UBUNTU-CVE-2026-23679

libusb before version 1.0.30 contains a NULL pointer dereference vulnerability that allows attackers to crash applications by supplying a malformed USB configuration descriptor where an interface claims bNumEndpoints greater than zero but is followed by a class-specific descriptor whose bLength...

CVE-2026-23679

libusb before version 1.0.30 contains a NULL pointer dereference vulnerability that allows attackers to crash applications by supplying a malformed USB configuration descriptor where an interface claims bNumEndpoints greater than zero but is followed by a class-specific descriptor whose bLength...

PT-2026-43696

libusb before version 1.0.30 contains a NULL pointer dereference vulnerability that allows attackers to crash applications by supplying a malformed USB configuration descriptor where an interface claims bNumEndpoints greater than zero but is followed by a class-specific descriptor whose bLength...

Linux Distros Unpatched Vulnerability : CVE-2026-23009

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xhci: sideband: don't dereference freed ring when removing sideband endpoint xhcisidebandremoveendpoint incorrecly assumes that the endpoint is running and has ...

EUVD-2021-34746

Hasura GraphQL 1.3.3 contains a denial of service vulnerability that allows attackers to overwhelm the service by crafting malicious GraphQL queries with excessive nested fields. Attackers can send repeated requests with extremely long query strings and multiple threads to consume server resource...

OESA-2025-2757 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in QEMU. An assertion failure was present in the usbepget function in hw/net/core.c when trying to get the USB endpoint from a USB device. This flaw may allow a malicious...

EUVD-2024-51824

Malicious code in bioql PyPI...

CVE-2024-53153 PCI: qcom-ep: Move controller cleanups to qcom_pcie_perst_deassert()

In the Linux kernel, the following vulnerability has been resolved: PCI: qcom-ep: Move controller cleanups to qcompcieperstdeassert Currently, the endpoint cleanup function dwpcieepcleanup and EPF deinit notify function pciepcdeinitnotify are called during the execution of qcompcieperstassert i.e...

CVE-2024-53152 PCI: tegra194: Move controller cleanups to pex_ep_event_pex_rst_deassert()

In the Linux kernel, the following vulnerability has been resolved: PCI: tegra194: Move controller cleanups to pexepeventpexrstdeassert Currently, the endpoint cleanup function dwpcieepcleanup and EPF deinit notify function pciepcdeinitnotify are called during the execution of...

CVE-2024-53152

CVE-2024-53152 is a Linux kernel vulnerability affecting Tegra194 PCIe endpoints. The issue: when PERST# is asserted and refclk is disabled, endpoint cleanup paths (dw_pcie_ep_cleanup and pci_epc_deinit_notify) access hardware registers, crashing the endpoint due to host-required refclk. The fix ...