102945 matches found
UBUNTU-CVE-2026-52930
In the Linux kernel, the following vulnerability has been resolved: ipc/shm: serialize orphan cleanup with shmnattch updates shmdestroyorphaned walks the shm idr under shmidsns.rwsem, but that does not serialize all fields tested by shmmaydestroy. In particular, shmnattch is updated while holding...
UBUNTU-CVE-2026-52923
In the Linux kernel, the following vulnerability has been resolved: ipc: limit nextid allocation to the valid ID range The checkpoint/restore sysctl path can request the next SysV IPC id through ids-nextid. ipcidralloc currently forwards that request to idralloc with an open-ended upper bound. If...
EUVD-2026-38707
In the Linux kernel, the following vulnerability has been resolved: tap: fix stack info leak in tapioctl SIOCGIFHWADDR In the SIOCGIFHWADDR path, tapioctl copies 16 bytes of an uninitialised on-stack struct sockaddrstorage to userspace via ifrhwaddr, but netifgetmacaddress only writes safamily an...
CVE-2026-52938 bpf: Fix NULL pointer dereference in bpf_sk_storage_clone and diag paths
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix NULL pointer dereference in bpfskstorageclone and diag paths bpfselemunlinknofail sets SDATAselem-smap to NULL before removing the selem from the storage hlist. A concurrent RCU reader in bpfskstorageclone can observe th...
EUVD-2026-38705
In the Linux kernel, the following vulnerability has been resolved: xfrm: espintcp: do not reuse an in-progress partial send espintcp keeps a single in-flight transmit in ctx-partial. Before building a new skmsg, espintcpsendmsg first tries to flush that state through espintcppushmsgs. For blocki...
CVE-2026-52929
In the Linux kernel, the following vulnerability has been resolved: sctp: stream: fully roll back denied add-stream state When ADDOUTSTREAMS is denied, SCTP only shrinks the queued chunks and then lowers outcnt. That leaves removed stream metadata behind, so a later re-add can reuse a stale ext a...
CVE-2026-52929
The CVE affects the Linux kernel SCTP stream handling. When ADD_OUT_STREAMS is denied, the rollback only shrinks queued chunks and lowers outcnt, leaving removed stream metadata behind. A subsequent re-add can reuse a stale ext and trigger a null-pointer dereference in the scheduler get path, pot...
CVE-2026-52917
Summary (concrete details from provided sources): CVE-2026-52917 fixes a Linux kernel SCTP diagnostics flaw in the sock_diag lookup during the dump_one path. The issue occurs when an SCTP association has been freed but is still being reported, allowing the code to dereference an invalid associati...
EUVD-2026-38720
In the Linux kernel, the following vulnerability has been resolved: sctp: diag: reject stale associations in dumpone path The SCTP exact sockdiag lookup can hold a transport reference, block on locksocksk, and then resume after sctpassociationfree has marked the association dead and freed its bin...
CVE-2026-52917
In the Linux kernel, the following vulnerability has been resolved: sctp: diag: reject stale associations in dumpone path The SCTP exact sockdiag lookup can hold a transport reference, block on locksocksk, and then resume after sctpassociationfree has marked the association dead and freed its bin...
CVE-2026-52917
In the Linux kernel, the following vulnerability has been resolved: sctp: diag: reject stale associations in dumpone path The SCTP exact sockdiag lookup can hold a transport reference, block on locksocksk, and then resume after sctpassociationfree has marked the association dead and freed its bin...
CVE-2026-52917 sctp: diag: reject stale associations in dump_one path
In the Linux kernel, the following vulnerability has been resolved: sctp: diag: reject stale associations in dumpone path The SCTP exact sockdiag lookup can hold a transport reference, block on locksocksk, and then resume after sctpassociationfree has marked the association dead and freed its bin...
Open Redirect
Nuxt is vulnerable to open redirect. The vulnerability is due to improper validation of path-normalized URLs in navigateTo, where specially crafted paths can bypass external-host checks after normalization, allowing attackers to redirect users to malicious websites and facilitate phishing attacks...
CVE-2026-8628
The EntreDroppers plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via PHPSELF Parameter in all versions up to, and including, 1.1.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts...
EUVD-2026-38671
The EntreDroppers plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via PHPSELF Parameter in all versions up to, and including, 1.1.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts...
CVE-2026-8628 EntreDroppers <= 1.1.2 - Reflected Cross-Site Scripting via PHP_SELF Parameter
The EntreDroppers plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via PHPSELF Parameter in all versions up to, and including, 1.1.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts...
ROOT-APP-NPM-CVE-2024-52798 CVE-2024-52798 in @rootio/path-to-regexp - Patched by Root
Root has patched CVE-2024-52798 in the @rootio/path-to-regexp package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-4867 CVE-2026-4867 in @rootio/path-to-regexp - Patched by Root
Root has patched CVE-2026-4867 in the @rootio/path-to-regexp package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2024-45296 CVE-2024-45296 in @rootio/path-to-regexp - Patched by Root
Root has patched CVE-2024-45296 in the @rootio/path-to-regexp package for Root:npm. Multiple fixed versions available...
PT-2026-52087
Name of the Vulnerable Software and Affected Versions KubeVirt affected versions not specified Description A flaw exists in the safepath package used by virt-handler. The OpenAtNoFollow function utilizes O PATH|O NOFOLLOW to obtain a file descriptor for a path leaf; however, subsequent operations...