CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/04/25 5:49 a.m.•7 views

OESA-2026-2045 openssl security update

Security Fixes: Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. Impact summary: A use after free can have a range of...

8.1CVSS6.5AI score0.00885EPSS

Exploits0References5

OSV•added 2026/04/25 5:49 a.m.•4 views

OESA-2026-2044 openssl security update

8.1CVSS6.5AI score0.00885EPSS

Exploits0References5

OSV•added 2026/04/25 5:49 a.m.•7 views

OESA-2026-2043 openssl security update

9.8CVSS6.8AI score0.00981EPSS

OSV•added 2026/04/25 5:49 a.m.•8 views

OESA-2026-2042 openssl security update

9.8CVSS6.8AI score0.00981EPSS

OSV•added 2026/04/25 5:49 a.m.•8 views

OESA-2026-2041 openssl security update

9.8CVSS6.8AI score0.00981EPSS

OSV•added 2026/04/25 5:48 a.m.•5 views

OESA-2026-2016 firebird security update

Firebird is a relational database offering many ANSI SQL standard features that runs on Linux, Windows, MacOS and a variety of Unix platforms. Firebird offers excellent concurrency, high performance, and powerful language support for stored procedures and triggers. It has been used in production...

9.9CVSS6.8AI score0.01133EPSS

Exploits8References10

OSV•added 2026/04/25 5:48 a.m.•4 views

OESA-2026-2014 firebird security update

9.9CVSS6.8AI score0.01133EPSS

Exploits8References10

OSV•added 2026/04/25 5:48 a.m.•7 views

OESA-2026-2013 firebird security update

9.9CVSS6.8AI score0.01133EPSS

Exploits8References10

5.5CVSS5.4AI score0.00123EPSS

SUSE CVE-2026-31540

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Check setdefaultsubmission before deferencing When the i915 driver firmware binaries are not present, the setdefaultsubmission pointer is not set. This pointer is dereferenced during suspend anyways. Add a check to...

Exploits0References4

SUSE CVE-2026-31544

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix NULL dereference on notify error path Since commit b5daf93b809d1 "firmware: armscmi: Avoid notifier registration for unsupported events" the call chains leading to the helper scmieventhandlergetops expect a...

5.4AI score0.00121EPSS

SUSE CVE•added 2026/04/25 1:39 a.m.•4 views

SUSE CVE-2026-31546

In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix NULL deref in bonddebugrlbhashshow rlbclearslave intentionally keeps RLB hash-table entries on the rxhashtblusedhead list with slave set to NULL when no replacement slave is available. However,...

5.5CVSS5.5AI score0.00123EPSS

Exploits0References14

5.5CVSS5.4AI score0.00123EPSS

SUSE CVE-2026-31549

In the Linux kernel, the following vulnerability has been resolved: i2c: cp2615: fix serial string NULL-deref at probe The cp2615 driver uses the USB device serial string as the i2c adapter name but does not make sure that the string exists. Verify that the device has a serial number before...

SUSE CVE•added 2026/04/25 1:39 a.m.•4 views

SUSE CVE-2026-31555

In the Linux kernel, the following vulnerability has been resolved: futex: Clear stale exiting pointer in futexlockpi retry path Fuzzying/stressing futexes triggered: WARNING: kernel/futex/core.c:825 at waitforownerexiting+0x7a/0x80, CPU11: futexlockpis/524 When futexlockpiatomic sees the owner i...

5.5CVSS5.4AI score0.00123EPSS

Exploits0References4

5.5CVSS5.4AI score0.00121EPSS

SUSE CVE-2026-31562

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: dsi: Store driver data before invoking mipidsihostregister The call to mipidsihostregister triggers a callback to mtkdsibind, which uses devgetdrvdata to retrieve the mtkdsi struct, so this structure needs to be...

SUSE CVE•added 2026/04/25 1:39 a.m.•4 views

SUSE CVE-2026-31564

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix base address calculation in kvmeiointcregsaccess In function kvmeiointcregsaccess, the register base address is caculated from array base address plus offset, the offset is absolute value from the base address...

5.5CVSS5.4AI score0.00107EPSS

SUSE CVE•added 2026/04/25 1:38 a.m.•4 views

SUSE CVE-2026-31599

In the Linux kernel, the following vulnerability has been resolved: media: vidtv: fix NULL pointer dereference in vidtvchannelpmtmatchsections syzbot reported a general protection fault in vidtvpsidescassign 1. vidtvpsipmtstreaminit can return NULL on memory allocation failure, but...

5.5CVSS5.4AI score0.00125EPSS

SUSE CVE•added 2026/04/25 1:37 a.m.•4 views

SUSE CVE-2026-31625

In the Linux kernel, the following vulnerability has been resolved: HID: alps: fix NULL pointer dereference in alpsrawevent Commit ecfa6f34492c "HID: Add HIDCLAIMEDINPUT guards in rawevent callbacks missing them" attempted to fix up the HID drivers that had missed the previous fix that was done i...

5.5CVSS5.4AI score0.00125EPSS

SUSE CVE•added 2026/04/25 1:37 a.m.•4 views

SUSE CVE-2026-31646

In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix pagepool error handling in lan966xfdmarxallocpagepool pagepoolcreate can return an ERRPTR on failure. The return value is used unconditionally in the loop that follows, passing the error pointer through...

5.5CVSS5.5AI score0.00122EPSS

SUSE CVE•added 2026/04/25 1:37 a.m.•5 views

SUSE CVE-2026-31651

In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix NULL-deref on disconnect Make sure to deregister the controller before dropping the reference to the driver data on disconnect to avoid NULL-pointer dereferences or use-after-free...

5.5CVSS5.4AI score0.00111EPSS