51430 matches found
CVE-2026-13595
A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw pointer to a parent partition entry in a dynamically allocated array. When subsequent partition additions cause the array to be...
CVE-2026-53286
A flaw was found in the Linux kernel. Specifically, a double free and use-after-free vulnerability exists in the idpf driver's auxiliary device error paths. This flaw occurs when auxiliarydeviceadd fails, leading to improper memory handling where memory is freed twice or accessed after being free...
CVE-2026-13595
A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw pointer to a parent partition entry in a dynamically allocated array. When subsequent partition additions cause the array to be...
CVE-2026-13595
CVE-2026-13595 affects libblkid in util-linux. During nested partition probing, BSD/Minix/Solaris x86/UnixWare probers cache a parent partition pointer in a dynamically allocated array; on reallocation, the pointer becomes stale, causing a heap use-after-free read. An attacker with access to a cr...
CVE-2026-13595 Util-linux: util-linux: heap use-after-free in libblkid nested partition probing
A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw pointer to a parent partition entry in a dynamically allocated array. When subsequent partition additions cause the array to be...
CVE-2026-13539
A vulnerability was identified in Wavlink WL-NU516U1-A M16U1V240425. The impacted element is the function sub407504 of the file /cgi-bin/wireless.cgi of the component POST Parameter Handler. Such manipulation of the argument Guestssid leads to stack-based buffer overflow. The attack can be execut...
EUVD-2026-40045
A vulnerability has been found in D-Link DCS-935L 1.10.01. This affects the function sub400E40 of the file setconf.cgi of the component POST Parameter Handler. Such manipulation of the argument UID leads to os command injection. The attack can be launched remotely. The exploit has been disclosed ...
CVE-2026-13545 D-Link DCS-935L POST Parameter setconf.cgi sub_400E40 os command injection
A vulnerability has been found in D-Link DCS-935L 1.10.01. This affects the function sub400E40 of the file setconf.cgi of the component POST Parameter Handler. Such manipulation of the argument UID leads to os command injection. The attack can be launched remotely. The exploit has been disclosed ...
CVE-2026-13539 Wavlink WL-NU516U1-A POST Parameter wireless.cgi sub_407504 stack-based overflow
A vulnerability was identified in Wavlink WL-NU516U1-A M16U1V240425. The impacted element is the function sub407504 of the file /cgi-bin/wireless.cgi of the component POST Parameter Handler. Such manipulation of the argument Guestssid leads to stack-based buffer overflow. The attack can be execut...
CVE-2026-13539
The CVE concerns Wavlink WL-NU516U1-A M16U1_V240425. The vulnerable component is the POST Parameter Handler in /cgi-bin/wireless.cgi, specifically function sub_407504, where manipulation of Guest_ssid causes a stack-based buffer overflow. This can be triggered remotely; exploitation is publicly a...
CVE-2026-13538
The CVE concerns Wavlink WL-NU516U1-A (M16U1_V240425) with a vulnerability in /cgi-bin/wireless.cgi, function sub_401D68, within the POST Parameter Handler. Manipulating arguments SSID2G2/SSID5G2/AuthMethod2/WPAPSK12 leads to command injection. Remote exploitation is possible, and an exploit has ...
CVE-2026-13538 Wavlink WL-NU516U1-A POST Parameter wireless.cgi sub_401D68 command injection
A vulnerability was determined in Wavlink WL-NU516U1-A M16U1V240425. The affected element is the function sub401D68 of the file /cgi-bin/wireless.cgi of the component POST Parameter Handler. This manipulation of the argument SSID2G2/SSID5G2/AuthMethod2/WPAPSK12 causes command injection. Remote...
PT-2026-53315
Name of the Vulnerable Software and Affected Versions TP-Link TL-WR841N version v14 Description An authenticated stack-based buffer overflow occurs in the web management interface. A remote authenticated attacker can send crafted HTTP requests to the embedded web server, causing a stack buffer to...
CVE-2026-13514 Chess Play and Learn App com.chess AndroidManifest.xml backup
A weakness has been identified in Chess Play and Learn App up to 4.9.42 on Android. This issue affects some unknown processing of the file AndroidManifest.xml of the component com.chess. This manipulation causes exposure of backup file to an unauthorized control sphere. It is feasible to perform...
SUSE CVE-2026-53280
In the Linux kernel, the following vulnerability has been resolved: iommu: Fix NULL group-domain dereference in pcidevresetiommudone Local sashiko review pointed it out that group-domain could be NULL when a default domain fails to allocate during the first probe, which can crash at...
SUSE CVE-2026-53283
In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Bounds-check devid in rlookupamdiommu iommudeviceregister walks every device on the PCI bus via busforeachdev and calls amdiommuprobedevice for each. The inlined checkdevice path computes the device's sbdf, calls...
SUSE CVE-2026-53286
In the Linux kernel, the following vulnerability has been resolved: idpf: fix double free and use-after-free in aux device error paths When auxiliarydeviceadd fails in idpfplugvportauxdev or idpfplugcoreauxdev, the errauxdevadd label calls auxiliarydeviceuninit and falls through to errauxdevinit...
SUSE CVE-2026-53290
In the Linux kernel, the following vulnerability has been resolved: drm/xe/eustall: Fix drmdevput called before stream disable in close In xeeustallstreamclose, drmdevput is called before the stream is disabled and its resources are freed. If this drops the last reference, the device structures...
SUSE CVE-2026-53296
In the Linux kernel, the following vulnerability has been resolved: mailbox: mailbox-test: free channels on probe error On probe error, free the previously obtained channels. This not only prevents a leak, but also UAF scenarios because the client structure will be removed nonetheless because it...
SUSE CVE-2026-53304
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Resolve soft lockup issue when opening /dev/sgX The parameter defreservedsize defines the default buffer size reserved for each Sgfd and should be restricted to a range between 0 and 1,048,576 see...