257 matches found
CVE-2026-33236
NLTK Natural Language Toolkit is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. In versions 3.9.3 and prior, the NLTK downloader does not validate the subdir and id attributes when processing remote XML index...
CVE-2026-33147
GMT is an open source collection of command-line tools for manipulating geographic and Cartesian data sets. In versions from 6.6.0 and prior, a stack-based buffer overflow vulnerability was identified in the gmtremotedatasetid function within src/gmtremote.c. This issue occurs when a specially...
CVE-2026-23244
CVE-2026-23244 affects the Linux kernel and stems from nvme_pr_read_keys() allocating memory based on a user-supplied num_keys value. The code uses num_keys to determine the rse allocation size up to an upper limit PR_KEYS_MAX (64K). A malicious or buggy userspace input can cause a kzalloc-based ...
CVE-2026-32608
Glances is an open-source system cross-platform monitoring tool. The Glances action system allows administrators to configure shell commands that execute when monitoring thresholds are exceeded. These commands support Mustache template variables e.g., name, key that are populated with runtime...
Parse Server's MFA recovery codes not consumed after use
Impact When multi-factor authentication MFA via TOTP is enabled for a user account, Parse Server generates two single-use recovery codes. These codes are intended as a fallback when the user cannot provide a TOTP token. However, recovery codes are not consumed after use, allowing the same recover...
SUSE-SU-2026:0781-1 Security update for patch
This update for patch fixes the following issues: - CVE-2021-45261: Clear range of pointers before they are used/freed bsc1194037...
CVE-2026-23136 libceph: reset sparse-read state in osd_fault()
In the Linux kernel, the following vulnerability has been resolved: libceph: reset sparse-read state in osdfault When a fault occurs, the connection is abandoned, reestablished, and any pending operations are retried. The OSD client tracks the progress of a sparse-read reply using a separate stat...
AZL-78425 CVE-2025-71150 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix refcount leak when invalid session is found on session lookup When a session is found but its state is not SMB2SESSIONVALID, It indicates that no valid session was found, but it is missing to decrement the reference...
CVE-2025-71137
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: fix "UBSAN: shift-out-of-bounds error" This patch ensures that the RX ring size rxpending is not set below the permitted length. This avoids UBSAN shift-out-of-bounds errors when users passes small or zero ring size...
CVE-2026-22024
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, the cryptographyencrypt function allocates...
Astra Linux - уязвимость в linux-6.12
In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: avoid buffer overflow in WID string configuration Fix the following copy overflow warning identified by Smatch checker. drivers/net/wireless/microchip/wilc1000/wlancfg.c:184 wilcwlanparseresponseframe error:...
PT-2026-8209
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's Ceph implementation where an invalid pointer is passed to the kfree function within the parse longname function. This occurs when reading Ceph snapsho...
SUSE CVE-2022-50784
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mei: fix potential NULL-ptr deref after clone If cloning the SKB fails, don't try to use it, but rather return as if we should pass it. Coverity CID: 1503456...
CVE-2023-54216
The CVE-2023-54216 entries describe a Linux kernel vulnerability in net/mlx5e TC offload code where eswitch mapping was used in NIC mode, accessing an uninitialized eswitch object mapping pool and causing a slab-use-after-free in mlx5_add_flow_rules (mlx5_core) traced via a KASAN report. A patch ...
SUSE CVE-2025-68350
In the Linux kernel, the following vulnerability has been resolved: exfat: fix divide-by-zero in exfatallocatebitmap The variable maxracount can be 0 in exfatallocatebitmap, which causes a divide-by-zero error in the subsequent modulo operation i % maxracount, leading to a system crash. When...
CVE-2023-54112
In the Linux kernel, the following vulnerability has been resolved: kcm: Fix memory leak in error path of kcmsendmsg syzbot reported a memory leak like below: BUG: memory leak unreferenced object 0xffff88810b088c00 size 240: comm "syz-executor186", pid 5012, jiffies 4294943306 age 13.680s hex dum...
CVE-2025-46292
This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2. An app may be able to access user-sensitive data...
Linux Distros Unpatched Vulnerability : CVE-2025-68264
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: refresh inline data size before write operations The cached ei-iinlinesize can become stale between the initial size check and when...
CVE-2022-50658
In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: fix memory leak in error path If for some reason the speedbin length is incorrect, then there is a memory leak in the error path because we never free the speedbin buffer. This commit fixes the error path to always...
EUVD-2023-60115
In the Linux kernel, the following vulnerability has been resolved: md: fix warning for holder mismatch from exportrdev Commit a1d767191096 "md: use mddev-external to select holder in exportrdev" fix the problem that 'claimrdev' is used for blkdevgetbydev while 'rdev' is used for blkdevput...