpasswordfile.cpp...