30643 matches found
CVE-2026-5081
Apache::Session::Generate::ModUniqueId versions from 1.54 through 1.94 for Perl session ids are insecure. Apache::Session::Generate::ModUniqueId added in version 1.54 uses the value of the UNIQUEID environment variable for the session id. The UNIQUEID variable is set by the Apache moduniqueid...
EUVD-2026-27666
In the Linux kernel, the following vulnerability has been resolved: md-cluster: fix NULL pointer dereference in processmetadataupdate The function processmetadataupdate blindly dereferences the 'thread' pointer acquired via rcudereferenceprotected within the waitevent macro. While the code commen...
EUVD-2026-27552
There is a local privilege escalation vulnerability in the ZTE PROCESS Guard service of the cloud computer client, which may allow local arbitrary code execution, privilege escalation and path traversal bypass...
CVE-2026-43271
In the Linux kernel, the following vulnerability has been resolved: md-cluster: fix NULL pointer dereference in processmetadataupdate The function processmetadataupdate blindly dereferences the 'thread' pointer acquired via rcudereferenceprotected within the waitevent macro. While the code commen...
CVE-2026-43232
In the Linux kernel, the following vulnerability has been resolved: net: wan: farsync: Fix use-after-free bugs caused by unfinished tasklets When the FarSync T-series card is being detached, the fstcardinfo is deallocated in fstremoveone. However, the fsttxtask or fstinttask may still be running ...
CVE-2026-5081 Apache::Session::Generate::ModUniqueId versions from 1.54 through 1.94 for Perl session ids are insecure
Apache::Session::Generate::ModUniqueId versions from 1.54 through 1.94 for Perl session ids are insecure. Apache::Session::Generate::ModUniqueId added in version 1.54 uses the value of the UNIQUEID environment variable for the session id. The UNIQUEID variable is set by the Apache moduniqueid...
CVE-2026-43151
In the Linux kernel, the following vulnerability has been resolved: Revert "media: iris: Add sanity check for stop streaming" This reverts commit ad699fa78b59241c9d71a8cafb51525f3dab04d4. Revert the check that skipped stopstreaming when the instance was in IRISINSTERROR, as it caused multiple...
CVE-2026-43271
CVE-2026-43271 involves the Linux kernel md-cluster module where a race during MD array startup can cause a NULL pointer dereference in process_metadata_update when a METADATA_UPDATED message arrives before mddev->thread is initialized. The root cause is the code path that dereferences the thr...
CVE-2026-43271
In the Linux kernel, the following vulnerability has been resolved: md-cluster: fix NULL pointer dereference in processmetadataupdate The function processmetadataupdate blindly dereferences the 'thread' pointer acquired via rcudereferenceprotected within the waitevent macro. While the code commen...
CVE-2026-43271 md-cluster: fix NULL pointer dereference in process_metadata_update
In the Linux kernel, the following vulnerability has been resolved: md-cluster: fix NULL pointer dereference in processmetadataupdate The function processmetadataupdate blindly dereferences the 'thread' pointer acquired via rcudereferenceprotected within the waitevent macro. While the code commen...
CVE-2026-43271
In the Linux kernel, the following vulnerability has been resolved: md-cluster: fix NULL pointer dereference in processmetadataupdate The function processmetadataupdate blindly dereferences the 'thread' pointer acquired via rcudereferenceprotected within the waitevent macro. While the code commen...
CVE-2026-43240 x86/kexec: add a sanity check on previous kernel's ima kexec buffer
In the Linux kernel, the following vulnerability has been resolved: x86/kexec: add a sanity check on previous kernel's ima kexec buffer When the second-stage kernel is booted via kexec with a limiting command line such as "mem=", the physical range that contains the carried over IMA measurement...
CVE-2026-43232
In the Linux kernel, the following vulnerability has been resolved: net: wan: farsync: Fix use-after-free bugs caused by unfinished tasklets When the FarSync T-series card is being detached, the fstcardinfo is deallocated in fstremoveone. However, the fsttxtask or fstinttask may still be running ...
CVE-2026-43151
CVE-2026-43151 : Linux kernel issue resolved by reverting the Iris video driver stop streaming sanity check. The revert re-enabled stop_streaming when the IRIS_INST_ERROR path, correcting prior regressions where buffers were not returned to vb2 and teardown could fail, leaving firmware in an inco...
CVE-2026-40001
There is a local privilege escalation vulnerability in the ZTE PROCESS Guard service of the cloud computer client, which may allow local arbitrary code execution, privilege escalation and path traversal bypass...
CVE-2026-40001
There is a local privilege escalation vulnerability in the ZTE PROCESS Guard service of the cloud computer client, which may allow local arbitrary code execution, privilege escalation and path traversal bypass...
CVE-2026-40001
Technical details about CVE-2026-40001 are not publicly available in the provided documents. The two entries describe a local privilege escalation in ZTE PROCESS Guard but do not specify impacted versions, vulnerable components, or fixes. Monitor for updates.
CVE-2026-40001 Local privilege escalation vulnerability in ZTE PROCESS Guard service of the cloud computer client
There is a local privilege escalation vulnerability in the ZTE PROCESS Guard service of the cloud computer client, which may allow local arbitrary code execution, privilege escalation and path traversal bypass...
CVE-2026-40001 Local privilege escalation vulnerability in ZTE PROCESS Guard service of the cloud computer client
There is a local privilege escalation vulnerability in the ZTE PROCESS Guard service of the cloud computer client, which may allow local arbitrary code execution, privilege escalation and path traversal bypass...
CVE-2026-43102
In the Linux kernel, the following vulnerability has been resolved: net: airoha: Fix memory leak in airohaqdmarxprocess If an error occurs on the subsequents buffers belonging to the non-linear part of the skb e.g. due to an error in the payload length reported by the NIC or if we consumed all th...