CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8455 matches found

NVD•added 2026/05/27 2:17 p.m.•10 views

CVE-2026-46014

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Add missing save/restore handling of LBR MSRs MSRIA32DEBUGCTLMSR and LBR MSRs are currently not enumerated by KVMGETMSRINDEXLIST, and LBR MSRs cannot be set with KVMSETMSRS. So save/restore is completely broken. Fix it ...

5.5CVSS0.00093EPSS

Exploits0References3

NVD•added 2026/05/27 2:17 p.m.•9 views

CVE-2026-45958

In the Linux kernel, the following vulnerability has been resolved: drm/exynos: vidi: fix to avoid directly dereferencing user pointer In vidiconnectionioctl, vidi-ediduser pointer is directly dereferenced in the kernel. This allows arbitrary kernel memory access from the user space, so instead o...

7.1CVSS0.00126EPSS

Exploits0References8

NVD•added 2026/05/27 2:17 p.m.•12 views

CVE-2026-45949

In the Linux kernel, the following vulnerability has been resolved: hwrng: core - use RCU and workstruct to fix race condition Currently, hwrngfill is not cleared until the hwrngfillfn thread exits. Since hwrngunregister reads hwrngfill outside the rngmutex lock, a concurrent hwrngunregister may...

4.7CVSS0.00088EPSS

Exploits0References4

OSV•added 2026/05/27 2:17 p.m.•4 views

UBUNTU-CVE-2026-46053

In the Linux kernel, the following vulnerability has been resolved: net: rds: fix MR cleanup on copy error rdsrdmamap hands sg/pages ownership to the transport after getmr succeeds. If copying the generated cookie back to user space fails after that point, the error path must not free those...

7.8CVSS5.7AI score0.00129EPSS

Exploits0References3

OSV•added 2026/05/27 2:17 p.m.•5 views

UBUNTU-CVE-2026-45895

In the Linux kernel, the following vulnerability has been resolved: quota: fix livelock between quotactl and freezesuper When a filesystem is frozen, quotactlblock enters a retry loop waiting for the filesystem to thaw. It acquires sumount, checks the freeze state, drops sumount and uses...

5.7AI score0.002EPSS

Exploits0References3

OSV•added 2026/05/27 2:17 p.m.•5 views

UBUNTU-CVE-2026-46071

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Avoid clearing VMCBLBR in vmcb12 svmcopylbrs always marks VMCBLBR dirty in the destination VMCB. However, nestedsvmvmexit uses it to copy LBRs to vmcb12, and clearing clean bits in vmcb12 is not architecturally defined...

5.7AI score0.00166EPSS

Exploits0References3

OSV•added 2026/05/27 2:17 p.m.•5 views

UBUNTU-CVE-2026-45958

7.1CVSS5.9AI score0.00126EPSS

Exploits0References3

OSV•added 2026/05/27 2:17 p.m.•5 views

UBUNTU-CVE-2026-46057

In the Linux kernel, the following vulnerability has been resolved: landlock: Fix LOGSUBDOMAINSOFF inheritance across fork hookcredtransfer only copies the Landlock security blob when the source credential has a domain. This is inconsistent with landlockrestrictself which can set LOGSUBDOMAINSOFF...

3.3CVSS5.7AI score0.00118EPSS

Exploits0References3

OSV•added 2026/05/27 2:17 p.m.•4 views

UBUNTU-CVE-2026-45949

4.7CVSS5.7AI score0.00088EPSS

Exploits0References3

OSV•added 2026/05/27 2:17 p.m.•6 views

UBUNTU-CVE-2026-45975

In the Linux kernel, the following vulnerability has been resolved: ublk: use READONCE to read struct ublksrvctrlcmd struct ublksrvctrlcmd is part of the iouringsqe, which may lie in userspace-mapped memory. It's racy to access its fields with normal loads, as userspace may write to them...

5.5CVSS5.7AI score0.00107EPSS

Exploits0References3

NVD•added 2026/05/27 2:16 p.m.•9 views

CVE-2026-45852

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix double free in rxesrqfrominit In rxesrqfrominit, the queue pointer 'q' is assigned to 'srq-rq.queue' before copying the SRQ number to user space. If copytouser fails, the function calls rxequeuecleanup to free the...

7.8CVSS0.00164EPSS

Exploits0References8

OSV•added 2026/05/27 2:16 p.m.•4 views

UBUNTU-CVE-2026-45852

7.8CVSS5.7AI score0.00164EPSS

Exploits0References3

SUSE CVE•added 2026/05/27 12:57 p.m.•8 views

SUSE CVE-2026-45837

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in arenavmclose on fork arenavmopen only bumps vml-mmapcount but never registers the child VMA in arena-vmalist. The vml-vma always points at the parent VMA, so after parent munmap the pointer dangles. If...

6.7CVSS5.8AI score0.00156EPSS

Exploits0References4

ATTACKERKB•added 2026/05/27 12:57 p.m.•7 views

CVE-2026-46064

In the Linux kernel, the following vulnerability has been resolved: ibmasm: fix heap over-read in ibmasmsendi2omessage The ibmasmsendi2omessage function uses getdotcommandsize to compute the byte count for memcpytoio, but this value is derived from user-controlled fields in the dotcommandheader...

5.8AI score0.00176EPSS

Exploits0References9Affected Software1

CVE•added 2026/05/27 12:57 p.m.•20 views

CVE-2026-46064

The CVE-2026-46064 issue affects the Linux kernel’s ibmasm path. The ibmasm_send_i2o_message() helper derives the memcpy_toio() byte count from user-controlled dot_command_header fields (command_size: u8, data_size: u16) via get_dot_command_size(), but does not validate against the actual allocat...

5.8AI score0.00176EPSS

Exploits0References8