Lucene search
+L

397 matches found

Cvelist
Cvelist
added 2026/07/10 5:25 p.m.34 views

CVE-2026-56667 ZITADEL: Stored XSS via Default URI Redirect in Login V2

ZITADEL is an open source identity management platform. Prior to 4.15.3, ZITADEL Login V2 OIDC and SAML FailedPrecondition error paths return loginSettings.defaultRedirectUri to router.push without applying the isSafeRedirectUri check, allowing an organization or instance administrator to store a...

7.3CVSS0.00225EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2026/07/10 9:24 a.m.6 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2026-31771: Bluetooth: hcievent: move wake reason storage into validated event handlers bsc1264145. CVE-2026-43038: ipv6: icmp: clear skb2-cb in ip6errgenicmpv6unrea...

9.3CVSS6.8AI score0.00385EPSS
Exploits17References120
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2026-53156

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nvmem: core: fix use-after-free bugs in error paths Fix several instances of error paths in which we call nvmemdeviceput - which may end up freeing the underlyi...

7.8CVSS6.1AI score0.00125EPSS
Exploits0References4
OSV
OSV
added 2026/06/26 8:17 p.m.9 views

DEBIAN-CVE-2026-53308

In the Linux kernel, the following vulnerability has been resolved: power: supply: max77705: Free allocated workqueue and fix removal order Use devm interface for allocating workqueue to fix two bugs at the same time: 1. Driver leaks the memory on remove, because the workqueue is not destroyed. 2...

5.5CVSS5.8AI score0.001EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 8:17 p.m.11 views

CVE-2026-53286

In the Linux kernel, the following vulnerability has been resolved: idpf: fix double free and use-after-free in aux device error paths When auxiliarydeviceadd fails in idpfplugvportauxdev or idpfplugcoreauxdev, the errauxdevadd label calls auxiliarydeviceuninit and falls through to errauxdevinit...

7.8CVSS0.00126EPSS
Exploits0References3
OSV
OSV
added 2026/06/26 8:17 p.m.6 views

UBUNTU-CVE-2026-53313

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid NULL dereference in dcdmubsrv error paths In dcdmubsrvlogdiagnosticdata and dcdmubsrvenabledpiatrace. Both functions check: if !dcdmubsrv || !dcdmubsrv-dmub and then call DCLOGERROR inside that block...

5.5CVSS5.7AI score0.001EPSS
Exploits0References5
OSV
OSV
added 2026/06/26 7:41 p.m.6 views

CVE-2026-53308 power: supply: max77705: Free allocated workqueue and fix removal order

In the Linux kernel, the following vulnerability has been resolved: power: supply: max77705: Free allocated workqueue and fix removal order Use devm interface for allocating workqueue to fix two bugs at the same time: 1. Driver leaks the memory on remove, because the workqueue is not destroyed. 2...

5.5CVSS5.8AI score0.001EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/26 7:40 p.m.9 views

EUVD-2026-39891

In the Linux kernel, the following vulnerability has been resolved: idpf: fix double free and use-after-free in aux device error paths When auxiliarydeviceadd fails in idpfplugvportauxdev or idpfplugcoreauxdev, the errauxdevadd label calls auxiliarydeviceuninit and falls through to errauxdevinit...

5.8AI score0.00126EPSS
Exploits0References3
OSV
OSV
added 2026/06/26 7:40 p.m.5 views

CVE-2026-53286 idpf: fix double free and use-after-free in aux device error paths

In the Linux kernel, the following vulnerability has been resolved: idpf: fix double free and use-after-free in aux device error paths When auxiliarydeviceadd fails in idpfplugvportauxdev or idpfplugcoreauxdev, the errauxdevadd label calls auxiliarydeviceuninit and falls through to errauxdevinit...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/06/26 2:11 a.m.9 views

SUSE CVE-2026-53156

In the Linux kernel, the following vulnerability has been resolved: nvmem: core: fix use-after-free bugs in error paths Fix several instances of error paths in which we call nvmemdeviceput - which may end up freeing the underlying memory and other resources - and then keep on using the nvmem...

7.8CVSS5.8AI score0.00125EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 9:16 a.m.8 views

CVE-2026-53156

In the Linux kernel, the following vulnerability has been resolved: nvmem: core: fix use-after-free bugs in error paths Fix several instances of error paths in which we call nvmemdeviceput - which may end up freeing the underlying memory and other resources - and then keep on using the nvmem...

7.8CVSS0.00125EPSS
Exploits0References4
OSV
OSV
added 2026/06/25 9:16 a.m.5 views

UBUNTU-CVE-2026-53156

In the Linux kernel, the following vulnerability has been resolved: nvmem: core: fix use-after-free bugs in error paths Fix several instances of error paths in which we call nvmemdeviceput - which may end up freeing the underlying memory and other resources - and then keep on using the nvmem...

7.8CVSS5.7AI score0.00125EPSS
Exploits0References7
CVE
CVE
added 2026/06/25 8:38 a.m.19 views

CVE-2026-53156

The CVE-2026-53156 entry concerns a Linux kernel vmem core use-after-free in error paths. The description specifies that several error paths call __nvmem_device_put() which may free the underlying memory and other resources, and the code may continue to use the nvmem structure. The fix is to ensu...

7.8CVSS5.7AI score0.00125EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/06/25 8:38 a.m.6 views

EUVD-2026-39247

In the Linux kernel, the following vulnerability has been resolved: nvmem: core: fix use-after-free bugs in error paths Fix several instances of error paths in which we call nvmemdeviceput - which may end up freeing the underlying memory and other resources - and then keep on using the nvmem...

5.7AI score0.00125EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/06/25 8:38 a.m.9 views

CVE-2026-53156

In the Linux kernel, the following vulnerability has been resolved: nvmem: core: fix use-after-free bugs in error paths Fix several instances of error paths in which we call nvmemdeviceput - which may end up freeing the underlying memory and other resources - and then keep on using the nvmem...

7.8CVSS5.6AI score0.00125EPSS
Exploits0
OSV
OSV
added 2026/06/25 8:38 a.m.5 views

CVE-2026-53156 nvmem: core: fix use-after-free bugs in error paths

In the Linux kernel, the following vulnerability has been resolved: nvmem: core: fix use-after-free bugs in error paths Fix several instances of error paths in which we call nvmemdeviceput - which may end up freeing the underlying memory and other resources - and then keep on using the nvmem...

7.8CVSS5.8AI score0.00125EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.16 views

PT-2026-52252

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description Use-after-free bugs exist in the error paths of the nvmem core. The issue occurs when the nvmem device put function is called, potentially freeing underlying memory and resources, while...

7.8CVSS6AI score0.00125EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2026-53113

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: ath11k: fix memory leaks in beacon template setup The functions ath11kmacsetupbcntmplema and ath11kmacsetupbcntmplmbssid allocate memory for beacon...

6.1AI score0.00159EPSS
Exploits0References4
NVD
NVD
added 2026/06/24 5:17 p.m.11 views

CVE-2026-53102

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: Fix memory leak after mt76connacmcuallocstareq mt76connacmcuallocstareq allocates an skb which is expected to be freed eventually by mt76mcuskbsendmsg. However, currently if an intermediate function fails before...

0.00156EPSS
Exploits0References2
OSV
OSV
added 2026/06/24 4:30 p.m.5 views

CVE-2026-53126 blk-cgroup: fix disk reference leak in blkcg_maybe_throttle_current()

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix disk reference leak in blkcgmaybethrottlecurrent Add the missing putdisk on the error path in blkcgmaybethrottlecurrent. When blkcg lookup, blkg lookup, or blkgtryget fails, the function jumps to the out label whi...

5.8AI score0.00157EPSS
Exploits0References8
Rows per page
Query Builder