1040 matches found
CVE-2026-46022
In the Linux kernel, the following vulnerability has been resolved: misc: ibmasm: fix OOB MMIO read in ibmasmhandlemouseinterrupt ibmasmhandlemouseinterrupt performs an out-of-bounds MMIO read when the queue reader or writer index from hardware exceeds REMOTEQUEUESIZE 60. A compromised service...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an out-of-bound MMIO read performed by the queue reader/writer index exceeding the REMOTEQUEUESIZE rang...
CVE-2026-46022
misc: ibmasm: fix OOB MMIO read in ibmasmhandlemouseinterrupt...
PT-2026-43889
In the Linux kernel, the following vulnerability has been resolved: misc: ibmasm: fix OOB MMIO read in ibmasm handle mouse interrupt ibmasm handle mouse interrupt performs an out-of-bounds MMIO read when the queue reader or writer index from hardware exceeds REMOTE QUEUE SIZE 60. A compromised...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: x86/vmware: Fixed hypercall clobbering issues. Fedora QA reported the following panic: BUG: Unable to handle a page fault for address: 0000000040003e54 PF: Supervisor write access in kernel mode PF: Errorcode0x0002 – Not-prese...
@drop-in-gaming/core (=0.1.7), demo-message (=1.0.0) +16 more potentially affected by unknown CVE via canvas-nest.js (>=2.0.3 <=2.0.4)
canvas-nest.js NPM version =2.0.3, =1.0.3, =1.0.0, =1.0.0, =1.0.18, =0.6.32, =0.4.17, =0.0.1, =1.0.0, =1.0.2 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-4131...
CVE-2026-44296
Deskflow is a keyboard and mouse sharing app. Prior to 1.26.0.167, a remote, unauthenticated denial of service DoS vulnerability affects Deskflow servers running with TLS enabled the default. When any TCP peer connects to the listening port and its first bytes do not parse as a valid TLS...
SUSE CVE-2026-43140
In the Linux kernel, the following vulnerability has been resolved: HID: magicmouse: Do not crash on missing msc-input Fake USB devices can send their own report descriptors for which the inputmapping hook does not get called. In this case, msc-input stays NULL, leading to a crash at a later time...
CLSA-2026-1778140717 vim: Fix of 10 CVEs
CVE-2022-0158: fix Vim9 reading before start of line with single $ - CVE-2022-0696: fix crash when switching tabpage in cmdline window - CVE-2022-1674: fix crash when matching buffer with invalid pattern - CVE-2022-1725: fix using NULL regexp program in buffer matching - CVE-2022-1771: fix...
CLSA-2026-1778133583 vim: Fix of 10 CVEs
CVE-2022-0158: fix Vim9 reading before start of line with single $ - CVE-2022-0696: fix crash when switching tabpage in cmdline window - CVE-2022-1674: fix crash when matching buffer with invalid pattern - CVE-2022-1725: fix using NULL regexp program in buffer matching - CVE-2022-1771: fix...
EUVD-2026-27703
In the Linux kernel, the following vulnerability has been resolved: HID: magicmouse: Do not crash on missing msc-input Fake USB devices can send their own report descriptors for which the inputmapping hook does not get called. In this case, msc-input stays NULL, leading to a crash at a later time...
CVE-2026-43140
In the Linux kernel, the following vulnerability has been resolved: HID: magicmouse: Do not crash on missing msc-input Fake USB devices can send their own report descriptors for which the inputmapping hook does not get called. In this case, msc-input stays NULL, leading to a crash at a later time...
CVE-2026-43140
In the Linux kernel, the following vulnerability has been resolved: HID: magicmouse: Do not crash on missing msc-input Fake USB devices can send their own report descriptors for which the inputmapping hook does not get called. In this case, msc-input stays NULL, leading to a crash at a later time...
PT-2026-37480
In the Linux kernel, the following vulnerability has been resolved: HID: magicmouse: Do not crash on missing msc-input Fake USB devices can send their own report descriptors for which the input mapping hook does not get called. In this case, msc-input stays NULL, leading to a crash at a later tim...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of handling of msc-input in the HID MagicMouse, potentially leading to crashes...
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerability has been resolved: HID: magicmouse: fix NULL dereferencing on disconnection Commit 9d7b18668956 “HID: magicmouse: add support for Apple Magic Trackpad 2” added a sanity check for an Apple trackpad. If the check fails, it returns success instead of...
Astra Linux - уязвимость в xorg-server
In X.Org X server 20.11 through 21.1.16, when a client application uses easystroke for mouse gestures, the main thread modifies various data structures used by the input thread without acquiring a lock, aka a race condition. In particular, AttachDevice in dix/devices.c does not acquire an input...
Astra Linux - уязвимость в firefox, thunderbird
A malicious website could have used a combination of the fullscreen mode and the requestPointerLock function to cause the user’s mouse to be repositioned unexpectedly. This could lead to confusion among users and, inadvertently, the granting of permissions that the user did not intend to grant...
CVE-2026-41476
Deskflow is a keyboard and mouse sharing app. Prior to 1.26.0.138, a remote memory-safety vulnerability in Deskflow's clipboard deserialization allows a connected peer to trigger an out-of-bounds read by sending a malformed clipboard update. The issue is in the implementation of...
SUSE CVE-2026-31522
In the Linux kernel, the following vulnerability has been resolved: HID: magicmouse: avoid memory leak in magicmousereportfixup The magicmousereportfixup function was returning a newly kmemdup-allocated buffer, but never freeing it. The caller of reportfixup does not take ownership of the returne...