5125 matches found
CVE-2026-52954
In the Linux kernel, the following vulnerability has been resolved: libceph: handle rbtree insertion error in decodechooseargs A message of type CEPHMSGOSDMAP contains an OSD map that itself contains a CRUSH map. The received CRUSH map may optionally contain chooseargs that get decoded in...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: dpll: Prevent duplicate registrations. The internal registration helper function dpllxarefdpll,pinadd has been modified to reject duplicate registration attempts. Previously, if a caller attempted to register the same pin multipl...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: net/handshake: Duplicate handshake cancellations cause a socket leak. When a handshake request is cancelled, it is removed from the handshakenet-hnrequests list, but it remains in the handshakerhashtbl until it is destroyed. If a...
Oracle Linux 9 : cockpit (ELSA-2026-21468)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-21468 advisory. 356.2-1.0.1 - Apply the patch for duplicate reference Orabug: 39250109 - Storage: Enable btrfs support Orabug: 37464632 - Replaced upstream urls in documentati...
CVE-2026-56120
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as it's a duplicate of CVE-2026-56784...
EUVD-2026-38369
Capgo before 12.128.2 contains a weak parsing vulnerability in the x-limited-key-id header that allows attackers to bypass subkey enforcement by submitting malformed values, zero, or duplicate headers that result in NaN or falsy values. Remote attackers can manipulate the x-limited-key-id header ...
CVE-2026-8358
A heap-based buffer overflow vulnerability was discovered in LibreOffice Calc's spreadsheet importer. When processing tracked changes from a spreadsheet document, the application fails to properly handle duplicate change identifiers. By reusing the same change identifier for two distinct types of...
Security Bulletin: Vulnerability in Undici affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.
Summary Potential vulnerability in Undici has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabilit...
Linux Distros Unpatched Vulnerability : CVE-2026-54388
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Tinyproxy through 1.11.3, fixed in commit 364cdb6, fails to reject requests containing multiple Content- Length headers with differing values, forwarding all...
Malicious code in @briskforge/envcheck (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09dba573f5d6cb00b09562870f2148b3e539786f5d801f2a263338301d759313 The package advertises itself as a tiny environment-variable validator but ships lib/preflight.js, a heavily obfuscated obfuscator.io string-array...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: perf bpf: A memory leak was avoided in perfenvinsertbtf. The perfenvinsertbtf function does not insert entries if a duplicate BTF ID is encountered, which can lead to a memory leak. The function should now return a success/err...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/panel/panel-tpo-tpg110: fixed a possible null pointer dereferencing issue. In tpg110getmodes, the return value of drmmodeduplicate is assigned to mode. This could lead to a NULL pointer dereferencing issue if drmmodeduplicate...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: Tracing: Ensure visibility when inserting an element into tracingmap. Running the following two commands in parallel on a multi-processor AArch64 machine may occasionally generate an unexpected warning regarding duplicate...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5: Properly linking new fs rules into the tree Previously, addrulefg would only add newly created rules from the handle into the tree when their refcount was 1. On the other hand, createflowhandle attempts to find and...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: fixed a possible null pointer dereferencing issue. In radeonfpnativemode, the return value of drmmodeduplicate is assigned to mode, which could lead to a NULL pointer dereferencing issue upon failure of...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid unregistering PSP twice. PSP is unregistered twice in the following functions: mlx5eremove - mlx5epspunregister mlx5eniccleanup - mlx5epspunregister This leads to a refcount underflow under certain conditions:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: Fix for duplicate devices in netdev hooks When handling NETDEVREGISTER notifications, duplicate device registrations must be avoided, as the device might have been added by nftnetdevhookalloc during the...
Astra Linux – Vulnerability in pcre2
A out-of-bounds read vulnerability was discovered in the PCRE2 library, specifically in the getrecursedatalength function of the pcre2jitcompile.c file. This issue affects recursions in JIT-compiled regular expressions due to duplicate data transfers...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: md/raid5: Unnecessary bioput calls in raid5readonechunk have been removed. When performing chunk-sized reads on disks with badblocks, it was observed that calls to biofree and bioput were duplicated...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Firmware: armffa: Fixed FFA device names for logical partitions. Each physical partition can provide multiple services, each with a unique UUID. Each such service can be represented as a logical partition with a unique combinatio...