CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

52 matches found

RedHat Linux•added 2026/06/20 12:28 a.m.•7 views

kernel: Buffer overflow in drivers/xen/sys-hypervisor.c

A flaw was found in the Linux kernel. A buffer overflow vulnerability exists in the Xen hypervisor driver drivers/xen/sys-hypervisor.c. This flaw occurs because the HYPERVISORxenversionXENVERbuildid function returns a build ID that is not properly null-terminated. When the buildidshow function...

7.8CVSS6.1AI score0.00197EPSS

Exploits0References5

AstraLinux•added 2026/06/19 11:10 a.m.•2 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: qca – fixed an issue where information was leaked when fetching the fw build id. Added missing sanity checks and moved the 255-byte build-id buffer off the stack to prevent the leakage of stack data through debugfs,...

7.1CVSS6.6AI score0.0024EPSS

Exploits0References2

AstraLinux•added 2026/06/19 11:10 a.m.•3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: procfs: Avoid fetching the build ID while holding the VMA lock. Fix the PROCMAPQUERY to fetch the optional build ID only after releasing the mmaplock or the per-VMA lock, whichever was used to lock the VMA, to prevent deadlock...

5.5CVSS5.8AI score0.0009EPSS

Exploits0References1

RedHat Linux•added 2026/06/16 7:17 p.m.•7 views

kernel: Buffer overflow in drivers/xen/sys-hypervisor.c

7.8CVSS5.7AI score0.00197EPSS

Exploits0References5

RedHat Linux•added 2026/06/16 6:39 p.m.•6 views

kernel: Buffer overflow in drivers/xen/sys-hypervisor.c

7.8CVSS5.7AI score0.00197EPSS

Exploits0References5

Vulnrichment•added 2026/05/13 4:48 p.m.•9 views

CVE-2026-44573 Next.js: Middleware / Proxy bypass in Pages Router applications using i18n

Next.js is a React framework for building full-stack web applications. From 12.2.0 to before 15.5.16 and 16.2.5, Applications using the Pages Router with i18n configured and middleware/proxy-based authorization can allow unauthorized access to protected page data through locale-less...

7.5CVSS5.8AI score0.00351EPSS

Exploits1References1

SUSE CVE•added 2026/05/07 2:17 a.m.•6 views

SUSE CVE-2026-43178

In the Linux kernel, the following vulnerability has been resolved: procfs: fix possible double mmput in doprocmapquery When user provides incorrectly sized buffer for build ID for PROCMAPQUERY we return with -ENAMETOOLONG error. After recent changes this condition happens later, after we unlocke...

7.8CVSS5.8AI score0.00138EPSS

Exploits0References3

EUVD•added 2026/05/06 12:30 p.m.•7 views

EUVD-2026-27738

5.8AI score0.00138EPSS

Exploits0References5

CVE•added 2026/05/06 11:27 a.m.•15 views

CVE-2026-43178

In the Linux kernel, the procfs component has a vulnerability in do_procmap_query() that can trigger a double mmput() of an mm_struct when a user passes an incorrectly sized buffer for PROCMAP_QUERY's build ID. The root cause is a change that defers cleanup after unlocking mmap_lock and per-VMA, ...

7.8CVSS5.8AI score0.00138EPSS

Exploits0References4Affected Software1

Positive Technologies•added 2026/05/06 12:0 a.m.•7 views

PT-2026-37518

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the procfs component within the do procmap query function. When a user provides an incorrectly sized buffer for the build ID during a PROCMAP QUERY, the system returns a...

7.8CVSS5.8AI score0.00138EPSS

Exploits0References6

RedhatCVE•added 2026/05/01 2:40 p.m.•5 views

CVE-2026-31786

7.8CVSS6AI score0.00197EPSS

Exploits0References4

OSV•added 2026/04/30 11:16 a.m.•1 views

ALPINE-CVE-2026-31786

In the Linux kernel, the following vulnerability has been resolved: Buffer overflow in drivers/xen/sys-hypervisor.c The build id returned by HYPERVISORxenversionXENVERbuildid is neither NUL terminated nor a string. The first causes a buffer overflow as sprintf in buildidshow will read and copy ti...

7.8CVSS6AI score0.00197EPSS

Exploits0References1

Cvelist•added 2026/04/30 10:31 a.m.•28 views

CVE-2026-31786 Buffer overflow in drivers/xen/sys-hypervisor.c

7.8CVSS0.00197EPSS

Exploits0References8

ATTACKERKB•added 2026/04/30 10:31 a.m.•2 views

CVE-2026-31786

7.8CVSS5.9AI score0.00197EPSS

Exploits0References9Affected Software1

CVE•added 2026/04/30 10:31 a.m.•36 views

CVE-2026-31786

The CVE-2026-31786 issue affects the Linux kernel in drivers/xen/sys-hypervisor.c, where HYPERVISOR_xen_version(XENVER_build_id) returned a build_id that is not NUL-terminated, causing a buffer overflow via sprintf in buildid_show. The root cause is that the build_id was not treated as a proper s...

7.8CVSS5.8AI score0.00197EPSS

Exploits0References10Affected Software1

Debian CVE•added 2026/04/30 10:31 a.m.•5 views

CVE-2026-31786

7.8CVSS5.7AI score0.00197EPSS

Exploits0

SUSE CVE•added 2026/02/16 12:25 a.m.•6 views

SUSE CVE-2026-23199

In the Linux kernel, the following vulnerability has been resolved: procfs: avoid fetching build ID while holding VMA lock Fix PROCMAPQUERY to fetch optional build ID only after dropping mmaplock or per-VMA lock, whichever was used to lock VMA under question, to avoid deadlock reported by syzbot:...

5.5CVSS5.2AI score0.0009EPSS

Exploits0References3