Lucene search
K

1441 matches found

NVD
NVD
added yesterday3 views

CVE-2026-10673

The Zephyr ADIN2111/ADIN1110 10BASE-T1S/T1L Ethernet driver drivers/ethernet/ethadin2111.c reassembles received Ethernet frames in OPEN Alliance OA SPI mode by copying device-supplied 64-byte data chunks into a fixed static buffer ctx-buf of size CONFIGETHADIN2111BUFFERSIZE default 1524 bytes. In...

8.3CVSS
Exploits0References3
CVE
CVE
added yesterday4 views

CVE-2026-10673

The CVE-2026-10673 affects the Zephyr ADIN2111/ADIN1110 Ethernet driver (drivers/ethernet/eth_adin2111.c) in OA SPI mode. The code reassembles frames by copying device-supplied 64-byte chunks into a fixed buffer (CONFIG_ETH_ADIN2111_BUFFER_SIZE, default 1524) without verifying that the write curs...

8.3CVSS6.2AI score
Exploits0References3
EUVD
EUVD
added yesterday3 views

EUVD-2026-44746

The Zephyr ADIN2111/ADIN1110 10BASE-T1S/T1L Ethernet driver drivers/ethernet/ethadin2111.c reassembles received Ethernet frames in OPEN Alliance OA SPI mode by copying device-supplied 64-byte data chunks into a fixed static buffer ctx-buf of size CONFIGETHADIN2111BUFFERSIZE default 1524 bytes. In...

8.3CVSS6.2AI score
Exploits0References3
OSV
OSV
added yesterday4 views

USN-8547-1 linux-gcp-5.15, linux-intel-iotg-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - Cryptographic API; - InfiniBand drivers; - IOMMU subsystem; - Network drivers; -...

9.8CVSS6.8AI score0.09796EPSS
Exploits4References66
Ubuntu
Ubuntu
added 6 days ago6 views

USN-8492-5: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...

9.8CVSS6.6AI score0.00686EPSS
Exploits4
OSV
OSV
added 2026/07/02 3:49 p.m.6 views

USN-8498-1 linux-nvidia-tegra vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...

9.8CVSS6.4AI score0.00686EPSS
Exploits4References298
OSV
OSV
added 2026/07/02 3:24 p.m.10 views

USN-8492-2 linux-aws-6.8, linux-gcp-6.8, linux-gke, linux-gkeop, linux-ibm-6.8, linux-nvidia-lowlatency, linux-oracle-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...

9.8CVSS6.4AI score0.00686EPSS
Exploits4References300
Tenable Nessus
Tenable Nessus
added 2026/07/02 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-53344

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pinctrl: mcp23s08: Initialize mcp-dev and mcp-addr before regmap init Regmap initialization triggers regcachemaplepopulate which attempts SPI read to populate...

6AI score0.00145EPSS
Exploits0References2
OSV
OSV
added 2026/07/01 5:15 p.m.10 views

USN-8493-1 linux, linux-aws, linux-aws-5.15, linux-aws-fips, linux-azure, linux-azure-5.15, linux-azure-fde-5.15, linux-fips, linux-gcp, linux-gcp-fips, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iot-realtime, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx, linux-oracle, linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - Cryptographic API; - InfiniBand drivers; - IOMMU subsystem; - Network drivers; -...

9.8CVSS6.3AI score0.09796EPSS
Exploits4References65
OSV
OSV
added 2026/07/01 4:43 p.m.11 views

USN-8488-1 linux, linux-aws, linux-gcp, linux-ibm, linux-oracle, linux-realtime vulnerabilities

It was discovered that some AMD processors did not properly clear data in the floating point divider unit during speculative execution. A local attacker could use this to expose sensitive information. CVE-2025-54505 Several security issues were discovered in the Linux kernel. An attacker could...

9.8CVSS6.8AI score0.00675EPSS
Exploits23References237
OSV
OSV
added 2026/07/01 1:35 p.m.3 views

SUSE-SU-2026:2722-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. - CVE-2025-68822: Input: alps - fix use-after-free bugs caused by dev3registerwor...

9.8CVSS6.9AI score0.0053EPSS
Exploits0References133
CVE
CVE
added 2026/07/01 1:32 p.m.19 views

CVE-2026-53344

The CVE-2026-53344 issue in the Linux kernel affects the pinctrl driver for the mcp23s08. The root cause is that mcp->dev and mcp->addr must be initialized before regmap initialization, because regmap’s cache population via regcache_maple_populate() performs an SPI read that requires these ...

5.8AI score0.00145EPSS
Exploits0References2
OSV
OSV
added 2026/07/01 1:32 p.m.3 views

CVE-2026-53344 pinctrl: mcp23s08: Initialize mcp->dev and mcp->addr before regmap init

In the Linux kernel, the following vulnerability has been resolved: pinctrl: mcp23s08: Initialize mcp-dev and mcp-addr before regmap init Regmap initialization triggers regcachemaplepopulate which attempts SPI read to populate cache. SPI read requires mcp-dev and mcp-addr to be set, without them,...

5.8AI score0.00145EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.8 views

SUSE SLES16: postgresql14 / postgresql14-contrib / postgresql14-devel / etc (SUSE-SU-2026:22177-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:22177-1 advisory. This update for postgresql14 fixes the following issues Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on...

8.8CVSS6.1AI score0.00668EPSS
Exploits0References26
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: spi: spidev: fixed the lock inversion between spilock and buflock. The spidev driver previously used two mutexes, spilock and buflock, but their acquisition was done in different orders depending on the code path: - write/read:...

5.5CVSS5.8AI score0.00094EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: iio: pressure: mprls0025pa: fix the initialization of the spitransfer struct Make sure that the spitransfer struct is cleared to zero before use...

8.4CVSS5.7AI score0.00132EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: spi: ch341: fix out-of-bounds memory access in ch341transferone Discovered by Atuin – Automated Vulnerability Discovery Engine. The len variable is calculated as min32, trans-len + 1, which includes the 1-byte command header. Whe...

6.5AI score0.00168EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.1 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad – Fixing timeout handling When the CPU on which the QSPI interrupt handler runs typically CPU 0 is excessively busy, it can lead to rare cases where the IRQ thread does not run before the transfer timeout is...

5.9AI score0.00176EPSS
Exploits0References2
OSV
OSV
added 2026/06/24 1:20 p.m.4 views

CVE-2026-42450 OpenColorIO vulnerable to stack buffer overflow via unbounded `sscanf %s` in Spi3D (.spi3d) LUT parser

OpenColorIO is a color management framework for visual effects and animation. Prior to version 2.5.2, FileFormatSpi3D.cpp:163 uses sscanf with %s into 64-byte stack buffers when parsing LUT data lines. Input comes from lineBuffer4096, so a crafted .spi3d file can overflow by 4000 bytes on...

8.4CVSS6AI score0.0012EPSS
Exploits0References4
OSV
OSV
added 2026/06/19 4:51 p.m.3 views

OPENSUSE-SU-2026:21102-1 Security update for postgresql14

This update for postgresql14 fixes the following issues Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard against malicious time zone...

8.8CVSS6.9AI score0.00668EPSS
Exploits0References17
Rows per page
Query Builder