Lucene search
K

140 matches found

OSV
OSV
added 2 days ago3 views

DEBIAN-CVE-2026-45095

Bulletin has no description...

5.9AI score
Exploits0References1
OSV
OSV
added 2026/07/01 2:16 p.m.4 views

DEBIAN-CVE-2026-53353

In the Linux kernel, the following vulnerability has been resolved: hsr: Remove WARNONCE in hsraddrisself. syzbot reported the warning 0 in hsraddrisself, whose assumption is simply wrong. hsr-selfnode is cleared in hsrdelselfnode, which is called from hsrdellink. Since dev-rtnllinkops-dellink is...

5.7AI score0.00156EPSS
Exploits0References1
OSV
OSV
added 2026/07/01 2:16 p.m.2 views

DEBIAN-CVE-2026-53350

In the Linux kernel, the following vulnerability has been resolved: ASoC: wmadsp: Fix NULL dereference when removing firmware controls In wmadspcontrolremove check that the priv pointer is not NULL before attempting to cleanup what it points to. When csdsp creates a control it calls...

5.7AI score0.00161EPSS
Exploits0References1
OSV
OSV
added 2026/07/01 2:16 p.m.2 views

DEBIAN-CVE-2026-53346

In the Linux kernel, the following vulnerability has been resolved: rust: arm64: set uwtable llvm module flag for CONFIGUNWINDTABLES Due to a rustc bug 1 the -Cforce-unwind-tables=y flag only emits the uwtable annotation for functions, but not for the module. This means that compiler-generated...

5.7AI score0.00156EPSS
Exploits0References1
OSV
OSV
added 2026/07/01 2:16 p.m.2 views

DEBIAN-CVE-2026-53337

In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix NULL pointer dereference in bonddoioctl In bonddoioctl, slavedev is obtained via devgetbyname which can return NULL if the requested interface name does not exist. However, the subsequent slavedbg call is placed...

5.7AI score0.00164EPSS
Exploits0References1
OSV
OSV
added 2026/06/28 3:16 p.m.6 views

DEBIAN-CVE-2026-13502

A flaw has been found in antlr ANTLR4 up to 4.13.2. This affects the function ObjectInputStream.readObject of the file antlr4-maven-plugin/src/main/java/org/antlr/mojo/antlr4/GrammarDependencies.java of the component Maven Plugin. This manipulation causes time-of-check time-of-use. The attack is...

2CVSS5.2AI score0.00091EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 2:16 p.m.2 views

DEBIAN-CVE-2026-52690

Spoofing replies to Recursor might mark an IP of an authoritative server as not supporting EDNS, causing valdiation of DNSSEC records served by that server to fail...

5.9CVSS5.8AI score0.00352EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 1:16 p.m.3 views

DEBIAN-CVE-2026-40208

An attacker might be able to delay the processing of DoH3 queries by sending DoH3 GET queries with an invalid DATA frame...

3.7CVSS5.8AI score0.00285EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 9:16 a.m.2 views

DEBIAN-CVE-2026-53266

In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: make ebtsnat ARP rewrite writable The ebtables SNAT target keeps the Ethernet source address rewrite behind skbensurewritableskb, 0. This is intentional: at the bridge ebtables hooks the Ethernet header is...

8.8CVSS5.7AI score0.00129EPSS
Exploits0References1
OSV
OSV
added 2026/06/24 5:17 p.m.4 views

DEBIAN-CVE-2026-53111

In the Linux kernel, the following vulnerability has been resolved: bpf: testrun: Fix the null pointer dereference issue in bpflwtxmitpushencap The bpflwtxmitpushencap helper needs to access skbdstskb-dev to calculate the needed headroom: err = skbcowheadskb, len + LLRESERVEDSPACEskbdstskb-dev; B...

5.6AI score0.00176EPSS
Exploits0References1
OSV
OSV
added 2026/06/24 5:17 p.m.3 views

DEBIAN-CVE-2026-53057

In the Linux kernel, the following vulnerability has been resolved: iommu/riscv: Add IOTINVAL after updating DDT/PDT entries Add riscviommuiodiriotinval to perform required TLB and context cache invalidations after updating DDT or PDT entries, as mandated by the RISC-V IOMMU specification Section...

8.8CVSS5.7AI score0.00127EPSS
Exploits0References1
OSV
OSV
added 2026/06/24 5:17 p.m.2 views

DEBIAN-CVE-2026-53043

In the Linux kernel, the following vulnerability has been resolved: ocfs2/dlm: validate qrnumregions in dlmmatchregions Patch series "ocfs2/dlm: fix two bugs in dlmmatchregions". In dlmmatchregions, the qrnumregions field from a DLMQUERYREGION network message is used to drive loops over the...

9.1CVSS5.8AI score0.00521EPSS
Exploits0References1
OSV
OSV
added 2026/06/24 5:17 p.m.2 views

DEBIAN-CVE-2026-53030

In the Linux kernel, the following vulnerability has been resolved: i3c: master: renesas: Fix memory leak in renesasi3ci3cxfers The xfer structure allocated by renesasi3callocxfer was never freed in the renesasi3ci3cxfers function. Use the freekfree cleanup attribute to automatically free the...

5.6AI score0.00166EPSS
Exploits0References1
OSV
OSV
added 2026/06/24 5:17 p.m.6 views

DEBIAN-CVE-2026-53001

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: restrict several matches to inet family This is a partial revert of: commit ab4f21e6fb1c "netfilter: xtables: use NFPROTOUNSPEC in more extensions" to allow ipv4 and ipv6 only. - xtmac - xtowner - xtphysdev...

5.7AI score0.00176EPSS
Exploits0References1
OSV
OSV
added 2026/06/24 8:16 a.m.4 views

DEBIAN-CVE-2026-52934

In the Linux kernel, the following vulnerability has been resolved: batman-adv: tvlv: reject oversized TVLV packets batadvtvlvcontainerogmappend builds a TVLV packet section from the tvlv.containerlist. The total size of this section is computed by batadvtvlvcontainerlistsize, which sums the size...

8.8CVSS5.6AI score0.00247EPSS
Exploits0References1
OSV
OSV
added 2026/06/19 3:16 p.m.5 views

DEBIAN-CVE-2026-52909

In the Linux kernel, the following vulnerability has been resolved: ip6vti: set netnsimmutable on the fallback device. john1988 and Noam Rathaus reported that vti6initnet does not set the netnsimmutable flag on the per-netns fallback tunnel device ip6vti0. Other similar tunnel drivers like...

7.8CVSS5.7AI score0.0012EPSS
Exploits0References1
OSV
OSV
added 2026/06/17 1:20 p.m.4 views

DEBIAN-CVE-2026-2604

A flaw was found in evolution-data-server. Inconsistent comparison logic in the addressbook file backend allows a Flatpak application with D-Bus access to craft a malicious URI containing directory traversal sequences. This URI is stored without proper validation during contact creation or...

5.6CVSS5.5AI score0.00189EPSS
Exploits0References1
OSV
OSV
added 2026/06/12 6:16 p.m.15 views

DEBIAN-CVE-2026-44172

MariaDB server is a community developed fork of MySQL server. In versions 3.3.18 and 3.4.8, an application that was taking non-validated user input, escaping it with mysqlrealescapestring and sending it to the database using text protocol and big5 character set was vulnerable to SQL injections,...

9.8CVSS5.5AI score0.00419EPSS
Exploits0References1
OSV
OSV
added 2026/06/12 2:47 p.m.7 views

DEBIAN-CVE-2026-47729

Bulletin has no description...

5AI score
Exploits1References1
OSV
OSV
added 2026/06/10 11:16 p.m.8 views

DEBIAN-CVE-2026-46692

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache service can cause a heap buffer over-write in the server process. This issue has been patched in...

4.1CVSS5.5AI score0.00092EPSS
Exploits0References1
Rows per page
Query Builder