CVE-2026-31409

In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset conn-binding on failed binding request When a multichannel SMB2SESSIONSETUP request with SMB2SESSIONREQFLAGBINDING fails ksmbd sets conn-binding = true but never clears it on the error path. This leaves the connectio...

SUSE CVE-2025-68241

In the Linux kernel, the following vulnerability has been resolved: ipv4: route: Prevent rtbindexception from rebinding stale fnhe The sit driver's packet transmission path calls: sittunnelxmit - updateorcreatefnhe, which lead to fnheremoveoldest being called to delete entries exceeding...

CVE-2023-53562 drm/msm: fix vram leak on bind errors

In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix vram leak on bind errors Make sure to release the VRAM buffer also in a case a subcomponent fails to bind. Patchwork: https://patchwork.freedesktop.org/patch/525094/...

EUVD-2023-32695

Malicious code in bioql PyPI...

UBUNTU-CVE-2025-38570

In the Linux kernel, the following vulnerability has been resolved: eth: fbnic: unlink NAPIs from queues on error to open CI hit a UaF in fbnic in the AFXDP portion of the queues.py test. The UaF is in the skmarknapiidonce call in xskbind, NAPI has been freed. Looks like the device failed to open...

kernel: vsock: Keep the binding until socket destruction

A flaw was found in the Linux kernel's virtual socket protocol network driver, where an improperly timed socket unbinding could result in a use-after-free issue. This flaw allows an attacker who can create and destroy arbitrary connections on virtual connections to read or modify system memory,...

CVE-2024-57926

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Set private-alldrmprivatei-drm to NULL if mtkdrmbind returns err The pointer need to be set to NULL, otherwise KASAN complains about use-after-free. Because in mtkdrmbind, all private's drm are set as follows...

SUSE CVE-2010-2954

The irdabind function in net/irda/afirda.c in the Linux kernel before 2.6.36-rc3-next-20100901 does not properly handle failure of the irdaopentsap function, which allows local users to cause a denial of service NULL pointer dereference and panic and possibly have unspecified other impact via...

SUSE CVE-2022-31799

Bottle before 0.12.20 mishandles errors during early request binding...

UBUNTU-CVE-2022-31799

Bottle before 0.12.20 mishandles errors during early request binding...

Binding the certificate gives error "certificate is not a server certificate"

While binding the certificate you might get theerror "certificate is not a server certificate"...

Error: "32 authentication policies are already bound" While Binding Authentication Policy

When multiple policies two-factor are used for one virtual server with the total number of policies exceeding 32, there will be error message popping up "32 authentication policies are already bound"...

Microsoft Edge Charka Failed Re-Parse

Microsoft Edge: Chakra: InterpreterStackFrame::ProcessLinkFailedAsmJsModule incorrectly re-parses CVE-2017-8645 When Chakra fails to link an asmjs module, it tries to re-parse the failed-to-link asmjs function to treat it as a normal javascript function. But it incorrectly handles the case where...

Google Chrome Cross-Site Scripting Vulnerability (CNVD-2016-02450)

Google Chrome is a web browser developed by the American company Google Google. A cross-site scripting vulnerability exists in Google Chrome versions prior to 50.0.2661.75, which stems from an error in the extension binding. A remote attacker can exploit this vulnerability to inject arbitrary web...

CVE-2001-1433

Cherokee web server before 0.2.7 does not properly drop root privileges after binding to port 80, which could allow remote attackers to gain privileges via other vulnerabilities...