Lucene search
K

9199 matches found

NVD
NVD
added 2026/05/28 10:16 a.m.17 views

CVE-2026-46219

In the Linux kernel, the following vulnerability has been resolved: spi: mpc52xx: fix use-after-free on unbind The state machine work is scheduled by the interrupt handler and therefore needs to be cancelled after disabling interrupts to avoid a potential use-after-free...

7.8CVSS0.00135EPSS
Exploits0References8
CVE
CVE
added 2026/05/28 9:41 a.m.52 views

CVE-2026-46241

CVE-2026-46241 concerns the SPI driver for the MPC52xx in the Linux kernel, where a use-after-free can occur if controller registration fails because interrupts are not properly disabled and freed. The issue is resolved by a fix that ensures interrupts are disabled and resources freed on registra...

7.8CVSS5.8AI score0.00125EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/05/28 9:40 a.m.29 views

CVE-2026-46219

CVE-2026-46219 concerns a use-after-free in the SPI mpc52xx path of the Linux kernel. The description indicates the state machine work is scheduled by the interrupt handler and must be cancelled after interrupts are disabled to avoid use-after-free. Connected OSV entries show patches in rootio-li...

7.8CVSS5.7AI score0.00135EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/05/28 9:40 a.m.31 views

CVE-2026-46200 spi: mpc52xx: fix controller deregistration

In the Linux kernel, the following vulnerability has been resolved: spi: mpc52xx: fix controller deregistration Make sure to deregister the controller before disabling and releasing underlying resources like interrupts and gpios during driver unbind...

0.00127EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/28 4:37 a.m.11 views

CVE-2026-9798

A flaw was found in Keycloak, an open-source identity and access management solution. When a user account is temporarily locked due to repeated failed login attempts, an attacker with valid client credentials can exploit the Client-Initiated Backchannel Authentication CIBA flow to bypass this...

4.3CVSS5.7AI score0.00206EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:53 a.m.10 views

SUSE CVE-2026-46074

In the Linux kernel, the following vulnerability has been resolved: spi: ch341: fix memory leaks on probe failures Make sure to deregister the controller, disable pins, and kill and free the RX URB on probe failures to mirror disconnect and avoid memory leaks and use-after-free. Also add an...

6.1CVSS5.8AI score0.00119EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:52 a.m.9 views

SUSE CVE-2026-46084

In the Linux kernel, the following vulnerability has been resolved: RDMA/manaib: Disable RX steering on RSS QP destroy When an RSS QP is destroyed e.g. DPDK exit, manaibdestroyqprss destroys the RX WQ objects but does not disable vPort RX steering in firmware. This leaves stale steering...

5.5CVSS5.7AI score0.00129EPSS
Exploits0References3
AlmaLinux
AlmaLinux
added 2026/05/28 12:0 a.m.16 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: proc: use the same treatment to check proclseek as ones for procreaditer et.al CVE-2025-38653 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183...

9.4CVSS5.5AI score0.00514EPSS
Exploits0References40
Oracle linux
Oracle linux
added 2026/05/28 12:0 a.m.21 views

kernel security update

4.18.0-553.126.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

9.4CVSS6.3AI score0.00514EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.7 views

WordPress plugin PeachPay — Payments & Express Checkout for WooCommerce 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The WordPres...

4.3CVSS5.7AI score0.00138EPSS
Exploits0References8
Oracle linux
Oracle linux
added 2026/05/28 12:0 a.m.17 views

firefox security update

140.11.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 - diable wasisdk to prevent build failure with newer llvm 140.11.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 140.11.0-1 - Update to 140.11.0 ESR...

9.8CVSS5.8AI score0.00605EPSS
Exploits0
EUVD
EUVD
added 2026/05/27 3:33 p.m.9 views

EUVD-2025-209971

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix NULL pointer dereference on panthorfwunplug This patch removes the MCU halt and wait for halt procedures during panthorfwunplug as the MCU can be in a variety of states or the FW may not even be loaded/initialize...

5.7AI score0.00137EPSS
Exploits0References3
NVD
NVD
added 2026/05/27 2:17 p.m.10 views

CVE-2026-46074

In the Linux kernel, the following vulnerability has been resolved: spi: ch341: fix memory leaks on probe failures Make sure to deregister the controller, disable pins, and kill and free the RX URB on probe failures to mirror disconnect and avoid memory leaks and use-after-free. Also add an...

5.5CVSS0.00119EPSS
Exploits0References4
NVD
NVD
added 2026/05/27 2:17 p.m.9 views

CVE-2026-46036

In the Linux kernel, the following vulnerability has been resolved: vfio/cdx: Serialize VFIODEVICESETIRQS with a per-device mutex vfiocdxsetmsitrigger reads vdev-configmsi and operates on the vdev-cdxirqs array based on its value, but provides no serialization against concurrent VFIODEVICESETIRQS...

7.8CVSS0.00125EPSS
Exploits0References4
OSV
OSV
added 2026/05/27 2:17 p.m.6 views

UBUNTU-CVE-2026-45977

In the Linux kernel, the following vulnerability has been resolved: fbnic: close fwlog race between users and teardown Fixes a theoretical race on fwlog between the teardown path and fwlog write functions. fwlog is written inside fbnicfwlogwrite and can be reached from the mailbox handler...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/05/27 12:58 p.m.10 views

CVE-2026-46084

In the Linux kernel, the following vulnerability has been resolved: RDMA/manaib: Disable RX steering on RSS QP destroy When an RSS QP is destroyed e.g. DPDK exit, manaibdestroyqprss destroys the RX WQ objects but does not disable vPort RX steering in firmware. This leaves stale steering...

7.8CVSS5.7AI score0.00129EPSS
Exploits0
CVE
CVE
added 2026/05/27 12:58 p.m.23 views

CVE-2026-46084

CVE-2026-46084 : In the Linux kernel, the mana_ib driver fails to disable vPort RX steering when destroying RSS QP, leaving stale steering that may reference freed RX WQ objects. If traffic continues and a VF is brought up, the firmware can deliver completions using old CQ IDs, causing RX complet...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:58 p.m.6 views

CVE-2026-46084

In the Linux kernel, the following vulnerability has been resolved: RDMA/manaib: Disable RX steering on RSS QP destroy When an RSS QP is destroyed e.g. DPDK exit, manaibdestroyqprss destroys the RX WQ objects but does not disable vPort RX steering in firmware. This leaves stale steering...

5.7AI score0.00129EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/05/27 12:58 p.m.14 views

EUVD-2026-32456

In the Linux kernel, the following vulnerability has been resolved: spi: ch341: fix memory leaks on probe failures Make sure to deregister the controller, disable pins, and kill and free the RX URB on probe failures to mirror disconnect and avoid memory leaks and use-after-free. Also add an...

5.8AI score0.00119EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:58 p.m.6 views

CVE-2026-46074

In the Linux kernel, the following vulnerability has been resolved: spi: ch341: fix memory leaks on probe failures Make sure to deregister the controller, disable pins, and kill and free the RX URB on probe failures to mirror disconnect and avoid memory leaks and use-after-free. Also add an...

5.8AI score0.00119EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder