324 matches found
CVE-2026-43174
The CVE-2026-43174 issue is in the Linux kernel’s io_uring/zcrx subsystem. Descriptions across multiple sources state that post-open error handling was fixed to avoid releasing the zcrx context before all associated page pools are terminated, addressing improper resource cleanup. The practical im...
CVE-2026-43174 io_uring/zcrx: fix post open error handling
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix post open error handling Closing a queue doesn't guarantee that all associated page pools are terminated right away, let the refcounting do the work instead of releasing the zcrx ctx directly...
PT-2026-37514
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the io uring/zcrx component where closing a queue does not guarantee the immediate termination of all associated page pools. The system incorrectly releases the zcrx...
CVE-2026-6911
Missing JWT signature verification in AWS Ops Wheel allows unauthenticated attackers to forge JWT tokens and gain unintended administrative access to the application, including the ability to read, modify, and delete all application data across tenants and manage Cognito user accounts within the...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the functions lan966xfdmarxalloc and lan966xfdmainit. These functions do not properly destroy the...
SUSE CVE-2026-32281
Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the...
SUSE CVE-2026-33810
When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the...
CVE-2026-33810
When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the...
CVE-2026-31063
UTT Aggressive HiPER 1200GW v2.5.3-170306 was discovered to contain a buffer overflow in the pools parameter of the formArpBindConfig function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...
PT-2026-31062
Name of the Vulnerable Software and Affected Versions versions prior to 2.3 Description Validating certificate chains using policies can be unexpectedly inefficient when certificates in the chain contain a large number of policy mappings, potentially leading to denial of service. This impacts the...
EUVD-2026-19261
UTT Aggressive HiPER 1200GW v2.5.3-170306 was discovered to contain a buffer overflow in the pools parameter of the formArpBindConfig function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2026-31063
UTT Aggressive HiPER 1200GW v2.5.3-170306 was discovered to contain a buffer overflow in the pools parameter of the formArpBindConfig function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...
UTT HiPER 1200GW 安全漏洞
UTT HiPER 1200GW is a wireless gateway device developed by UTT Corporation. The UTT HiPER 1200GW v2.5.3-170306 version contains a security vulnerability. This vulnerability stems from a buffer overflow in the pools parameter of the formArpBindConfig function, which may lead to a denial-of-service...
CVE-2026-31063
UTT Aggressive HiPER 1200GW v2.5.3-170306 was discovered to contain a buffer overflow in the pools parameter of the formArpBindConfig function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2026-31063
CVE-2026-31063 affects UTT Aggressive HiPER 1200GW v2.5.3-170306. The vulnerability is a buffer overflow in the pools parameter of the formArpBindConfig function, allowing a crafted input to trigger a Denial of Service. Multiple connected sources corroborate the issue across NVD, Red Hat advisori...
PT-2026-30621
UTT Aggressive HiPER 1200GW v2.5.3-170306 was discovered to contain a buffer overflow in the pools parameter of the formArpBindConfig function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2026-31063
UTT Aggressive HiPER 1200GW v2.5.3-170306 was discovered to contain a buffer overflow in the pools parameter of the formArpBindConfig function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...
Multiple vulnerabilities in PostgreSQL affect PowerVM VIOS
IBM SECURITY ADVISORY First Issued: Thu Apr 2 15:29:58 CDT 2026 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/postgresadvisory.asc Security Bulletin: Multiple vulnerabilities in PostgreSQL affect PowerVM VIOS...
Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.1.6
Red Hat OpenShift Service Mesh 3.1.6 This update has a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Red Hat OpenShift Service Mesh 3.1....
IBM Jazz Reporting Service(JRS) 安全漏洞
The IBM Jazz Reporting Service JRS is a ready-to-use reporting component developed by the American multinational company IBM. This product includes functions such as report generation, data collection, and lifecycle queries. There is a security vulnerability in the IBM Jazz Reporting Service, whi...