2496 matches found
CVE-2026-23365
In the Linux kernel, the following vulnerability has been resolved: net: usb: kalmia: validate USB endpoints The kalmia driver should validate that the device it is probing has the proper number and types of USB endpoints it is expecting before it binds to it. If a malicious device were to not ha...
CVE-2026-23362
In the Linux kernel, the following vulnerability has been resolved: can: bcm: fix locking for bcmop runtime updates Commit c2aba69d0c36 "can: bcm: add locking for bcmop runtime updates" added a locking for some variables that can be modified at runtime when updating the sending bcmop with a new...
CVE-2026-23346
In the Linux kernel, the following vulnerability has been resolved: arm64: io: Extract user memory type in ioremapprot The only caller of ioremapprot outside of the generic ioremap implementation is genericaccessphys, which passes a 'pgprott' value determined from the user mapping of the target...
CVE-2026-23304
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix NULL pointer deref in ip6rtgetdevrcu l3mdevmasterdevrcu can return NULL when the slave device is being un-slaved from a VRF. All other callers deal with this, but we lost the fallback to loopback in ip6rtpcpualloc -...
CVE-2026-3119
Under certain conditions, named may crash when processing a correctly signed query containing a TKEY record. The affected code can only be reached if an incoming request has a valid transaction signature TSIG from a key declared in the named configuration. This issue affects BIND 9 versions 9.20....
opencryptoki security update
3.22.0-3.2 - Resolves: RHEL-144817, CVE-2026-23893 Privilege Escalation or Data Exposure via Symlink Following...
GHSA-RJCW-VG7J-M9RC vulnerabilities
Vulnerabilities for packages: k9s, xeol, zarf, wolfictl, guac, kubescape, kubescape-operator...
CVE-2026-33320 vulnerabilities
Vulnerabilities for packages: vale...
GHSA-HWQM-QVJ9-4JR2 vulnerabilities
Vulnerabilities for packages: teleport, neuvector, neuvector-fips, teleport-operator-fips...
CVE-2025-63261
AWStats 8.0 is vulnerable to Command Injection via the open function...
GHSA-F269-VFMQ-VJVJ vulnerabilities
Vulnerabilities for packages: langfuse, librechat, langfuse-fips, pelias-api, renovate, jitsucom-jitsu, code-server, kibana...
GHSA-PHC3-FGPG-7M6H vulnerabilities
Vulnerabilities for packages: librechat, pelias-api, renovate, jitsucom-jitsu, code-server, kibana...
CVE-2026-29085 vulnerabilities
Vulnerabilities for packages: librechat, opensearch-dashboards, opensearch-dashboards-fips, kibana...
CVE-2006-10003
XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in stserialstack. In the case stackptr == stacksize - 1, the stack will NOT be expanded. Then the new value will be written at location ++stackptr, which equals stacksize and therefore falls just outside the allocat...
SiYuan has an Incomplete Fix for IsSensitivePath Denylist Allows File Read from /opt, /usr, /home (GHSA-h5vh-m7fg-w5h6 Bypass)
Summary The IsSensitivePath function in kernel/util/path.go uses a denylist approach that was recently expanded GHSA-h5vh-m7fg-w5h6, commit 9914fd1 but remains incomplete. Multiple security-relevant Linux directories are not blocked, including /opt application data, /usr local configs/binaries,...
CVE-2026-23247
In the Linux kernel, the following vulnerability has been resolved: tcp: secureseq: add back ports to TS offset This reverts 28ee1b746f49 "secureseq: downgrade to per-host timestamp offsets" tcptwrecycle went away in 2017. Zhouyan Deng reported off-path TCP source port leakage via SYN cookie...
CVE-2025-69534 vulnerabilities
Vulnerabilities for packages: superset...
GHSA-5WMX-573V-2QWQ vulnerabilities
Vulnerabilities for packages: superset...
CVE-2026-3312
Unknown description...
CVE-2026-4359
A compromised third party cloud server or man-in-the-middle attacker could send a malformed HTTP response and cause a crash in applications using the MongoDB C driver...