CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8703 matches found

EUVD•added 2026/04/03 6:31 p.m.•1 views

EUVD-2026-18780

In the Linux kernel, the following vulnerability has been resolved: nvdimm/bus: Fix potential use after free in asynchronous initialization Dingisoul with KASAN reports a use after free if deviceadd fails in ndasyncdeviceregister. Commit b6eae0f61db2 "libnvdimm: Hold reference on parent while...

5.7AI score0.00015EPSS

Exploits0References7

RedhatCVE•added 2026/04/03 5:4 p.m.•3 views

CVE-2026-31399

A flaw was found in the Linux kernel's nvdimm/bus component. During asynchronous device initialization, if the deviceadd function fails in ndasyncdeviceregister, a use-after-free vulnerability can occur. This happens because the device's reference count drops to zero before the parent pointer is...

4.7CVSS6.1AI score0.00015EPSS

Exploits0References4

NVD•added 2026/04/03 4:16 p.m.•0 views

CVE-2026-31399

7.8CVSS0.00015EPSS

Exploits0References8

UbuntuCve•added 2026/04/03 4:16 p.m.•3 views

CVE-2026-23467

In the Linux kernel, the following vulnerability has been resolved: drm/i915/dmc: Fix an unlikely NULL pointer deference at probe inteldmcupdatedc6allowedcount oopses when DMC hasn't been initialized, and dmc is thus NULL. That would be the case when the call path is intelpowerdomainsinithw -...

5.5CVSS5.8AI score0.00015EPSS

Exploits0References5

UbuntuCve•added 2026/04/03 4:16 p.m.•0 views

CVE-2026-31399

7.8CVSS5.7AI score0.00015EPSS

Exploits0References8

OSV•added 2026/04/03 4:16 p.m.•2 views

UBUNTU-CVE-2026-31399

7.8CVSS5.7AI score0.00015EPSS

Exploits0References9

OSV•added 2026/04/03 4:16 p.m.•1 views

UBUNTU-CVE-2026-23467

5.5CVSS5.7AI score0.00015EPSS

Exploits0References6

EUVD•added 2026/04/03 3:30 p.m.•2 views

EUVD-2026-18647

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix ID register initialization for non-protected pKVM guests In protected mode, the hypervisor maintains a separate instance of the kvm structure for each VM. For non-protected VMs, this structure is initialized from...

5.8AI score0.00015EPSS

Exploits0References4

Cvelist•added 2026/04/03 3:16 p.m.•15 views

CVE-2026-31399 nvdimm/bus: Fix potential use after free in asynchronous initialization

0.00015EPSS

Exploits0References8

CVE•added 2026/04/03 3:16 p.m.•8 views

CVE-2026-31399

CVE-2026-31399 concerns the Linux kernel, specifically a use-after-free in the nvme/nvdimm bus async initialization path. The issue arises if device_add() fails during nd_async_device_register(): the parent device reference could drop to 0 before the parent pointer is accessed, leading to use-aft...

7.8CVSS5.7AI score0.00015EPSS

Exploits0References8Affected Software1

NVD•added 2026/04/03 2:16 p.m.•1 views

CVE-2026-23425

8.8CVSS0.00015EPSS

Exploits0References3

UbuntuCve•added 2026/04/03 2:16 p.m.•1 views

CVE-2026-23425

8.8CVSS5.8AI score0.00015EPSS

Exploits0References5

CVE•added 2026/04/03 1:24 p.m.•8 views

CVE-2026-23425

CVE-2026-23425 (Linux kernel KVM arm64) — The issue stems from non-protected pKVM guests where the hypervisor copies only the KVM_ARCH_FLAG_ID_REGS_INITIALIZED flag from the host to the hypervisor during pkvm_init_features_from_host, while the actual id_regs data are not initialized. This can cau...

8.8CVSS5.8AI score0.00015EPSS

Exploits0References3Affected Software1

Cvelist•added 2026/04/03 1:24 p.m.•16 views

CVE-2026-23425 KVM: arm64: Fix ID register initialization for non-protected pKVM guests

8.8CVSS0.00015EPSS

Exploits0References3

RedhatCVE•added 2026/04/03 10:57 a.m.•2 views

CVE-2026-29139

SEPPmail Secure Email Gateway before version 15.0.3 allows account takeover by abusing GINA account initialization to reset a victim account password...

9.8CVSS5.9AI score0.00059EPSS

Exploits0References1

GitLab Advisory Database•added 2026/04/03 12:0 a.m.•6 views

Swift Crypto: X-Wing HPKE Decapsulation Accepts Malformed Ciphertext Length

The X-Wing decapsulation path accepts attacker-controlled encapsulated ciphertext bytes without enforcing the required fixed ciphertext length. The decapsulation call is forwarded into a C API, which expects a compile-time fixed-size ciphertext buffer of 1120 bytes. This creates an FFI...

7.5CVSS6AI score0.00073EPSS

Exploits1References4Affected Software1

Positive Technologies•added 2026/04/03 12:0 a.m.•3 views

PT-2026-30039

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue in KVM for arm64 systems related to the initialization of ID registers for non-protected pKVM guests. The hypervisor incorrectly copies the KVM ARCH FL...

5.8AI score0.00015EPSS

Exploits0References134

CNNVD•added 2026/04/03 12:0 a.m.•4 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an initialization error in the ID register of unprotected pKVM clients, potentially leading to...

8.8CVSS7.1AI score0.00015EPSS

Exploits0References3

Positive Technologies•added 2026/04/03 12:0 a.m.•1 views

PT-2026-30225

prompts.chat prior to commit 0f8d4c3 contains a path traversal vulnerability in skill file handling that allows attackers to write arbitrary files to the client system by crafting malicious ZIP archives with unsanitized filenames containing path traversal sequences. Attackers can exploit missing...

8.6CVSS6.2AI score0.00115EPSS

Exploits0References5

RedhatCVE•added 2026/04/02 9:38 p.m.•1 views

CVE-2026-23413

A flaw was found in the Linux kernel's clsact qdisc. This use-after-free vulnerability occurs due to an asymmetry in the initialization and destruction rollback process. When a replacement clsact qdisc instance fails during initialization, the destroy callback is triggered without properly...

5.5CVSS5.9AI score0.00015EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by