2385 matches found
CVE-2026-9132 Missing authorization vulnerability in GitHub Enterprise Server allowed disclosure of private repository contents via the Copilot pull request diff summary endpoint
A missing authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user to read source code from private repositories they did not have access to. The Copilot pull request description diff summary endpoint accepted a cross-repository comparison range an...
postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison
A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...
CVE-2026-53309
A flaw was found in the Linux kernel's OCFS2 Distributed Lock Manager DLM component. An off-by-one error in the dlmmatchregions function's region comparison loop causes it to read beyond the valid memory range of qrregions. This out-of-bounds read could lead to system instability or crashes...
SUSE CVE-2026-53309
In the Linux kernel, the following vulnerability has been resolved: ocfs2/dlm: fix off-by-one in dlmmatchregions region comparison The local-vs-remote region comparison loop uses '=' instead of '', causing it to read one entry past the valid range of qrregions. The other loops in the same functio...
Linux Distros Unpatched Vulnerability : CVE-2026-53309
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ocfs2/dlm: fix off-by-one in dlmmatchregions region comparison The local-vs-remote region comparison loop uses '=' instead of '', causing it to read one entry...
DEBIAN-CVE-2026-53309
In the Linux kernel, the following vulnerability has been resolved: ocfs2/dlm: fix off-by-one in dlmmatchregions region comparison The local-vs-remote region comparison loop uses '=' instead of '', causing it to read one entry past the valid range of qrregions. The other loops in the same functio...
CVE-2026-53309
In the Linux kernel, the following vulnerability has been resolved: ocfs2/dlm: fix off-by-one in dlmmatchregions region comparison The local-vs-remote region comparison loop uses '=' instead of '', causing it to read one entry past the valid range of qrregions. The other loops in the same functio...
EUVD-2026-39844
In the Linux kernel, the following vulnerability has been resolved: ocfs2/dlm: fix off-by-one in dlmmatchregions region comparison The local-vs-remote region comparison loop uses '=' instead of '', causing it to read one entry past the valid range of qrregions. The other loops in the same functio...
CVE-2026-53309 ocfs2/dlm: fix off-by-one in dlm_match_regions() region comparison
In the Linux kernel, the following vulnerability has been resolved: ocfs2/dlm: fix off-by-one in dlmmatchregions region comparison The local-vs-remote region comparison loop uses '=' instead of '', causing it to read one entry past the valid range of qrregions. The other loops in the same functio...
CVE-2026-53309
In the Linux kernel, the following vulnerability has been resolved: ocfs2/dlm: fix off-by-one in dlmmatchregions region comparison The local-vs-remote region comparison loop uses '=' instead of '', causing it to read one entry past the valid range of qrregions. The other loops in the same functio...
CVE-2026-53309
In the Linux kernel, the following vulnerability has been resolved: ocfs2/dlm: fix off-by-one in dlmmatchregions region comparison The local-vs-remote region comparison loop uses '=' instead of '', causing it to read one entry past the valid range of qrregions. The other loops in the same functio...
CVE-2026-53309
CVE-2026-53309 relates to the Linux kernel OCFS2 DLM component. A bug in the dlm_match_regions() region comparison used a <= bound, allowing reads beyond the valid range of qr_regions. The fix modifies the loop condition to use
EUVD-2026-39570
The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2 security on that code path. The constant-time comparison effectively ignored part of the re-encrypted ciphertext, so a decapsulating par...
DEBIAN-CVE-2026-6330
The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2 security on that code path. The constant-time comparison effectively ignored part of the re-encrypted ciphertext, so a decapsulating par...
CVE-2026-6330
The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2 security on that code path. The constant-time comparison effectively ignored part of the re-encrypted ciphertext, so a decapsulating par...
CVE-2026-6329 PKCS#12 MAC verification uses attacker-controlled comparison length
PKCS12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. The PKCS12 verify path compared the locally computed HMAC against the MAC parsed from the PKCS12 structure using a length taken directly fr...
CVE-2026-6330 ML-KEM ARM64 NEON ciphertext comparison only compares half of the input
The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2 security on that code path. The constant-time comparison effectively ignored part of the re-encrypted ciphertext, so a decapsulating par...
CVE-2026-10097
wolfSSL's AVX2-optimized ML-KEM implementation mlkemcmpavx2 compares only 1536 of the 1568 ciphertext bytes during the Fujisaki-Okamoto re-encryption check in ML-KEM-1024 decapsulation. Ciphertexts that differ from the expected re-encryption solely in bytes 1536-1567 bypass implicit rejection and...
EUVD-2026-39553
ML-KEM-1024 x64 AVX2 implicit rejection failure in the Fujisaki-Okamoto transform breaks IND-CCA2 security, allowing decapsulation to deviate from the implicit-rejection behavior required by the standard. The AVX2 constant-time ciphertext comparison used during decapsulation never compared the...
CVE-2026-10097 ML-KEM-1024 x64 AVX2 incomplete cipher text comparison enables IND-CCA2 break and static private-key recovery
wolfSSL's AVX2-optimized ML-KEM implementation mlkemcmpavx2 compares only 1536 of the 1568 ciphertext bytes during the Fujisaki-Okamoto re-encryption check in ML-KEM-1024 decapsulation. Ciphertexts that differ from the expected re-encryption solely in bytes 1536-1567 bypass implicit rejection and...