161009 matches found
ROOT-OS-DEBIAN-11-CVE-2026-25210 CVE-2026-25210 in rootio-expat - Patched by Root
Root has patched CVE-2026-25210 in the rootio-expat package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2024-28757 CVE-2024-28757 in rootio-expat - Patched by Root
Root has patched CVE-2024-28757 in the rootio-expat package for Root:Debian:11. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2023-2976 CVE-2023-2976 in io.root.com.google.guava:guava - Patched by Root
Root has patched CVE-2023-2976 in the io.root.com.google.guava:guava package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2017-20189 CVE-2017-20189 in io.root.org.clojure:clojure - Patched by Root
Root has patched CVE-2017-20189 in the io.root.org.clojure:clojure package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2022-45688 CVE-2022-45688 in io.root.org.json:json - Patched by Root
Root has patched CVE-2022-45688 in the io.root.org.json:json package for Root:Maven. Multiple fixed versions available...
UBUNTU-CVE-2026-53274
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix sleep-inside-lock in smcsetsockopt causing local DoS A logic flaw in smcsetsockopt allows a local unprivileged user to cause a Denial of Service DoS by holding the socket lock indefinitely. The function smcsetsockopt...
CVE-2026-53264
In the Linux kernel, the following vulnerability has been resolved: net/sched: actapi: use RCU with deferred freeing for action lifecycle When NEWTFILTER and DELFILTER are run concurrently it is possible to create a race with an associated action. Let's illustrate with CPU0 running NEWTFILTER and...
EUVD-2026-39327
In the Linux kernel, the following vulnerability has been resolved: tcp: restrict SOATTACHFILTER to priv users This patch restricts the use of SOATTACHFILTER cBPF on TCP sockets to users with CAPNETADMIN capability. This blocks potential side-channel attack where an unprivileged application...
CVE-2026-53225
The CVE-2026-53225 entry describes a Linux kernel SCTP vulnerability in __sctp_rcv_asconf_lookup() where an unauthenticated peer can send a truncated ASCONF chunk; the code may read 16 bytes of uninitialized memory past the address parameter when the chunk’s length is misdeclared. Affected compon...
EUVD-2026-39311
In the Linux kernel, the following vulnerability has been resolved: netfilter: revalidate bridge ports ebtredirecttg dereferences brportgetrcu return without a NULL check, causing a kernel panic when the bridge port has been removed between the original hook invocation and an NFQUEUE reinject. A...
CVE-2026-53203
CVE-2026-53203 affects the Linux kernel’s accel/ivpu component. A buffer overflow can occur when the firmware returns a metric-stream info size larger than the allocated buffer during get_info_ioctl; if this happens, the operation could copy beyond the buffer. Remediation implemented in the publi...
CVE-2026-53192
CVE-2026-53192 — Linux kernel ALSA timer UAF fix The vulnerability affects the ALSA timer path (snd_timer_user_params) in the Linux kernel. A race can occur during timer object release when a concurrent SNDRV_TIMER_IOCTL_PARAMS ioctl is in flight, potentially leading to a use-after-free if anothe...
CVE-2026-53149
CVE-2026-53149 affects the Linux kernel thunderbolt subsystem. The root cause is a missing bounds check in __tb_property_parse_dir(): content_offset + content_len is not verified to fit within block_len for the root directory case. If rootdir->length is at least block_len - 2, the entry loop m...
EUVD-2026-39236
In the Linux kernel, the following vulnerability has been resolved: drm/gem: Try to fix changehandle ioctl, attempt 4 airlied: just added some comments on how to reenable On-list because the cat is out of the bag and we're clearly not good enough to figure this out in private. The story thus far:...
ROOT-APP-NPM-CVE-2025-14874 CVE-2025-14874 in @rootio/nodemailer - Patched by Root
Root has patched CVE-2025-14874 in the @rootio/nodemailer package for Root:npm. Multiple fixed versions available...
Jorani 1.0.0 - Remote Code Execution
Jorani 1.0.0, an attacker could leverage path traversal to access files and execute code on the server. id: CVE-2023-26469 info: name: Jorani 1.0.0 - Remote Code Execution author: pussycat0x severity: critical description: | Jorani 1.0.0, an attacker could leverage path traversal to access files...
Sophos UTM Preauth - Remote Code Execution
Sophos SG UTMA WebAdmin is susceptible to a remote code execution vulnerability in versions before v9.705 MR5, v9.607 MR7, and v9.511 MR11. id: CVE-2020-25223 info: name: Sophos UTM Preauth - Remote Code Execution author: gy741 severity: critical description: Sophos SG UTMA WebAdmin is susceptibl...
PT-2026-52514
Name of the Vulnerable Software and Affected Versions pnpm versions prior to 10.34.0 pnpm versions prior to 11.4.0 Description The patch application pipeline @pnpm/patch-package fails to validate file paths extracted from .patch files. An attacker can provide a malicious patch file containing...
Linux Distros Unpatched Vulnerability : CVE-2026-53000
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: nat: use kfreercu to release ops Florian Westphal says: Historically this is not an issue, even for normal base hooks: the data path doesn't use the...
Linux Distros Unpatched Vulnerability : CVE-2026-53082
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: hamradio: 6pack: fix uninit-value in sixpackreceivebuf sixpackreceivebuf does not properly skip bytes with TTY error flags. The while loop iterates through...