3395 matches found
PT-2026-52572
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An issue exists where an un-negotiated Raw Public Key RPK, as defined in RFC 7250, is accepted instead of an X.509 certificate, allowing the bypass of chain...
Linux Distros Unpatched Vulnerability : CVE-2026-53024
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - greybus: raw: fix use-after-free if write is called after disconnect If a user writes to the chardev after disconnect has been called, the kernel panics with th...
Linux Distros Unpatched Vulnerability : CVE-2026-53025
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - greybus: raw: fix use-after-free on cdev close This addresses a use-after-free bug when a raw bundle is disconnected but its chardev is still opened by an...
CVE-2026-49979
Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 1.99, the POST /api/v1/admin/send-test-email endpoint accepts attacker-controlled smtpHost and smtpPort values and establishes a raw JavaMail TCP connection without any IP validation. This completely bypasses...
EUVD-2026-38892
In the Linux kernel, the following vulnerability has been resolved: greybus: raw: fix use-after-free if write is called after disconnect If a user writes to the chardev after disconnect has been called, the kernel panics with the following trace with CONFIGINITONFREEDEFAULTON=y: BUG: kernel NULL...
EUVD-2026-38893
In the Linux kernel, the following vulnerability has been resolved: greybus: raw: fix use-after-free on cdev close This addresses a use-after-free bug when a raw bundle is disconnected but its chardev is still opened by an application. When the application releases the cdev, it causes the followi...
CVE-2026-53025
In the Linux kernel, the following vulnerability has been resolved: greybus: raw: fix use-after-free on cdev close This addresses a use-after-free bug when a raw bundle is disconnected but its chardev is still opened by an application. When the application releases the cdev, it causes the followi...
CVE-2026-53024
In the Linux kernel, the following vulnerability has been resolved: greybus: raw: fix use-after-free if write is called after disconnect If a user writes to the chardev after disconnect has been called, the kernel panics with the following trace with CONFIGINITONFREEDEFAULTON=y: BUG: kernel NULL...
CVE-2026-53024
Summary: CVE-2026-53024 affects the Linux kernel Greybus raw subsystem. A use-after-free can occur when a user writes to a chardev after disconnect, because gb_connection_destroy frees the connection object during disconnect and a subsequent write may access that freed object, potentially trigger...
CVE-2026-53025 greybus: raw: fix use-after-free on cdev close
In the Linux kernel, the following vulnerability has been resolved: greybus: raw: fix use-after-free on cdev close This addresses a use-after-free bug when a raw bundle is disconnected but its chardev is still opened by an application. When the application releases the cdev, it causes the followi...
CVE-2026-53024 greybus: raw: fix use-after-free if write is called after disconnect
In the Linux kernel, the following vulnerability has been resolved: greybus: raw: fix use-after-free if write is called after disconnect If a user writes to the chardev after disconnect has been called, the kernel panics with the following trace with CONFIGINITONFREEDEFAULTON=y: BUG: kernel NULL...
CVE-2026-53025
Summary of CVE-2026-53025 : The Linux kernel’s Greybus raw subsystem is affected by a use-after-free when a raw bundle is disconnected while its chardev remains open, leading to a kernel panic and potential DoS. The issue occurs because the cdev can be released after freeing memory, creating an i...
CVE-2026-53024 greybus: raw: fix use-after-free if write is called after disconnect
In the Linux kernel, the following vulnerability has been resolved: greybus: raw: fix use-after-free if write is called after disconnect If a user writes to the chardev after disconnect has been called, the kernel panics with the following trace with CONFIGINITONFREEDEFAULTON=y: BUG: kernel NULL...
CVE-2026-53025 greybus: raw: fix use-after-free on cdev close
In the Linux kernel, the following vulnerability has been resolved: greybus: raw: fix use-after-free on cdev close This addresses a use-after-free bug when a raw bundle is disconnected but its chardev is still opened by an application. When the application releases the cdev, it causes the followi...
Astra Linux – Vulnerability in exiv2
Exiv2 is a C++ library and a command-line utility for reading, writing, deleting, and modifying Exif, IPTC, XMP, and ICC image metadata. Prior to version 0.28.8, a buffer overflow vulnerability was discovered. The vulnerability resides in the CRW image parser. This issue has been fixed in version...
Astra Linux – Vulnerability in imagemagick
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, there was a heap buffer over-read vulnerability in multiple raw image format handles. This vulnerability occurred when processing images with -extract dimension...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: In the inet section, RAW sockets that use IPPROTORAW must drop incoming ICMP packets. Yizhou Zhao reported that simply having a RAW socket with the protocol set to IPPROTORAW 255 was dangerous. The code example: socketAFINET,...
CVE-2026-56368
ImageMagick before 7.1.2-15 contains a memory leak vulnerability in multiple coders that write raw pixel data where allocated objects are not properly freed. Attackers can trigger this leak by processing specially crafted images, causing memory exhaustion and denial of service...
CVE-2026-56368
ImageMagick before 7.1.2-15 contains a memory leak vulnerability in multiple coders that write raw pixel data where allocated objects are not properly freed. Attackers can trigger this leak by processing specially crafted images, causing memory exhaustion and denial of service...
EUVD-2026-38755
ImageMagick before 7.1.2-15 contains a memory leak vulnerability in multiple coders that write raw pixel data where allocated objects are not properly freed. Attackers can trigger this leak by processing specially crafted images, causing memory exhaustion and denial of service...