421 matches found
CVE-2026-46232
In the Linux kernel, the following vulnerability has been resolved: HID: playstation: Clamp numtouchreports A device would never lie about the number of touch reports would it? If it does the loop in dualshock4parsereport will read off the end of the touchreports array, up to about 2 KiB for the...
SUSE CVE-2026-46051
In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix soft lockup in retryalignedread When retryalignedread encounters an overlapped stripe, it releases the stripe via raid5releasestripe which puts it on the lockless releasedstripes llist. In the next raid5d loop...
CVE-2026-46051
In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix soft lockup in retryalignedread When retryalignedread encounters an overlapped stripe, it releases the stripe via raid5releasestripe which puts it on the lockless releasedstripes llist. In the next raid5d loop...
UBUNTU-CVE-2026-46051
In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix soft lockup in retryalignedread When retryalignedread encounters an overlapped stripe, it releases the stripe via raid5releasestripe which puts it on the lockless releasedstripes llist. In the next raid5d loop...
EUVD-2026-32433
In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix soft lockup in retryalignedread When retryalignedread encounters an overlapped stripe, it releases the stripe via raid5releasestripe which puts it on the lockless releasedstripes llist. In the next raid5d loop...
CVE-2026-46051
In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix soft lockup in retryalignedread When retryalignedread encounters an overlapped stripe, it releases the stripe via raid5releasestripe which puts it on the lockless releasedstripes llist. In the next raid5d loop...
CVE-2026-46051
The CVE-2026-46051 entry concerns the Linux kernel md/raid5 layer. It fixes a soft lockup in retry_aligned_read() when encountering an overlapped stripe. The bug occurs because a stripe released via raid5_release_stripe() enters the released_stripes list, and in the next raid5d loop, release_stri...
CVE-2026-46051 md/raid5: fix soft lockup in retry_aligned_read()
In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix soft lockup in retryalignedread When retryalignedread encounters an overlapped stripe, it releases the stripe via raid5releasestripe which puts it on the lockless releasedstripes llist. In the next raid5d loop...
PT-2026-43918
In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix soft lockup in retry aligned read When retry aligned read encounters an overlapped stripe, it releases the stripe via raid5 release stripe which puts it on the lockless released stripes llist. In the next raid5d loo...
CVE-2026-7887 For Concrete CMS 9.5.0 and below, OAuth 2.0 Authorization-Code Handler Bypasses Account Status
For Concrete CMS 9.5.0 and below, OAuth 2.0 Authorization-Code Handler Bypasses Account Status. A user with uIsActive=0 suspended, banned, terminated employee can still authenticate via OAuth and receive valid API tokens. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score o...
CVE-2026-7887 For Concrete CMS 9.5.0 and below, OAuth 2.0 Authorization-Code Handler Bypasses Account Status
For Concrete CMS 9.5.0 and below, OAuth 2.0 Authorization-Code Handler Bypasses Account Status. A user with uIsActive=0 suspended, banned, terminated employee can still authenticate via OAuth and receive valid API tokens. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score o...
Astra Linux - уязвимость в libvirt
A flaw was discovered in libvirt. External inactive snapshots of shut-down virtual machines are created as being accessible to everyone on the network, allowing unprivileged users to inspect the contents of the guest operating systems. This leads to an information disclosure vulnerability...
Astra Linux - уязвимость в linux-6.1, linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skips inactive planes within ModeSupportAndSystemConfiguration. Why Coverity reported a memory issue involving illegal access attempts. How The inactive planes are skipped during processing...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: KVM: Reject attempts to consume or refresh inactive gfntopfncache. Reject calls to kvmgpccheck and kvmgpcrefresh if the cache is inactive. Not checking the active flag during refresh is particularly problematic, as KVM may end...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads8688: fixed information leakage in triggered buffers. The “buffer” local array is used to push data to user space from a triggered buffer. However, it does not set values for inactive channels, as it only uses...
CVE-2026-44561
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the isuserchannelmember function checks whether a ChannelMember row exists but does not check the isactive field. When a user is deactivated from a group or DM channel removed by the...
K000161272: Spring Security vulnerability CVE-2026-22753
Security Advisory Description Vulnerability in Spring Spring Security. If an application is using securityMatchersString and a PathPatternRequestMatcher.Builder bean to prepend a servlet path, matching requests to that filter chain may fail and its related security components will not be exercise...
SUSE CVE-2026-43388
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: clear walkcontrol on inactive context in damoswalk damoswalk sets ctx-walkcontrol to the caller-provided control structure before checking whether the context is running. If the context is inactive damonisrunning...
Linux Distros Unpatched Vulnerability : CVE-2026-43388
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/damon/core: clear walkcontrol on inactive context in damoswalk damoswalk sets ctx-walkcontrol to the caller-provided control structure before checking whethe...
EUVD-2026-28694
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: clear walkcontrol on inactive context in damoswalk damoswalk sets ctx-walkcontrol to the caller-provided control structure before checking whether the context is running. If the context is inactive damonisrunning...