CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

45 matches found

CVE-2026-46261

A flaw was found in the Linux kernel. A null pointer dereference in the wpcm-fiu Serial Peripheral Interface SPI driver, specifically when platformgetresourcebyname returns a null value, could lead to a system crash. This vulnerability could allow a local attacker to cause a Denial of Service DoS...

5.8AI score0.00018EPSS

Exploits0References4

RedhatCVE•added 2026/05/28 5:19 p.m.•5 views

CVE-2026-46172

A flaw was found in the Linux kernel's IPv6 Internet Protocol version 6 xfrm6 component. When processing encapsulated IPv6 packets, the xfrm6rcvencap function fails to release a destination dst entry reference if an IPv6 route lookup results in an error. A remote attacker could exploit this by...

7CVSS5.8AI score0.00032EPSS

Exploits0References4

NVD•added 2026/05/27 5:16 p.m.•9 views

CVE-2026-44316

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's PCF POST /npcf-smpolicycontrol/v1/sm-policies handler HandleCreateSmPolicyRequest panics with a nil-pointer dereference when a downstream OpenAPI consumer call UDR lookup returns 404 Not Found and the...

7.5CVSS0.00059EPSS

Exploits1References4

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: The release path occurs before igetfailed in btrfsreadlocked inode. In btrfsreadlocked inode, if we fail to look up the inode, we jump to the ‘out’ label with a path that has a read-locked leaf. Then we call igetfailed. Th...

5.7AI score0.00013EPSS

Exploits0References2

CVE•added 2026/05/15 6:42 p.m.•9 views

CVE-2026-45622

Vvveb CMS (version prior to 1.0.8.3) is affected by an unauthenticated reflected XSS in the public product return form. The issue arises from inserting the customer_order_id into the error message without HTML escaping, allowing attacker-controlled HTML/JavaScript to execute in the submitting use...

5.3CVSS5.6AI score0.00062EPSS

Exploits0References1

Github Security Blog•added 2026/05/08 10:39 p.m.•7 views

free5GC's PCF npcf-smpolicycontrol POST /sm-policies panics on downstream UDR/OpenAPI 404 via nil pointer dereference

Summary free5GC's PCF POST /npcf-smpolicycontrol/v1/sm-policies handler HandleCreateSmPolicyRequest panics with a nil-pointer dereference when a downstream OpenAPI consumer call UDR lookup returns 404 Not Found and the consumer wrapper returns err != nil together with a nil response struct. The...

7.5CVSS5.8AI score0.00059EPSS

Exploits1References5Affected Software1

Positive Technologies•added 2026/05/08 12:0 a.m.•8 views

PT-2026-39246

Name of the Vulnerable Software and Affected Versions free5GC versions 4.1.0 through 4.2.1 Description A nil-pointer dereference occurs in the PCF HandleCreateSmPolicyRequest function when a downstream OpenAPI consumer call to the UDR lookup returns a 404 Not Found error. The handler logs the err...

7.5CVSS5.9AI score0.00059EPSS

Exploits1References8

ATTACKERKB•added 2026/04/03 3:15 p.m.•2 views

CVE-2026-23464

In the Linux kernel, the following vulnerability has been resolved: soc: microchip: mpfs: Fix memory leak in mpfssyscontrollerprobe In mpfssyscontrollerprobe, if ofgetmtddevicebynode fails, the function returns immediately without freeing the allocated memory for syscontroller, leading to a memor...

5.7AI score0.00015EPSS

Exploits0References5Affected Software1

CVE•added 2026/03/25 10:27 a.m.•5 views

CVE-2026-23317

The CVE-2026-23317 entry describes a Linux kernel vulnerability in drm/vmwgfx, specifically vmw_translate_ptr. The root cause was a previous change where a pointer-returning lookup was replaced by an error-code-returning lookup with the pointer as an out parameter; the error path was not updated,...

7.8CVSS5.7AI score0.00018EPSS

Exploits0References6Affected Software1

OSV•added 2026/03/15 5:54 a.m.•1 views

OESA-2026-1566 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: udp: Deal with race between UDP socket address change and rehash If a UDP socket changes its local address while it's receiving datagrams, as a result of connect...

9.8CVSS6.4AI score0.0009EPSS

Exploits0References74

EUVD•added 2026/01/31 11:42 a.m.•8 views

EUVD-2026-5058

In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before igetfailed in btrfsreadlockedinode In btrfsreadlockedinode if we fail to lookup the inode, we jump to the 'out' label with a path that has a read locked leaf and then we call igetfailed. This can result...

5.8AI score0.00013EPSS

Exploits0References2

Positive Technologies•added 2026/01/31 12:0 a.m.•4 views

PT-2026-5539

In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before iget failed in btrfs read locked inode In btrfs read locked inode if we fail to lookup the inode, we jump to the 'out' label with a path that has a read locked leaf and then we call iget failed. This ca...

5.7AI score0.00013EPSS

Exploits0References3

CVE•added 2025/12/30 12:10 p.m.•7 views

CVE-2022-50836

The CVE-2022-50836 issue in the Linux kernel’s remoteproc: sysmon subsystem (qcom_add_sysmon_subdev) caused a memory leak. Root cause: kfree() was not invoked when of_irq_get_byname() or devm_request_threaded_irq() failed, leading to leaked memory. The fix adds a kfree() path to ensure proper cle...

6AI score0.00029EPSS

Exploits0References6

Cvelist•added 2025/12/24 1:5 p.m.•22 views

CVE-2022-50755 udf: Avoid double brelse() in udf_rename()

In the Linux kernel, the following vulnerability has been resolved: udf: Avoid double brelse in udfrename syzbot reported a warning like below 1: VFS: brelse: Trying to free free buffer WARNING: CPU: 2 PID: 7301 at fs/buffer.c:1145 brelse+0x67/0xa0 ... Call Trace: invalidatebhlru+0x99/0x150...

0.00095EPSS

Exploits0References9

CNNVD•added 2025/11/12 12:0 a.m.•2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a peer lookup failure in monitor mode that could result in an invalid link ID...

6.2AI score0.00021EPSS

Exploits0References3

SUSE CVE•added 2025/10/22 11:59 p.m.•1 views

SUSE CVE-2023-53700

In the Linux kernel, the following vulnerability has been resolved: media: max9286: Fix memleak in max9286v4l2register There is a kmemleak when testing the media/i2c/max9286.c with bpf mock device: kmemleak: 5 new suspected memory leaks see /sys/kernel/debug/kmemleak unreferenced object...

5.5CVSS6.5AI score0.00032EPSS

Exploits0References7

SUSE CVE•added 2025/10/07 11:46 p.m.•2 views

SUSE CVE-2023-53686

In the Linux kernel, the following vulnerability has been resolved: net/handshake: fix null-ptr-deref in handshakenldonedoit We should not call tracehandshakecmddoneerr if socket lookup has failed. Also we should call tracehandshakecmddoneerr before releasing the file, otherwise dereferencing...

5.5CVSS6.2AI score0.0002EPSS

Exploits0References15

NVD•added 2025/10/07 4:15 p.m.•3 views

CVE-2023-53686

5.5CVSS0.0002EPSS

Exploits0References2

EUVD•added 2025/10/07 3:21 p.m.•2 views

EUVD-2025-32731

5.7AI score0.0002EPSS

Exploits0References3

Cvelist•added 2025/10/07 3:21 p.m.•7 views

CVE-2023-53686 net/handshake: fix null-ptr-deref in handshake_nl_done_doit()