CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

974 matches found

CVE-2026-53237

The CVE-2026-53237 entry concerns the Linux kernel GPIO subsystem for Marvell Armada 370/XP. Root cause: during suspend/resume, mvebu_pwm_suspend() and mvebu_pwm_resume() are invoked for all GPIO banks, but banks without PWM present mvchip->mvpwm set to NULL. When mvebu_pwm_suspend() is called...

5.8AI score

Exploits0References5

CVE•added 12 hours ago•4 views

CVE-2026-53217

In CVE-2026-53217, the Linux kernel fix targets mvpp2 RX data synchronization. The issue arises when mvpp2 programs the RX queue offset and hardware writes data at dma_addr + MVPP2_SKB_HEADROOM, while the CPU sync starting at dma_addr only covers rx_bytes + MVPP2_MH_SIZE. On non-coherent DMA, thi...

5.7AI score

Exploits0References8

EUVD•added 12 hours ago•4 views

EUVD-2026-39308

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: sync RX data at the hardware packet offset mvpp2 programs the RX queue packet offset, so hardware writes received data at dmaaddr + MVPP2SKBHEADROOM. The current CPU sync starts at dmaaddr and only covers rxbytes +...

5.7AI score

Exploits0References8

AstraLinux•added 6 days ago•4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drivers: perf: marvellcn10k: Fixed a leak in the hotplug callback in tadpmuinit. The tadpmuinit function does not remove the callback added by cpuhpsetupstatemulti when platformdriverregister fails. Remove the callback by usin...

5.4AI score0.00166EPSS

Exploits0References1

AstraLinux•added 6 days ago•5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: crypto: marvell/octeontx – prevents integer overflows The value of “codelength” comes from the firmware file. If your firmware is untrusted, there’s likely very little you can do to protect yourself. Nevertheless, we still try...

5.5AI score0.00209EPSS

Exploits0References1

AstraLinux•added 6 days ago•5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/cesa – Handles zero-length skcipher requests. Do not access random memory for zero-length skcipher requests. Simply return 0...

5.5CVSS6.3AI score0.00151EPSS

Exploits0References2

AstraLinux•added 6 days ago•3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: phy: marvell: a3700-comphy: Fix out-of-bounds read issue There is an out-of-bounds read access to gbePhyInitfixfixidx.addr during each iteration after fixidx reaches ARRAYSIZEgbePhyInitfix. Ensure that gbePhyInitaddr is used when...

5.5CVSS5.7AI score0.00211EPSS

Exploits0References2

Rapid7 Blog•added 2026/05/15 6:54 p.m.•9 views

Metasploit Wrap-Up 05/15/2026

Weaponizing a text editor for fun and profit Gather round, dear readers, because today, we by we, we mean @h00die dropped the ultimate persistence mechanism: Vim plugin persistence. And honestly, calling it "persistence" feels redundant — Vim is already the most persistent thing ever. Somewhere,...

9.8CVSS8AI score0.79335EPSS

Exploits22

Metasploit•added 2026/05/11 7:3 p.m.•222 views

Marvell QConvergeConsole Path Traversal (CVE-2025-6793)

This module exploits a path traversal vulnerability CVE-2025-6793 in Marvell QConvergeConsole use auxiliary/gather/qconvergeconsoletraversal msf auxiliaryqconvergeconsoletraversal show actions ...actions... msf auxiliaryqconvergeconsoletraversal set ACTION msf auxiliaryqconvergeconsoletraversal...

9.4CVSS8.5AI score0.12281EPSS

Exploits1

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: Fixed a NULL dereferencing on devlinkalloc failure. devlinkalloc may return NULL when allocation fails, but presteradevlinkalloc will unconditionally call devlinkpriv on the returned pointer. This leads to...

5.5CVSS5.1AI score0.00115EPSS

Exploits0References2

Tenable Nessus•added 2026/04/22 12:0 a.m.•5 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013555)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013555 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/octeontx - prevent integer overflows The codelength value comes from the firmware...

5.8AI score0.00209EPSS

Exploits0References4

Tenable Nessus•added 2026/04/21 12:0 a.m.•5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010902)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010902 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/octeontx - prevent integer overflows The codelength value comes from the firmware...

6AI score0.00209EPSS

Exploits0References4

Tenable Nessus•added 2026/04/17 12:0 a.m.•1 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007417)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007417 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: mvsas: Fix use-after-free bugs in mvsworkqueue During the detaching of Marvell's SAS/SATA...

5.6AI score0.00236EPSS

Exploits0References4

UbuntuCve•added 2026/04/03 4:16 p.m.•2 views

CVE-2026-23438

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: guard flow control update with globaltxfc in buffer switching mvpp2bmswitchbuffers unconditionally calls mvpp2bmpoolupdateprivfc when switching between per-cpu and shared buffer pool modes. This function programs CM3...

5.5CVSS5.8AI score0.00123EPSS

Exploits0References8

RedhatCVE•added 2026/03/25 2:8 p.m.•2 views

CVE-2026-23281

A flaw was found in the Linux kernel's Marvell Libertas Wi-Fi driver. This vulnerability, a use-after-free, occurs because the system does not properly synchronize the freeing of memory with ongoing timer operations. If a timer attempts to access resources after they have been released, it can le...

5.8AI score0.00126EPSS

Exploits0References4

RedhatCVE•added 2026/02/02 9:17 a.m.•13 views

CVE-2026-23019

In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix NULL dereference on devlinkalloc failure devlinkalloc may return NULL on allocation failure, but presteradevlinkalloc unconditionally calls devlinkpriv on the returned pointer. This leads to a NULL...

5.5CVSS5.1AI score0.00115EPSS

Exploits0References4

SUSE CVE•added 2026/02/01 12:23 a.m.•3 views

SUSE CVE-2026-23019

5.5CVSS5.7AI score0.00115EPSS

Exploits0References3

EUVD•added 2026/01/31 11:39 a.m.•6 views

EUVD-2026-5075

5.7AI score0.00115EPSS

Exploits0References6

CVE•added 2026/01/31 11:39 a.m.•19 views

CVE-2026-23019

CVE-2026-23019 describes a NULL dereference in the Linux kernel’s net: marvell: prestera code. The root cause is that prestera_devlink_alloc() calls devlink_priv() on the pointer returned by devlink_alloc() without verifying that the pointer is non-NULL; if allocation fails, this leads to a NULL ...

5.5CVSS5.7AI score0.00115EPSS

Exploits0References6Affected Software1

Debian CVE•added 2026/01/31 11:39 a.m.•4 views

CVE-2026-23019

5.5CVSS5.1AI score0.00115EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by