25357 matches found
GHSA-47Q9-M4WW-924M Rekor has an OOM Condition due to Unbounded gzip Decompression in Alpine APK Parsing Logic
Description The Package.Unmarshal function in pkg/types/alpine/apk.go decompresses the signature and control gzip members of an APK file into in-memory buffers without bounding the total decompressed size. The existing maxapkmetadatasize check default 1MB is only applied to individual tar entry...
CVE-2026-53048
A flaw was found in the Linux kernel's gfs2 filesystem. During the unmount process, a NULL pointer dereference can occur when flushing outstanding glock work. This happens because gfs2logflush is called when a critical data structure sdp-sdjdesc has already been deallocated, and a subsequent...
CVE-2026-53049
A flaw was found in the Linux kernel's Global File System 2 GFS2 component. The gfs2logd function, responsible for log flushing, calls several log flushing functions without holding the required lock. This omission allows concurrent transactions to access shared resources without proper exclusion...
CVE-2026-53059
A flaw was found in the Linux kernel's device-mapper log dm log component. A local attacker could exploit an integer overflow vulnerability where a 64-bit value is truncated to 32 bits, leading to undersized memory allocations. This allows for out-of-bounds writes to kernel memory during log...
OPENSUSE-RU-2026:21160-1 Recommended update for dnscrypt-proxy
This update for dnscrypt-proxy fixes the following issues: Changes in dnscrypt-proxy: - Update to version 2.1.16 The "tlsciphersuite" option is now a no-op. Modern TLS stacks no longer expose cipher suite selection in a meaningful way, and the option had become misleading A log size of 0 no longe...
CVE-2026-56005
Subscriber Cross Site Scripting XSS in WP Activity Log = 5.6.3.1 versions...
CVE-2026-56005 WordPress WP Activity Log plugin <= 5.6.3.1 - Cross Site Scripting (XSS) vulnerability
Subscriber Cross Site Scripting XSS in WP Activity Log = 5.6.3.1 versions...
EUVD-2026-39374
Subscriber Cross Site Scripting XSS in WP Activity Log = 5.6.3.1 versions...
CVE-2026-56005
CVE-2026-56005 affects the WordPress plugin WP Activity Log (versions
CVE-2026-53205
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add bounds checks for firmware log indices Add validation that read and write indices in the firmware log buffer are within valid bounds datasize before using them. If out-of-bounds indices are encountered from...
CVE-2026-53169
In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: reject NPUOPRESIZE commands from userspace NPUOPRESIZE is a U85-only command that the driver does not yet implement. The existing WARNON1 placeholder fires unconditionally whenever userspace submits this command via...
CVE-2026-53131
In the Linux kernel, the following vulnerability has been resolved: netfilter: require Ethernet MAC header before using ethhdr ip6teui64, xtmac, the bitmap:ip,mac, hash:ip,mac, and hash:mac ipset types, and nflogsyslog access ethhdrskb after either assuming that the skb is associated with an...
UBUNTU-CVE-2026-53131
In the Linux kernel, the following vulnerability has been resolved: netfilter: require Ethernet MAC header before using ethhdr ip6teui64, xtmac, the bitmap:ip,mac, hash:ip,mac, and hash:mac ipset types, and nflogsyslog access ethhdrskb after either assuming that the skb is associated with an...
UBUNTU-CVE-2026-53205
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add bounds checks for firmware log indices Add validation that read and write indices in the firmware log buffer are within valid bounds datasize before using them. If out-of-bounds indices are encountered from...
EUVD-2026-39300
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: reject oversized Broadcast Announcement prepend Existing advertising instances can already hold the maximum extended advertising payload. When hciadvbcastannoucement prepends the Broadcast Announcement service...
CVE-2026-53205 accel/ivpu: Add bounds checks for firmware log indices
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add bounds checks for firmware log indices Add validation that read and write indices in the firmware log buffer are within valid bounds datasize before using them. If out-of-bounds indices are encountered from...
CVE-2026-53205
The CVE-2026-53205 issue is in the Linux kernel Intel Versatile Processing Unit (IVPU) accelerator driver (accel/ivpu). It stems from insufficient validation of read/write indices in the firmware log buffer, allowing potential out-of-bounds access if firmware supplies invalid indices. Affected sy...
EUVD-2026-39296
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add bounds checks for firmware log indices Add validation that read and write indices in the firmware log buffer are within valid bounds datasize before using them. If out-of-bounds indices are encountered from...
CVE-2026-53186
CVE-2026-53186 affects the Linux kernel SRP path in RDMA: the SRP_RSP data length (resp_data_len) is not bounded by the actual received bytes, risking an out-of-bounds read when processing sense data. The copy is capped to 96 bytes, but the source offset can point far past the received data, pote...
CVE-2026-53131 netfilter: require Ethernet MAC header before using eth_hdr()
In the Linux kernel, the following vulnerability has been resolved: netfilter: require Ethernet MAC header before using ethhdr ip6teui64, xtmac, the bitmap:ip,mac, hash:ip,mac, and hash:mac ipset types, and nflogsyslog access ethhdrskb after either assuming that the skb is associated with an...