Drupal SAML SSO - Service Provider 安全漏洞

Drupal SAML SSO – Service Provider is a Drupal Single Sign-On and SAML authentication module provided by the Drupal company. Versions of Drupal SAML SSO – Service Provider prior to 3.1.4 contained a security vulnerability. This vulnerability stemmed from improper exception condition checks, which...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the batman-adv module not rejecting new tpmeter sessions during network disconnection. This allow...

kernel security update

4.18.0-553.126.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

Linux Distros Unpatched Vulnerability : CVE-2026-45959

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: ccp - Fix a crash due to incorrect cleanup usage of kfree Annotating a local pointer variable, which will be assigned with the kmalloc-family functions,...

Linux Distros Unpatched Vulnerability : CVE-2026-24199

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where a user could cause a race condition by reordering compiler or processor memor...

PT-2026-44340

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An integer overflow exists in the DRM AMD GPU VCN4 module. This issue occurs during the message bound check, where an incorrect condition allows for an overflow to happen. Recommendation...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of the connection preparation in the mac80211 module. This failure results in the site not...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a bo leak that occurs when the xedmabufinitobj function fails during allocation in the drm/xe...

CVE-2026-45959

A flaw was found in the Linux kernel's crypto: ccp module. An incorrect cleanup usage of the kfree function, which is used for memory deallocation, with a local pointer variable could lead to an invalid deallocation of a stack address. This issue can result in a system crash, causing a Denial of...

CVE-2026-45986

A flaw was found in the Linux kernel's cryptographic module, specifically within the ccmacdigest function of the ccree component. This vulnerability is a memory leak that occurs when a specific mapping operation fails to release allocated memory. Over time, this unreleased memory could lead to a...

CVE-2026-45994

A flaw was found in the Linux kernel's ibmasm module. This vulnerability, an out-of-bounds read in the commandfilewrite function, allows an attacker to cause the system to read beyond the intended memory boundaries. By manipulating the allocation size and header fields, an attacker can trigger th...

httpd: mod_authn_socache: NULL pointer dereference can cause a child process crash

A flaw was found in the modauthnsocache module of httpd. This vulnerability allows an unauthenticated remote user to crash a child process due to a NULL pointer dereference when the server is operating in a caching forward proxy configuration...

httpd: mod_proxy_ajp: off-by-one out-of-bounds reads in AJP getter functions

A flaw was found in the modproxyajp module of httpd. When processing AJP Apache JServ Protocol messages, the AJP getter functions attempt to read data beyond the allocated buffer size, allowing an attacker or a malformed request to cause an out-of-bounds read. This issue leads to a denial of...

httpd: mod_proxy_ajp: heap-based buffer over-read and memory disclosure in ajp_parse_data()

A flaw was found in the modproxyajp module of httpd. When processing AJP Apache JServ Protocol messages, the ajpparsedata function attempts to read data beyond the allocated buffer size, allowing an attacker or a malformed request to cause a heap-based buffer over-read. This issue potentially lea...

httpd: mod_proxy_ajp: off-by-one out-of-bounds reads in AJP getter functions

A flaw was found in the modproxyajp module of httpd. When processing AJP Apache JServ Protocol messages, the AJP getter functions attempt to read data beyond the allocated buffer size, allowing an attacker or a malformed request to cause an out-of-bounds read. This issue leads to a denial of...

httpd: mod_proxy_ajp: heap-based buffer over-read due to missing null-termination check

A flaw was found in the modproxyajp module of httpd. When processing AJP Apache JServ Protocol messages, the server fails to properly check if a string is null-terminated before attempting to read it, allowing an attacker or a malformed request to cause a heap-based buffer over-read. This issue...

CVE-2026-46022

A flaw was found in the Linux kernel's ibmasm module. A compromised service processor can exploit this by manipulating specific hardware registers, causing the system to read data from an unintended memory location. This out-of-bounds read can lead to a system crash, resulting in a Denial of...

CVE-2026-8359

When processing a request with a URL path starting with /status or /sysinfo, WOSHttpStatusModule.dll is to be loaded to handle such URL patterns. The WOSBinLoadHttpModule function in the dll would be called to set up a "module" object for that module. However, WOSHttpStatusModule.dll is not prese...

CVE-2026-24199

NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where a user could cause a race condition by reordering compiler or processor memory instructions. A successful exploit of this vulnerability might lead to denial of service...

CVE-2026-46034

A flaw was found in the Linux kernel's vfio/cdx module. A local user can cause a system crash by improperly configuring Message Signaled Interrupts MSI before they are set up. This can lead to a NULL pointer dereference, resulting in a Denial of Service DoS for the system...