16492 matches found
PYSEC-2026-349 H2O affected by a deserialization vulnerability
A deserialization vulnerability exists in h2oai/h2o-3 versions = 3.46.0.7, allowing attackers to read arbitrary system files and execute arbitrary code. The vulnerability arises from improper handling of JDBC connection parameters, which can be exploited by bypassing regular expression checks and...
CVE-2026-53286
A flaw was found in the Linux kernel. Specifically, a double free and use-after-free vulnerability exists in the idpf driver's auxiliary device error paths. This flaw occurs when auxiliarydeviceadd fails, leading to improper memory handling where memory is freed twice or accessed after being free...
CVE-2026-53294
A flaw was found in the Linux kernel's mailbox subsystem. This vulnerability occurs when the receive RX channel is aliased to the transmit TX channel with a different Memory-Mapped I/O MMIO and is not properly handled during the freeing of channels. This can lead to a double-free condition, which...
CVE-2026-53297
A flaw was found in the Linux kernel's mana network driver. This vulnerability occurs when the manaremove function is invoked a second time without proper checks after a power management PM resume failure and subsequent driver unbinding. A local attacker could exploit this double invocation to...
kernel: RDMA/vmw_pvrdma: Fix double free on pvrdma_alloc_ucontext() error path
A flaw was found in the Linux kernel, specifically within the RDMA Remote Direct Memory Access vmwpvrdma module. This vulnerability is a double free, which means the system attempts to release the same memory resource twice. This can occur in an error handling path within the pvrdmaallocucontext...
OSV-2026-995 Heap-double-free in dxf_entities_read
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=528859714 Crash type: Heap-double-free Crash state: dxfentitiesread dwgreaddxf llvmfuzz.c...
PT-2026-53706
Name of the Vulnerable Software and Affected Versions iOS versions prior to 26.5.2 iPadOS versions prior to 26.5.2 macOS Tahoe versions prior to 26.5.2 Description A double free issue, which occurs when the system attempts to free the same memory location twice, was addressed with improved memory...
About the security content of macOS Tahoe 26.5.2
About the security content of macOS Tahoe 26.5.2 This update delivers security fixes that were first made available in the macOS Tahoe 26.6 beta. This document describes the security content of macOS Tahoe 26.5.2. About Apple security updates For our customers' protection, Apple doesn't disclose,...
SUSE CVE-2026-53286
In the Linux kernel, the following vulnerability has been resolved: idpf: fix double free and use-after-free in aux device error paths When auxiliarydeviceadd fails in idpfplugvportauxdev or idpfplugcoreauxdev, the errauxdevadd label calls auxiliarydeviceuninit and falls through to errauxdevinit...
SUSE CVE-2026-53297
In the Linux kernel, the following vulnerability has been resolved: net: mana: Guard manaremove against double invocation If PM resume fails e.g., manaattach returns an error, manaprobe calls manaremove, which tears down the device and sets gd-gdmacontext = NULL and gd-driverdata = NULL. However,...
Linux Distros Unpatched Vulnerability : CVE-2026-53233
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netdev: fix double-free in netdevnlbindrxdoit Sashiko flags that genlmsgreply always consumes the skb. The error path calls nlmsgfreersp so we can't jump direct...
Linux Distros Unpatched Vulnerability : CVE-2026-53294
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mailbox: mailbox-test: don't free the reused channel The RX channel can be aliased to the TX channel if it has a different MMIO. This special case needs to be...
Linux Distros Unpatched Vulnerability : CVE-2026-53297
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: mana: Guard manaremove against double invocation If PM resume fails e.g., manaattach returns an error, manaprobe calls manaremove, which tears down the...
Linux Distros Unpatched Vulnerability : CVE-2026-52987
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdgpu: avoid double drmexecfini in userq validate When newaddition is true, amdgpuuserqvmvalidate calls drmexecfini&exec before iterating over the collecte...
Linux Distros Unpatched Vulnerability : CVE-2026-53198
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: fix use-after-free of a deferred filelock on double SMB2CANCEL A deferred byte-range lock an SMB2LOCK that blocks registers an async work on...
Linux Distros Unpatched Vulnerability : CVE-2026-53067
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PCI: endpoint: pci-ep-msi: Fix error unwind and prevent double alloc pciepfallocdoorbell stores the allocated doorbell message array in epf-dbmsg/epf-numdb befo...
EUVD-2026-39485
pnpm: Reserved bin name deletes PNPMHOME during global remove...
CVE-2026-52987
A flaw was found in the Linux kernel. A double free vulnerability exists in the drm/amdgpu component within the userq validate function. This issue arises because the drmexecfini function is called twice on the same execution object, which is not designed to be idempotent. An attacker could...
DEBIAN-CVE-2026-53294
In the Linux kernel, the following vulnerability has been resolved: mailbox: mailbox-test: don't free the reused channel The RX channel can be aliased to the TX channel if it has a different MMIO. This special case needs to be handled when freeing the channels otherwise a double-free occurs...
CVE-2026-53294
In the Linux kernel, the following vulnerability has been resolved: mailbox: mailbox-test: don't free the reused channel The RX channel can be aliased to the TX channel if it has a different MMIO. This special case needs to be handled when freeing the channels otherwise a double-free occurs...