635 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-31592
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: SEV: Protect all of sevmemencregisterregion with kvm-lock Take and hold kvm-lock for before checking sevguest in sevmemencregisterregion, as sevguest isn't...
CVE-2026-31572
A flaw was found in the Linux kernel's i2c: designware: amdisp component. A race condition exists between the device's probe and runtime Power Management PM resume operations. When pmruntimegetsync is called before i2cdwprobe, it can prematurely trigger the amdisp i2c runtime resume before the...
CVE-2026-31566
A flaw was found in the Linux kernel's AMD GPU amdgpu driver. An issue in the amdgpuamdkfdsubmitib function allows a local user to trigger a use-after-free vulnerability. This occurs because a fence reference is incorrectly released before waiting for job completion, potentially freeing the memor...
CVE-2026-31545
A flaw was found in the Linux kernel's NFC Near Field Communication subsystem, specifically within the nxp-nci driver. This flaw prevented General Purpose Input/Output GPIO pins from entering a sleep state, leading to a kernel WARNON condition. This issue could potentially cause system instabilit...
EUVD-2026-25363
A vulnerability in SenseLive X3050's web management interface allows critical system and network configuration parameters to be modified without sufficient validation and safety controls. Due to inadequate enforcement of constraints on sensitive functions, parameters such as IP addressing, watchd...
Symlink Attack
Overview Affected versions of this package are vulnerable to Symlink Attack due to insecure handling of Process ID PID files. When an application uses the ApplicationPidFileWriter, it writes its PID to a predictable file system path. A local attacker with write access to the PID file's directory...
CVE-2026-31511
A flaw was found in the Bluetooth Management MGMT component of the Linux kernel. An issue with how memory is managed during certain operations can lead to a 'dangling pointer' vulnerability. This means that the system might attempt to access memory that has already been released, potentially...
CVE-2026-31462
A flaw was found in the Linux kernel's drm/amdgpu component. This vulnerability arises from the immediate reuse of a Process Address Space ID PASID when a process exits. If a new process is assigned a recently freed PASID, it may encounter page faults still pending in the interrupt handler IH rin...
CVE-2026-31439
A flaw was found in the Linux kernel's Xilinx DMA Direct Memory Access engine. The xdma driver's regmap initialization incorrectly handled errors, specifically when the devmregmapinitmmio function returned an error pointer instead of a null value. This improper error handling could potentially le...
CVE-2026-31432
A flaw was found in the ksmbd component of the Linux kernel. This vulnerability allows an attacker to cause the system to write data beyond its intended memory boundaries when processing specific network requests. Specifically, when a complex request combines data reading with security informatio...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the Optimizer component. An attacker can cause the server to hang or crash repeatedly by sending specially crafted requests over the network. This is only exploitable if the...
CVE-2026-31417
A flaw was found in the Linux kernel's X.25 network protocol implementation net/x25. An attacker could potentially trigger an integer overflow in the x25sock.fraglen variable when accumulating packets. This oversight, combined with the fraglen not being properly reset, may lead to system...
PT-2026-32406
Uncontrolled Resource Consumption CWE-400 in Kibana can lead to denial of service via Excessive Allocation CAPEC-130. An authenticated user with access to the automatic import feature can submit specially crafted requests with excessively large input values. When multiple such requests are sent...
kernel: Linux kernel:A use-after-free in bridge multicast in br_multicast_port_ctx_init
A flaw was found in the Linux kernel's bridge multicast functionality. A local user could trigger a use-after-free vulnerability, a type of memory corruption, by improperly configuring network bridge router ports. This issue arises because the system fails to correctly remove ports from its...
PT-2026-31345
Name of the Vulnerable Software and Affected Versions Kibana affected versions not specified Description An authenticated user with access to the automatic import feature can submit specially crafted requests with excessively large input values. When multiple such requests are sent concurrently,...
CVE-2026-33815
A flaw was found in github.com/jackc/pgx. This memory-safety vulnerability could potentially lead to unexpected behavior or system instability. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria...
Cisco IOS Software IKEv2 DoS (cisco-sa-asa-ftd-ios-dos-kPEpQGGK)
According to its self-reported version, Cisco IOS Software is affected by a vulnerability. - A vulnerability in the Internet Key Exchange version 2 IKEv2 feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service DoS...
CVE-2026-5165
A flaw was found in virtio-win, specifically within the VirtIO Block BLK device. When the device undergoes a reset, it fails to properly manage memory, resulting in a use-after-free vulnerability. This issue could allow a local attacker to corrupt system memory, potentially leading to system...
CVE-2026-5165
A flaw was found in virtio-win, specifically within the VirtIO Block BLK device. When the device undergoes a reset, it fails to properly manage memory, resulting in a use-after-free vulnerability. This issue could allow a local attacker to corrupt system memory, potentially leading to system...
PT-2026-29036
Name of the Vulnerable Software and Affected Versions virtio-win affected versions not specified Description A memory management issue exists in the VirtIO Block BLK device within virtio-win. A reset of the device does not properly handle memory, leading to a use-after-free condition. This could...