15111 matches found
CVE-2026-45195
CVE-2026-45195 affects kernel software inside a Host VM that posts commands to GPU Firmware, enabling memory reads/writes outside the host kernel’s permitted range. Root cause: untrusted addresses passed to rgxfw_set_mips_fault_address in the GPU DDK may grant the firmware privileged memory acces...
CVE-2026-5757 There exists an unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine
Unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine allows an attacker to read and exfiltrate the server's heap memory, potentially leading to sensitive data exposure, further compromise, and stealthy persistence...
CVE-2026-38571
The CVE-2026-38571 case concerns the Tenda N300 F3 device (version V603), where the unauthenticated UART debug console stores WPA2 credentials in cleartext and does not require authentication for rr/wr memory read/write commands. This enables a physically proximate attacker to extract stored WPA2...
PT-2026-52842
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Kernel software running within a Host VM can send improper commands to the GPU Firmware. This allows the firmware to perform memory read or write operations...
RHEL 8 : redis:6 (RHSA-2026:29817)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:29817 advisory. Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and...
CVE-2026-53133
A flaw was found in the Linux kernel's RDMA/umem component. When the IOMMU Input/Output Memory Management Unit is used, a very large memory block can be split across multiple scatter-gather SG entries. During the reassembly of these split SG entries, an issue with truncation for block sizes great...
CVE-2026-53229
A flaw was found in the Linux kernel's mlx5e driver. When an XDP eXpress Data Path transmission fails, the driver does not properly unmap DMA Direct Memory Access addresses or free allocated XDP frames. This oversight can lead to a continuous leak of DMA resources and XDP frames, potentially...
kernel: RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss()
A flaw was found in the Linux kernel's RDMA/mana component. A local user could trigger a kernel corruption by providing specific configurations through the user Application Programming Interface uAPI that cause an internal error. This issue arises when Work Queues WQs are specified to share the...
CVE-2026-52956
A flaw was found in the Linux kernel's libceph module. A remote attacker could trigger an out-of-bounds memory access in the cephxdecrypt function by sending a specially crafted message frame of type FRAMETAGAUTHREPLYMORE with a small ciphertext length. This vulnerability arises because the...
CVE-2026-52955
A flaw was found in the libceph component of the Linux kernel. A remote attacker could send a specially crafted CEPHMSGOSDMAP message where two internal fields, alg and b-alg, contain differing bucket algorithm values. This discrepancy can lead to an out-of-bounds memory access during processing ...
CVE-2026-52968
A flaw was found in the Linux kernel's KVM Kernel-based Virtual Machine subsystem, specifically affecting s390 PCI devices. This vulnerability arises from incorrect pointer arithmetic during the indexing of the Guest Access Instruction Table GAIT, leading to out-of-bounds memory access. A local...
CVE-2026-56770
Libais 0.15 is affected by an out-of-bounds vector access in VdmStream::AddLine caused by an unchecked sentinel value used as a vector index when handling AIS sentences with empty or out-of-range sequential IDs. Remote attackers can crash services or vessel systems by sending crafted AIVDM senten...
CVE-2026-53112
A flaw was found in the Linux kernel's rtlwifi PCI driver. This vulnerability, a use-after-free, occurs when a rtlwifi wireless card is detached or fails to initialize, and a related background task is not properly shut down. This can lead to the system attempting to access memory that has alread...
CVE-2026-57438
Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, XInclude substitution performed by Nokogiri::XML::Nodedoxinclude replaced each in place, freeing the include node along with its children such as and its descendants and any namespaces declared on...
CVE-2026-57438 Nokogiri: Possible Use-After-Free in XInclude Processing
Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, XInclude substitution performed by Nokogiri::XML::Nodedoxinclude replaced each in place, freeing the include node along with its children such as and its descendants and any namespaces declared on...
CVE-2026-57438
Nokogiri (Ruby) prior to 1.19.4 is vulnerable to a use-after-free in XInclude processing: Nokogiri::XML::Node#do_xinclude frees the xi:include node, its children, and namespaces, potentially leaving Ruby objects pointing at freed memory. This can lead to invalid memory reads/writes. The issue is ...
redis: RESTORE invalid memory access may allow remote code execution
A flaw was found in Redis. An authenticated attacker with permission to execute the RESTORE command can send a crafted serialized payload that may lead to an invalid memory access due to an improper validation of the serialized values. This flaw can cause the server to crash and may allow arbitra...
Important: Red Hat Security Advisory: redis:6 security update
An update for the redis:6 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common...
EUVD-2026-39190
Generic IO & Memory Access driver for PCs provided by TOSHIBA CORPORATION and Dynabook Inc. exposes its IOCTL with insufficient access control. A logged-in user with no administrative privilege may access physical memory...
CVE-2026-53159
In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix DMA address corruption due to findvma misuse fastrpcgetargs uses findvma to look up the VMA for a user-provided pointer and compute a DMA address offset. When the address falls in a gap before the returned VMA,...