2184 matches found
CVE-2026-53340
In the Linux kernel, the following vulnerability has been resolved: i2c: imx: fix clock and pinctrl state inconsistency in runtime PM In i2cimxruntimesuspend, the clock is disabled before switching the pinctrl state to sleep. If pinctrlpmselectsleepstate fails, the runtime suspend is aborted but...
EUVD-2026-40974
In the Linux kernel, the following vulnerability has been resolved: i2c: imx: fix clock and pinctrl state inconsistency in runtime PM In i2cimxruntimesuspend, the clock is disabled before switching the pinctrl state to sleep. If pinctrlpmselectsleepstate fails, the runtime suspend is aborted but...
gnutls: gnutls: Use-after-free in gnutls_pkcs11_token_set_pin
A flaw was found in GnuTLS. The gnutlspkcs11tokensetpin function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This occurs when an attacker attempts to change the PIN with a NULL old PIN for a token that lacks a protected authentication path...
PYSEC-2026-508 Compromise of PyTorch Lightning PyPi Package Versions
Security Advisory: Compromise of PyTorch Lightning PyPI Package Versions Published: 2026-04-30 Last Updated: 2026-05-12 Github Advisory: CVE-2026-44484 We have identified a security incident affecting certain versions of one of our PyPI packages. What happened We have determined that one or more...
gnutls: gnutls: Use-after-free in gnutls_pkcs11_token_set_pin
A flaw was found in GnuTLS. The gnutlspkcs11tokensetpin function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This occurs when an attacker attempts to change the PIN with a NULL old PIN for a token that lacks a protected authentication path...
gnutls: gnutls: Use-after-free in gnutls_pkcs11_token_set_pin
A flaw was found in GnuTLS. The gnutlspkcs11tokensetpin function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This occurs when an attacker attempts to change the PIN with a NULL old PIN for a token that lacks a protected authentication path...
gnutls: gnutls: Use-after-free in gnutls_pkcs11_token_set_pin
A flaw was found in GnuTLS. The gnutlspkcs11tokensetpin function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This occurs when an attacker attempts to change the PIN with a NULL old PIN for a token that lacks a protected authentication path...
gnutls: gnutls: Use-after-free in gnutls_pkcs11_token_set_pin
A flaw was found in GnuTLS. The gnutlspkcs11tokensetpin function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This occurs when an attacker attempts to change the PIN with a NULL old PIN for a token that lacks a protected authentication path...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: dpll: Prevent duplicate registrations. The internal registration helper function dpllxarefdpll,pinadd has been modified to reject duplicate registration attempts. Previously, if a caller attempted to register the same pin multipl...
CVE-2026-56422
Multiple MISP core controllers and model capture paths accepted client-controlled request fields such as primary keys id and ownership/scope foreign keys eventid, orgid, userid, sharinggroupid, galaxyclusteruuid, organisationuuid, and related nested object identifiers without consistently...
CVE-2026-56422
CVE-2026-56422 affects MISP core controllers and models where client-controlled fields (ids and ownership/scope keys such as event_id, org_id, user_id, sharing_group_id, galaxy_cluster_uuid, organisation_uuid, etc.) were not consistently stripped or revalidated, enabling an authenticated user to ...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: fix pinassignmentshow This patch fixes the issue of negative indexing of the buf array in pinassignmentshow, especially when getcurrentpinassignments returns 0, indicating that no compatible pin...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel before version 5.16.3, the driver/bluetooth/hciqca.c file misinterprets the return value of devmgpiodgetindexoptional. It expects the return value to be NULL in the error case, but in reality, it is an error pointer...
Astra Linux – Vulnerability in Python-Werkzeug
Werkzeug is a comprehensive WSGI web application library. In affected versions of Werkzeug, the debugger can allow an attacker to execute code on a developer’s machine under certain circumstances. This requires the attacker to get the developer to interact with a domain and subdomain that they...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: mshv: Error handling in mshvregionpin has been fixed. The current error handling has two issues: Firstly, the pinuserpagesfast function may return a short pin count less than the requested count but greater than zero when it...
Astra Linux – Vulnerability in opensc
A flaw was discovered in OpenSC packages that could allow for a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length PIN is passed. This issue poses a security risk, especially for OS...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed a NULL pointer dereference in amdgpudmi2cxfer. When ddcserviceconstruct is called, it explicitly checks both the link type and whether there is something on the link that will determine whether the pin is...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: gpio: wcd934x – Fixed the out-of-bounds shift error The bit mask for pins 0 to 4 is BIT0 to BIT4, but we actually ended up with BITn – 1, which is incorrect. This issue was detected by the UBSAN check. UBSAN: Out-of-bounds shi...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: xen/privcmd: fixed the error exit of privcmdioctldmop The error exit of privcmdioctldmop calls unlockpages, potentially with pages being NULL, leading to a NULL dereference. Additionally, lockpages does not check whether...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: pinctrl: aspeed: Fixed a potential NULL dereferencing in aspeedpinmuxsetmux. pdesc could potentially be null, but still, dereferencing pdesc-name would lead to a NULL pointer access. Therefore, we moved a null check before the...