Lucene search
K

219786 matches found

CVE
CVE
added 2026/05/06 11:28 a.m.13 views

CVE-2026-43246

The CVE-2026-43246 issue affects the Linux kernel driver media: i2c/tw9906 (tw9906_probe). The root cause is a memory leak where memory allocated for the V4L2 control handler (v4l2_ctrl_handler_init and v4l2_ctrl_new_std) is not freed in an error path, potentially causing resource exhaustion or i...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/05/06 11:28 a.m.33 views

CVE-2026-43246 media: i2c/tw9906: Fix potential memory leak in tw9906_probe()

In the Linux kernel, the following vulnerability has been resolved: media: i2c/tw9906: Fix potential memory leak in tw9906probe In one of the error paths in tw9906probe, the memory allocated in v4l2ctrlhandlerinit and v4l2ctrlnewstd is not freed. Fix that by calling v4l2ctrlhandlerfree on the...

0.00123EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/06 11:28 a.m.30 views

CVE-2026-43231 media: radio-keene: fix memory leak in error path

In the Linux kernel, the following vulnerability has been resolved: media: radio-keene: fix memory leak in error path Fix a memory leak in usbkeeneprobe. The v4l2 control handler is initialized and controls are added, but if v4l2deviceregister or videoregisterdevice fails afterward, the handler w...

0.00128EPSS
Exploits0References8
CVE
CVE
added 2026/05/06 11:28 a.m.14 views

CVE-2026-43231

CVE-2026-43231 : In the Linux kernel, the media: radio-keene driver has a memory-leak in usb_keene_probe() where the v4l2 control handler is not freed if registration fails. The underlying issue is that the v4l2_ctrl_handler is initialized and controls are added, but error paths after v4l2_device...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/06 11:28 a.m.6 views

CVE-2026-43231

In the Linux kernel, the following vulnerability has been resolved: media: radio-keene: fix memory leak in error path Fix a memory leak in usbkeeneprobe. The v4l2 control handler is initialized and controls are added, but if v4l2deviceregister or videoregisterdevice fails afterward, the handler w...

5.8AI score0.00128EPSS
Exploits0References9Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/06 11:28 a.m.7 views

CVE-2026-43218

In the Linux kernel, the following vulnerability has been resolved: media: i2c/tw9903: Fix potential memory leak in tw9903probe In one of the error paths in tw9903probe, the memory allocated in v4l2ctrlhandlerinit and v4l2ctrlnewstd is not freed. Fix that by calling v4l2ctrlhandlerfree on the...

5.8AI score0.00128EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2026/05/06 11:28 a.m.12 views

CVE-2026-43218

CVE-2026-43218 affects the Linux kernel driver for tw9903 (media: i2c/tw9903) where, in an error path of tw9903_probe(), memory allocated for V4L2 control processing (v4l2_ctrl_handler_init() and v4l2_ctrl_new_std()) is not freed. The fix adds a call to v4l2_ctrl_handler_free() on the handler in ...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2026/05/06 11:28 a.m.7 views

CVE-2026-43199

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix "scheduling while atomic" in IPsec MAC address query Fix a "scheduling while atomic" bug in mlx5eipsecinitmacs by replacing mlx5querymacaddress with etheraddrcopy to get the local MAC address directly from...

7.5CVSS5.7AI score0.00441EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/06 11:27 a.m.27 views

CVE-2026-43157 octeontx2-af: CGX: fix bitmap leaks

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: CGX: fix bitmap leaks The RX/TX flow-control bitmaps rxfcpfvfbmap and txfcpfvfbmap are allocated by cgxlmacinit but never freed in cgxlmacexit. Unbinding and rebinding the driver therefore triggers kmemleak:...

0.00128EPSS
Exploits0References6
CVE
CVE
added 2026/05/06 11:27 a.m.14 views

CVE-2026-43157

Summary: CVE-2026-43157 affects the Linux kernel octeontx2-af CGX driver. The RX/TX flow-control bitmaps (rx_fc_pfvf_bmap, tx_fc_pfvf_bmap) are allocated during cgx_lmac_init() but not freed during cgx_lmac_exit(), enabling a kernel memory leak (kmemleak) when the driver is unbound and rebound. I...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/06 11:27 a.m.7 views

CVE-2026-43134

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix missing key size check for L2CAPLECONNREQ This adds a check for encryption key size upon receiving L2CAPLECONNREQ which is required by L2CAP/LE/CFC/BV-15-C which expects L2CAPCRLEBADKEYSIZE...

5.8AI score0.00177EPSS
Exploits0References9Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/06 11:27 a.m.8 views

CVE-2026-43133

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Always use vmcb01 in VMLOAD/VMSAVE emulation Commit cc3ed80ae69f "KVM: nSVM: always use vmcb01 to for vmsave/vmload of guest state" made KVM always use vmcb01 for the fields controlled by VMSAVE/VMLOAD, but it missed...

5.8AI score0.00128EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/05/06 7:40 a.m.31 views

CVE-2026-43099

The CVE-2026-43099 issue affects the Linux kernel, specifically the IPv4/ICMP path and the IPv6 stub handling. When the IPv6 stack is not active (CONFIG_IPV6=m and not loaded), ipv6_dev_find() may return ERR_PTR(-EAFNOSUPPORT); passing that to dev_hold() can cause a null pointer dereference and a...

7.5CVSS5.8AI score0.0049EPSS
Exploits0References7Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/06 7:40 a.m.5 views

CVE-2026-43099

In the Linux kernel, the following vulnerability has been resolved: ipv4: icmp: fix null-ptr-deref in icmpbuildprobe ipv6stub-ipv6devfind may return ERRPTR-EAFNOSUPPORT when the IPv6 stack is not active CONFIGIPV6=m and not loaded, and passing this error pointer to devhold will cause a kernel cra...

5.7AI score0.0049EPSS
Exploits0References6Affected Software1
Ubuntu
Ubuntu
added 2026/05/06 5:43 a.m.10 views

USN-8236-1: Slurm vulnerabilities

It was discovered that Slurm did not correctly handle certain file system operations. An attacker could possibly use this issue to modify files or leak sensitive information. This issue only affected Ubuntu 22.04 LTS. CVE-2023-41914 Ryan Hall discovered that Slurm did not correctly enforce certai...

9.8CVSS6AI score0.01375EPSS
Exploits0
Snyk
Snyk
added 2026/05/06 4:12 a.m.9 views

Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the GetUserRoles API endpoint. An attacker can access ACL policies for any user across all organizations by supplying specific Name and Org parameters in a network request. Remediatio...

7.7CVSS5.8AI score0.00255EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/06 2:15 a.m.8 views

CVE-2026-7573 GetUserRoles API endpoint allows any authenticated user to enumerate ACL policies across all organizations

An authorization bypass CWE-639 in the GetUserRoles gRPC API endpoint in Velocidex Velociraptor below version 0.76.5 allows any authenticated low-privilege user to retrieve the complete ACL policy roles and permissions for any user across all organizations by supplying targeted Name and Org...

5CVSS5.8AI score0.00255EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/06 2:15 a.m.5 views

CVE-2026-7573

An authorization bypass CWE-639 in the GetUserRoles gRPC API endpoint in Velocidex Velociraptor below version 0.76.5 allows any authenticated low-privilege user to retrieve the complete ACL policy roles and permissions for any user across all organizations by supplying targeted Name and Org...

5CVSS5.8AI score0.00255EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/06 2:15 a.m.9 views

EUVD-2026-27517

An authorization bypass CWE-639 in the GetUserRoles gRPC API endpoint in Velocidex Velociraptor below version 0.76.5 allows any authenticated low-privilege user to retrieve the complete ACL policy roles and permissions for any user across all organizations by supplying targeted Name and Org...

5CVSS5.8AI score0.00255EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/06 1:43 a.m.10 views

SUSE CVE-2026-31720

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fuac1legacy: validate control request size faudiocomplete copies req-length bytes into a 4-byte stack variable: u32 data = 0; memcpy&data, req-buf, req-length; req-length is derived from the host-controlled USB reque...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References4
Rows per page
Query Builder