CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9048 matches found

UbuntuCve•added 2026/01/25 3:15 p.m.•5 views

CVE-2026-22998

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix NULL pointer dereferences in nvmettcpbuildpduiovec Commit efa56305908b "nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length" added ttag bounds checking and dataoffset validation in...

7.5CVSS6.4AI score0.0071EPSS

Exploits0References24

OSV•added 2026/01/25 2:36 p.m.•4 views

CVE-2026-23009 xhci: sideband: don't dereference freed ring when removing sideband endpoint

In the Linux kernel, the following vulnerability has been resolved: xhci: sideband: don't dereference freed ring when removing sideband endpoint xhcisidebandremoveendpoint incorrecly assumes that the endpoint is running and has a valid transfer ring. Lianqin reported a crash during suspend/wake-u...

5.5CVSS5.2AI score0.00135EPSS

Exploits0References5

Cvelist•added 2026/01/25 2:36 p.m.•35 views

CVE-2026-23007 block: zero non-PI portion of auto integrity buffer

In the Linux kernel, the following vulnerability has been resolved: block: zero non-PI portion of auto integrity buffer The auto-generated integrity buffer for writes needs to be fully initialized before being passed to the underlying block device, otherwise the uninitialized memory can be read...

0.00135EPSS

Exploits0References2

OSV•added 2026/01/25 2:36 p.m.•7 views

CVE-2026-22998 nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec

7.5CVSS5.3AI score0.0071EPSS

Exploits0References10

NVD•added 2026/01/23 4:15 p.m.•7 views

CVE-2026-22986

In the Linux kernel, the following vulnerability has been resolved: gpiolib: fix race condition for gdev-srcu If two drivers were calling gpiochipadddatawithkey, one may be traversing the srcu-protected list in gpionametodesc, meanwhile other has just added its gdev in gpiodevaddtolistunlocked...

4.7CVSS0.00087EPSS

Exploits0References3

UbuntuCve•added 2026/01/23 4:15 p.m.•3 views

CVE-2026-22986

4.7CVSS5.8AI score0.00087EPSS

Exploits0References4

OSV•added 2026/01/23 4:15 p.m.•5 views

UBUNTU-CVE-2026-22986

4.7CVSS5.7AI score0.00087EPSS

Exploits0References5

OSV•added 2026/01/23 4:15 p.m.•3 views

UBUNTU-CVE-2026-22988

In the Linux kernel, the following vulnerability has been resolved: arp: do not assume devhardheader does not change skb-head arpcreate is the only devhardheader caller making assumption about skb-head being unchanged. A recent commit broke this assumption. Initialize @arp pointer after...

7.8CVSS5.7AI score0.00123EPSS

Exploits0References10

Cvelist•added 2026/01/23 3:24 p.m.•29 views

CVE-2026-22988 arp: do not assume dev_hard_header() does not change skb->head

7.8CVSS0.00123EPSS

Exploits0References7

ATTACKERKB•added 2026/01/23 3:24 p.m.•4 views

CVE-2026-22988

5.7AI score0.00123EPSS

Exploits0References8Affected Software1

ATTACKERKB•added 2026/01/23 3:24 p.m.•5 views

CVE-2026-22986

5.7AI score0.00087EPSS

Exploits0References3Affected Software1

Cvelist•added 2026/01/23 3:24 p.m.•31 views

CVE-2026-22986 gpiolib: fix race condition for gdev->srcu

0.00087EPSS

Exploits0References3

OSV•added 2026/01/23 3:24 p.m.•4 views

CVE-2026-22986 gpiolib: fix race condition for gdev->srcu

4.7CVSS5.4AI score0.00087EPSS

Exploits0References5

CVE•added 2026/01/23 3:24 p.m.•30 views

CVE-2026-22981

CVE-2026-22981 pertains to the Linux kernel driver for IDPF (Intel Ethernet 800/900-series? context in the doc refers to idpf) where, during reset handling, netdev interfaces are detached/closed to protect the reset path. The vulnerability description states that if reset handling succeeds, netde...

5.5CVSS5.3AI score0.00115EPSS

Exploits0References3Affected Software1

UbuntuCve•added 2026/01/23 3:16 p.m.•1 views

CVE-2025-71156

In the Linux kernel, the following vulnerability has been resolved: gve: defer interrupt enabling until NAPI registration Currently, interrupts are automatically enabled immediately upon request. This allows interrupt to fire before the associated NAPI context is fully initialized and cause...

7.8CVSS6.2AI score0.00119EPSS

Exploits0References11

SUSE Linux•added 2026/01/23 3:8 p.m.•4 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-38321: smb: Log an error when closeallcacheddirs fails bsc1246328. CVE-2025-38728: smb3: fix for slab out of bounds on mount to ksmbd bsc1249256. CVE-2025-39977...

8.5CVSS8.1AI score0.00544EPSS

Exploits2References1726

ATTACKERKB•added 2026/01/23 2:25 p.m.•3 views

CVE-2025-71156

5.2AI score0.00119EPSS

Exploits0References4Affected Software1

Cvelist•added 2026/01/23 2:25 p.m.•26 views

CVE-2025-71156 gve: defer interrupt enabling until NAPI registration

0.00119EPSS

Exploits0References3

Tenable Nessus•added 2026/01/23 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2025-71156

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: gve: defer interrupt enabling until NAPI registration Currently, interrupts are automaticall...

7.8CVSS6AI score0.00119EPSS

Exploits0References3

Tenable Nessus•added 2026/01/23 12:0 a.m.•3 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004849)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004849 advisory. In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Fix incorrect assignment of signed error value to unsigned fwlevel Though...

5.5CVSS5.3AI score0.00181EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by