CVE-2026-43060

A flaw was found in the Linux kernel's netfilter nftct component. When the nftct module is removed, packets still enqueued in the nfqueue might retain outdated references to connection tracking conntrack zone templates or timeout policies. This can lead to stale references, potentially causing...

EUVD-2026-27354

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: drop pending enqueued packets on removal Packets sitting in nfqueue might hold a reference to: - templates that specify the conntrack zone, because a percpu area is used and module removal is possible. - conntra...

CVE-2026-43060

The CVE-2026-43060 issue affects the Linux kernel netfilter component (nft_ct). When the nft_ct module is removed, packets enqueued in nfqueue may retain stale references to conntrack zone templates or timeout policies, risking instability or DoS. The root cause is references that can outlive the...

Linux Distros Unpatched Vulnerability : CVE-2026-43060

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: nftct: drop pending enqueued packets on removal Packets sitting in nfqueue might hold a reference to: - templates that specify the conntrack zone,...

CVE-2026-3779

The application's list box calculate array logic keeps stale references to page or form objects after they are deleted or re-created, which allows crafted documents to trigger a use-after-free when the calculation runs and can potentially lead to arbitrary code execution...

EUVD-2026-17759

The application's list box calculate array logic keeps stale references to page or form objects after they are deleted or re-created, which allows crafted documents to trigger a use-after-free when the calculation runs and can potentially lead to arbitrary code execution...

CVE-2026-3779

The application's list box calculate array logic keeps stale references to page or form objects after they are deleted or re-created, which allows crafted documents to trigger a use-after-free when the calculation runs and can potentially lead to arbitrary code execution...

CVE-2026-3779 Foxit PDF Editor/Reader List Box Calculate Array Use-After-Free Vulnerability

The application's list box calculate array logic keeps stale references to page or form objects after they are deleted or re-created, which allows crafted documents to trigger a use-after-free when the calculation runs and can potentially lead to arbitrary code execution...

CVE-2026-3779

The CVE-2026-3779 entry concerns Foxit Reader/Foxit PDF Editor: a use-after-free in the list box calculate array logic, where stale references to page/form objects after deletion/re-creation can be triggered by specially crafted PDFs, potentially enabling arbitrary code execution. Cisco Talos att...

PT-2026-29439

Name of the Vulnerable Software and Affected Versions Multiple / Unspecified Products affected versions not specified Description The application's list box calculate array logic retains outdated references to page or form objects after their deletion or recreation. This allows specially crafted...

Foxit PDF Reader和Foxit PDF Editor 安全漏洞

Foxit PDF Reader and Foxit PDF Editor are products of Foxit Corporation, a Chinese company. Foxit PDF Reader is a PDF reader. Foxit PDF Editor is a PDF editor. Both Foxit PDF Reader and Foxit PDF Editor have security vulnerabilities. These vulnerabilities stem from the logic of list box calculati...

EUVD-2025-175379

Directus has Improper Permission Handling on Deleted Fields...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990379)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990379 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: vhci-hcd: Do not drop references before new references are gained At a few places the driver...

UBUNTU-CVE-2025-37986

In the Linux kernel, the following vulnerability has been resolved: usb: typec: class: Invalidate USB device pointers on partner unregistration To avoid using invalid USB device pointers after a Type-C partner disconnects, this patch clears the pointers upon partner unregistration. This ensures a...

kernel: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes

CVE-2024-35789 is a vulnerability in the Linux kernel’s Wi-Fi subsystem mac80211. It occurs when a station is moved out of a VLAN, and the VLAN is subsequently deleted. A reference to the deleted VLAN’s network device may remain, leading to a use-after-free condition. This can result in system...

kernel: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain

A vulnerability was found in the Linux kernel's netfilter subsystem, related to the nftchainfilter feature. This issue occurs when a NETDEVUNREGISTER event is reported, which can leave a stale reference to a network device in the ingress basechain. If this issue is not addressed, this stale...

kernel: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes

CVE-2024-35789 is a vulnerability in the Linux kernel’s Wi-Fi subsystem mac80211. It occurs when a station is moved out of a VLAN, and the VLAN is subsequently deleted. A reference to the deleted VLAN’s network device may remain, leading to a use-after-free condition. This can result in system...

kernel: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes

CVE-2024-35789 is a vulnerability in the Linux kernel’s Wi-Fi subsystem mac80211. It occurs when a station is moved out of a VLAN, and the VLAN is subsequently deleted. A reference to the deleted VLAN’s network device may remain, leading to a use-after-free condition. This can result in system...

DEBIAN-CVE-2024-26808

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftchainfilter: handle NETDEVUNREGISTER for inet/ingress basechain Remove netdevice from inet/ingress basechain in case NETDEVUNREGISTER event is reported, otherwise a stale reference to netdevice remains in the hook...

CVE-2006-3811

Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via Javascript that leads to memory corruption, including 1...