Lucene search
+L

188 matches found

Cvelist
Cvelist
added 4 days ago35 views

CVE-2026-58102 Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow a heap out-of-bounds read via a long certificate extension OID in hv_exts

Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow a heap out-of-bounds read via a long certificate extension OID in hvexts. When building the extension hash via extensions, extensionsbylongname, extensionsbyoid, or hasextensionoid, the code passes OBJobj2txt's return value as the hash-key...

0.00222EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-53199

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hvnetvsc: use kmaplocalpage in netvsccopytosendbuf netvsccopytosendbuf copies page buffer entries into the VMBus send buffer using phystovirt on the entry PFN...

7.5CVSS6.2AI score0.0053EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:16 a.m.6 views

hv_netvsc: use kmap_local_page in netvsc_copy_to_send_buf

...

7.5CVSS5.8AI score0.0053EPSS
Exploits0
CVE
CVE
added 2026/06/26 11:0 p.m.15 views

CVE-2026-56414

The CVE-2026-56414 entry concerns H.View IP cameras (HV-500S6) with certificate-related upload interfaces. Authenticated users can store arbitrary file content to fixed, persistent filesystem locations without validation of file type, structure, or size. The described design omission enables plac...

8.6CVSS5.9AI score0.004EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/26 11:0 p.m.30 views

CVE-2026-56414 H.VIEW HV-500S6 IP Camera Unrestricted Upload of File with Dangerous Type

A vulnerability exists in H.View IP cameras certificate-related upload interfaces allow authenticated users to store arbitrary file content to fixed, persistent filesystem locations without validating file type, structure, or size. This design omission enables the placement of unexpected or...

8.6CVSS0.004EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/26 10:58 p.m.30 views

CVE-2026-55975 H.VIEW HV-500S6 IP Camera OS Command Injection

A vulnerability exists in H.View IP cameras that could allow an authenticated user to supply unsanitized XML fields to the device's certificate generation interface, which are incorporated into a backend certificate creation command without proper input validation. This may allow for command...

8.6CVSS0.00653EPSS
Exploits0References3
CVE
CVE
added 2026/06/26 10:58 p.m.18 views

CVE-2026-55975

CVE-2026-55975 affects H.View IP cameras (e.g., HV-500S6) where an authenticated user can supply unsanitized XML to the device’s certificate generation interface. The input is incorporated into a backend certificate creation command without proper validation, enabling command execution with eleva...

8.6CVSS5.9AI score0.00653EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 9:16 a.m.7 views

CVE-2026-53199

In the Linux kernel, the following vulnerability has been resolved: hvnetvsc: use kmaplocalpage in netvsccopytosendbuf netvsccopytosendbuf copies page buffer entries into the VMBus send buffer using phystovirt on the entry PFN. Entries for the RNDIS header and the skb linear data come from...

7.5CVSS0.0053EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53199

In the Linux kernel, the following vulnerability has been resolved: hvnetvsc: use kmaplocalpage in netvsccopytosendbuf netvsccopytosendbuf copies page buffer entries into the VMBus send buffer using phystovirt on the entry PFN. Entries for the RNDIS header and the skb linear data come from...

7.5CVSS5.9AI score0.0053EPSS
Exploits0
OSV
OSV
added 2026/06/04 10:22 a.m.7 views

MINI-J73M-3PJR-24HV

Bulletin has no description...

9.1CVSS5.7AI score0.0036EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/03 11:40 a.m.12 views

CVE-2026-9334

A flaw was found in perl-Cpanel-JSON-XS. This vulnerability allows a remote attacker to cause a denial of service DoS by providing specially crafted JSON input with duplicate object keys. When the dupkeysasarrayref option is enabled, the decodehv function incorrectly processes the input, leading ...

7.3CVSS5.8AI score0.00253EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: clocksource: hyper-v: unexport init-annotated hvinitclocksource EXPORTSYMBOL and init are a poor combination, as the .init.text section is freed after initialization. As a result, modules cannot use symbols annotated with init...

5.5CVSS6.1AI score0.00266EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Book3S HV: Fixed stack handling in idlekvmstartguest In commit 10d91611f426 “powerpc/64s: Reimplemented the book3s idle code in C”, kvmstartguest became idlekvmstartguest. The old code allocated a stack frame on the...

7.1CVSS5.4AI score0.00224EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: hvnetvsc: Do not free decrypted memory. In CoCo VMs, it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail, resulting in an error and the memory being retained. Callers must take care to...

5.5CVSS6.2AI score0.00225EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: uiohvgeneric: A memory leak has been fixed in error handling paths. If the vmbusestablishgpadl function fails, the recv|sendgpadl functions will not be updated, and the hvuiocleanup function in the error handling path will not be...

5.5CVSS6AI score0.00235EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: HV: hvballoon: fixed a memory leak that occurred when using debugfslookup. When calling debugfslookup, the result must have had dput called upon it; otherwise, a memory leak would occur over time. To simplify things, simply call...

5.5CVSS5.5AI score0.00192EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: uiohvgeneric: Another memory leak has been fixed in the error handling paths. The memory allocated by vmbusallocring at the beginning of the probe function is never freed during the error handling process. The missing vmbusfreeri...

5.5CVSS6.1AI score0.00228EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/09 2:10 a.m.10 views

CVE-2026-43475

A flaw was found in the Linux kernel's hvstorvsc component. When the kernel is configured with PREEMPTRT Real-Time Preemption and running on a Hyper-V virtual machine, a local process performing specific I/O operations can trigger a concurrency issue. This can lead to a system lock-up or crash,...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References4
OSV
OSV
added 2026/05/06 7:40 a.m.2 views

CVE-2026-43094 ixgbevf: add missing negotiate_features op to Hyper-V ops table

In the Linux kernel, the following vulnerability has been resolved: ixgbevf: add missing negotiatefeatures op to Hyper-V ops table Commit a7075f501bd3 "ixgbevf: fix mailbox API compatibility by negotiating supported features" added the .negotiatefeatures callback to ixgbemacoperations and populat...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.8 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013712)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013712 advisory. In the Linux kernel, the following vulnerability has been resolved: uiohvgeneric: Let userspace take care of interrupt mask Remove the logic to set interrupt mask by...

5.6AI score0.00207EPSS
Exploits0References4
Rows per page
Query Builder