180 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-23104
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ice: fix devlink reload call trace Commit 4da71a77fc3b ice: read internal temperature sensor introduced internal temperature sensor reading via HWMON...
CVE-2026-22979 net: fix memory leak in skb_segment_list for GRO packets
In the Linux kernel, the following vulnerability has been resolved: net: fix memory leak in skbsegmentlist for GRO packets When skbsegmentlist is called during packet forwarding, it handles packets that were aggregated by the GRO engine. Historically, the segmentation logic in skbsegmentlist...
MiracleLinux 3 : ipsec-tools-0.6.5-8.1AXS3 (AXSA:2008-273:01)
The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2008-273:01 advisory. The ipsec-tools package is used in conjunction with the IPsec functionality in the Linux kernel and includes racoon, an IKEv1 keying daemon...
PT-2026-6174
Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description A flaw exists in the Linux kernel's ice driver related to HWMON sysfs attribute handling. A call trace can occur when a devlink reload is used to reinitialize the device, followed by...
PT-2026-27725
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the handling of admin queues during a controller reset. Specifically, when nvme alloc admin tag set is invoked during a controller reset, a...
CVE-2025-68730
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix page fault in ivpubounbindallbosfromcontext Don't add BO to the vdev-bolist in ivpugemcreateobject. When failure happens inside drmgemshmemcreate, the BO is not fully created and ivpugembofree callback will not be...
SUSE CVE-2025-61662
A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the applicati...
EUVD-2025-198071
A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the applicati...
DEBIAN-CVE-2025-61662
A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the applicati...
CVE-2025-61662
A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the applicati...
AZL-70565 CVE-2025-61662 affecting package grub2 for versions less than 2.06-26
A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the applicati...
UBUNTU-CVE-2025-61662
A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the applicati...
CVE-2025-61662 Grub2: missing unregister call for gettext command may lead to use-after-free
A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the applicati...
CVE-2025-61662
A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the applicati...
CVE-2025-61662
CVE-2025-61662 involves a Use-After-Free in GRUB2’s gettext module where the gettext command remains registered after unloading, enabling an attacker to invoke an orphaned command and crash grub (DoS). The Initial Description notes potential data integrity/confidentiality risks but provides no pa...
CVE-2025-61662
A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the applicati...
PT-2025-47380
Name of the Vulnerable Software and Affected Versions GRUB affected versions not specified Description A Use-After-Free issue exists in GRUB's gettext module. This occurs because the gettext command remains registered in memory after its module is unloaded. Exploitation involves invoking the...
CVE-2025-11980
The Quick Featured Images plugin for WordPress is vulnerable to SQL Injection via the 'deleteorphaned' function in all versions up to, and including, 13.7.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
EUVD-2025-38374
The Quick Featured Images plugin for WordPress is vulnerable to SQL Injection via the 'deleteorphaned' function in all versions up to, and including, 13.7.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
CVE-2025-11980
CVE-2025-11980 affects the WordPress Quick Featured Images plugin prior to 13.7.4. The vulnerability is an SQL Injection in the delete_orphaned function due to insufficient escaping and unsafe SQL construction. Exploitation requires Editor+ privileges and user interaction (an author-level user mu...