21461 matches found
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a redundant cssput call in the schedext module’s scxcgroupinit function. This vulnerability may...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from insufficiently releasing syncobj and timeline fence references when the output array size is smal...
PT-2026-39036
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A device leak occurs in the net: mctp component during a probe failure. The driver takes a reference to the USB device during the probe process but fails to release it when the probe...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the ublkctrlsetsize function does not check whether ub-ubdisk is NULL, potentially leadin...
PT-2026-38994
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An unbalanced reference count occurs in the f subset USB gadget driver. The geth alloc function increments the reference count, but the geth free function fails to decrement it. This iss...
PT-2026-39016
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A power management PM runtime leak exists in the bh1780 light sensor driver. The issue occurs because the pm runtime put autosuspend function is not called on the error path following a ...
PT-2026-39060
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A reference leak exists in the amdgpu userq wait ioctl function. The issue occurs when the ioctl is aborted because the output array is too small, failing to drop references to the synco...
PT-2026-39152
MapServer is a system for developing web-based GIS applications. From version 6.0 to before version 8.6.2, a reflected XSS vulnerability in MapServer's WMS server allows an unauthenticated attacker to inject arbitrary HTML/JavaScript into the browser of any user who opens a crafted WMS URL. The...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the serial CAIF component not properly holding the tty-link reference during operations like...
CVE-2024-30167
CVE-2024-30167 affects Atlona AT-OME-MS42 Matrix Switcher (version 1.1.2). The vulnerability arises in /cgi-bin/time.cgi where a POST containing a serverName parameter allows remote authenticated users to execute arbitrary commands as root. Documented impact: arbitrary code execution with root pr...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a reference leak during PM runtime on an incorrect path. This could lead to the reference count...
PT-2026-39221
Name of the Vulnerable Software and Affected Versions AnythingLLM versions prior to 1.12.1 Description An insecure direct object reference IDOR exists in the text-to-speech endpoint. The endpoint "/api/workspace/:slug/tts/:chatId" validates workspace membership but fails to enforce ownership of t...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, caused by the use of the runonedelayedref function for an unexpected delayed reference type. This vulnerability...
Mozilla Thunderbird < 140.10.2
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 140.10.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-44 advisory. - Use-after-free in the DOM: Networking component. This vulnerability was fixed in Firefox 150.0.2,...
Linux Distros Unpatched Vulnerability : CVE-2026-43465
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/mlx5e: RX, Fix XDP multi-buf frag counting for striding RQ XDP multi-buf programs can modify the layout of the XDP buffer when the program calls...
PT-2026-39056
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the Linux kernel when the xe sync entry parse function fails during parsing. The function may allocate references for syncobj, fence, chain fence, or user fence...
Mapserver 安全漏洞
Mapserver is an open-source platform developed by the Open Geospatial Foundation, designed for publishing spatial data and interactive map applications to the web. Vulnerabilities existed in MapServer versions from 6.0 to 8.6.2. These vulnerabilities stemmed from the combination of the...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the gethfree function in the USB gadget subset not decrementing the reference count. As a result,...
Linux Distros Unpatched Vulnerability : CVE-2026-43395
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/xe/sync: Cleanup partially initialized sync on parse failure xesyncentryparse can allocate references syncobj, fence, chain fence, or user fence before...
CVE-2026-34327
Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform spoofing over a network...