CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

135 matches found

CVE-2026-12771

A vulnerability was identified in BerriAI litellm up to 1.82.2. This affects an unknown function of the file litellm/proxy/auth/userapikeyauth.py of the component M2M JWT Handler. Such manipulation leads to improper authorization. The attack can be launched remotely. A high complexity level is...

7.5CVSS0.00186EPSS

Exploits1References5

EUVD•added 4 days ago•10 views

EUVD-2026-38137

5CVSS5.3AI score0.00186EPSS

Exploits1References5

Cvelist•added 4 days ago•32 views

CVE-2026-12771 BerriAI litellm M2M JWT user_api_key_auth.py improper authorization

5CVSS0.00186EPSS

Exploits1References5

OSV•added 2026/05/27 2:17 p.m.•3 views

UBUNTU-CVE-2026-46058

In the Linux kernel, the following vulnerability has been resolved: media: amphion: Fix race between m2m jobabort and devicerun Fix kernel panic caused by race condition where v4l2m2mctxrelease frees m2mctx while v4l2m2mtryrun is about to call devicerun with the same context. Race sequence:...

7.8CVSS5.7AI score0.00097EPSS

Exploits0References3

Cvelist•added 2026/05/27 12:57 p.m.•40 views

CVE-2026-46058 media: amphion: Fix race between m2m job_abort and device_run

7.8CVSS0.00097EPSS

Exploits0References6

ATTACKERKB•added 2026/05/27 12:57 p.m.•5 views

CVE-2026-46058

7.8CVSS5.7AI score0.00097EPSS

Exploits0References7Affected Software1

Positive Technologies•added 2026/05/27 12:0 a.m.•16 views

PT-2026-43925

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A race condition exists in the amphion VPU driver within the Linux kernel. This occurs when v4l2 m2m ctx release frees the m2m ctx context while v4l2 m2m try run is attempting to call devic...

9.8CVSS5.9AI score0.03663EPSS

Exploits14References282

AstraLinux•added 2026/05/20 5:53 a.m.•6 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: media: mtk-jpeg: A bug related to use-after-free was fixed due to error path handling in mtkjpegdecdevicerun. In mtkjpegprobe, the variable &jpeg-jobtimeoutwork is bound to mtkjpegjobtimeoutwork. In mtkjpegdecdevicerun, if an err...

7.8CVSS5.6AI score0.00276EPSS

Exploits0References2

SUSE CVE•added 2026/05/13 3:35 a.m.•7 views

SUSE CVE-2026-43310

In the Linux kernel, the following vulnerability has been resolved: media: verisilicon: Avoid G2 bus error while decoding H.264 and HEVC For the i.MX8MQ platform, there is a hardware limitation: the g1 VPU and g2 VPU cannot decode simultaneously; otherwise, it will cause below bus error and produ...

5.8AI score0.00107EPSS

Exploits0References3

EUVD•added 2026/05/08 3:31 p.m.•9 views

EUVD-2026-28580

5.8AI score0.00107EPSS

Exploits0References3

UbuntuCve•added 2026/05/08 2:16 p.m.•4 views

CVE-2026-43310

5.5CVSS5.8AI score0.00107EPSS

Exploits0References4

Positive Technologies•added 2026/05/06 12:0 a.m.•10 views

PT-2026-37547

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the mtk-mdp media component within the probe function. The lack of proper error handling leads to a resource leak when mtk mdp unregister m2m device is not called on t...

7.8CVSS5.4AI score0.00139EPSS

Exploits0References18

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In v4l2m2mquerybuf of v4l2-mem2mem.c, there is a possible out-of-bounds write due to improper input validation. This could lead to a local escalation of privileges, as the system requires execution privileges to exploit the vulnerability. User interaction is not required for exploitation. Product...

6.7CVSS6.8AI score0.00155EPSS

Exploits0References2

AstraLinux•added 2026/01/13 2:1 p.m.•5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Media: nxp: imx8-isi: m2m: Fixed streaming cleanup upon release. If the calls for “streamon” and “streamoff” are imbalanced, such as when exiting an application using Ctrl+C while streaming, the m2m usagecount will never reach...

5.6AI score0.00162EPSS

Exploits0References3

RedhatCVE•added 2026/01/07 9:51 a.m.•7 views

CVE-2013-6945

The M2M Broker in OSEHRA VistA, as distributed before September 30, 2013, allows attackers to bypass authentication and authorization to perform doctor-only actions and read or modify patient records via unspecified vectors related to a "logic flaw."...

7.5CVSS7.1AI score0.01377EPSS

Exploits0References1

SUSE CVE•added 2025/12/25 12:54 a.m.•2 views

SUSE CVE-2023-54147

In the Linux kernel, the following vulnerability has been resolved: media: platform: mtk-mdp3: Add missing check and free for idaalloc Add the check for the return value of the idaalloc in order to avoid NULL pointer dereference. Moreover, free allocated "ctx-id" if mdpm2mopen fails later in orde...

6.5AI score0.00168EPSS

Exploits0References3

OSV•added 2025/12/24 1:16 p.m.•3 views

UBUNTU-CVE-2023-54147

5.7AI score0.00168EPSS

Exploits0References6

OSV•added 2025/12/24 1:6 p.m.•3 views

CVE-2023-54147 media: platform: mtk-mdp3: Add missing check and free for ida_alloc

6.4AI score0.00168EPSS

Exploits0References7

SUSE CVE•added 2025/11/14 12:24 a.m.•4 views

SUSE CVE-2025-40165

In the Linux kernel, the following vulnerability has been resolved: media: nxp: imx8-isi: m2m: Fix streaming cleanup on release If streamon/streamoff calls are imbalanced, such as when exiting an application with Ctrl+C when streaming, the m2m usagecount will never reach zero and the ISI channel...

4.7CVSS6.5AI score0.00162EPSS

Exploits0References7

RedhatCVE•added 2025/11/13 2:41 p.m.•4 views

CVE-2025-40165

5.8AI score0.00162EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by