CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 5 days ago•5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: The risk of out-of-memory access has been prevented. The dvbdev module contains a static variable used to store dvb minors. Its behavior depends on whether CONFIGDVBDYNAMICMINORS is set or not. When it is not set,...

5.5CVSS6.1AI score0.00272EPSS

AstraLinux•added 5 days ago•5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: The denominator pbndiv is checked before being used. WHAT & HOW The denominator cannot be 0, and this check is performed before it is used. This fix addresses a Divide-by-zero issue reported by Coverity...

5.5CVSS6.1AI score0.00237EPSS

AstraLinux•added 5 days ago•6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: media: amphion: Fixed issues related to REVERSEINULL reported by Coverity. Null-checking of a pointor was suggested before dereferencing it...

5.5CVSS5.6AI score0.00185EPSS

Exploits0References1

AstraLinux•added 5 days ago•1 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/amd/display: The denominator “cbppipes” must not be 0; it is checked before being used. WHAT & HOW The denominator cannot be 0, and is checked before being used. This fix addresses two “DIVIDEBYZERO” issues reported by...

5.5CVSS6.2AI score0.00238EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: i40e: Fixed a use-after-free in i40eclientsubtask. Currently, the call to i40eclientdelinstance frees the object pf-cinst. However, pf-cinst-laninfo is accessed after the object is freed. This issue was fixed by adding the...

7.8CVSS6.2AI score0.00239EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iwlwifi: mei: fixed potential NULLptr dereferencing issues. If SKB allocation fails, continue instead of using a NULL pointer. Coverity CID: 1497650...

5.5CVSS5.3AI score0.00237EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm: zynqmpdp: Fixed integer overflow in zynqmpdprateget This patch addresses a potential integer overflow in zynqmpdprateget. The issue arises when the expression drmdpbwcodetolinkratedp-test.bwcode 10000 is evaluated using...

5.5CVSS5.6AI score0.00169EPSS

Exploits0References1

AstraLinux•added 2026/05/03 11:59 p.m.•6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: The value of UnboundedRequestEnabled was checked. The UnboundedRequestEnabled parameter in CalculateSwathAndDETConfigurationparamsst is a pointer i.e., dmlboolt UnboundedRequestEnabled. Therefore, if...

5.5CVSS5.6AI score0.00191EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: mt76: mt7921: Resource leaks in mt7921checkoffloadcapability The coverage issue related to resource leaks was fixed. In this case, the variable “fw” goes out of scope, causing the storage it points to to be leaked. This iss...

5.5CVSS5.1AI score0.00125EPSS

Tenable Nessus•added 2026/04/21 12:0 a.m.•0 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013270)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013270 advisory. In the Linux kernel, the following vulnerability has been resolved: net: fix skb leak in skbtstamptx Commit 50749f2dd685 tcp/udp: Fix memleaks of sk and zerocopy skb...

5.6AI score0.00193EPSS

EUVD•added 2026/03/27 3:30 p.m.•2 views

EUVD-2026-16595

Vulnerable versions of Coverity Connect lack an error handler in the authentication logic for command line tooling that makes it vulnerable to an authentication bypass. A malicious actor with access to the /token API endpoint that either knows or guesses a valid username, can use this in a...

NVD•added 2026/03/27 3:16 p.m.•5 views

Exploits0References5

CVE-2026-1496

9.3CVSS0.00478EPSS

ATTACKERKB•added 2026/03/27 2:14 p.m.•2 views

CVE-2026-1496

Exploits0References5Affected Software1

Cvelist•added 2026/03/27 2:14 p.m.•23 views

CVE-2026-1496 Coverity CLI Authentication Bypass

9.3CVSS0.00478EPSS

Vulnrichment•added 2026/03/27 2:14 p.m.•3 views

CVE-2026-1496 Coverity CLI Authentication Bypass

CVE•added 2026/03/27 2:14 p.m.•20 views

CVE-2026-1496

Coverity Connect CLI authentication bypass (CVE-2026-1496) affects vulnerable versions of Coverity Connect. The root cause is a missing error handler in the authentication logic for command line tooling, enabling an attacker with access to the /token endpoint to craft a request that bypasses auth...

CNNVD•added 2026/03/27 12:0 a.m.•4 views

Synopsys Coverity Connect 安全漏洞

Synopsys Coverity Connect is a web-based platform provided by Synopsys, Inc. It primarily consists of static code analysis tools and dynamic code analysis tools. Synopsys Coverity Connect has security vulnerabilities; one of these vulnerabilities stems from the identity verification logic in the...

9.3CVSS5.9AI score0.00478EPSS