241870 matches found
EUVD-2024-55601
IBM QRadar 7.5.0 through 7.5.0 UP15 Interim Fix 002 could allow a privileged user to upload a malicious backup archive that could be restored and used to gain access to the underlying operating system...
CVE-2024-56462 IBM QRadar SIEM is vulnerable to using components with known vulnerabilities
IBM QRadar 7.5.0 through 7.5.0 UP15 Interim Fix 002 could allow a privileged user to upload a malicious backup archive that could be restored and used to gain access to the underlying operating system...
CVE-2024-56462
IBM QRadar SIEM 7.5.0 to 7.5.0 UP15 Interim Fix 002 contains a vulnerability where a privileged user can upload a malicious backup archive, which could be restored to gain access to the underlying operating system. Affected versions: 7.5.0 through UP15 IF002. Root cause and exact remediation are ...
CVE-2026-39827 vulnerabilities
Vulnerabilities for packages: rancher, kine, buildkitd, nerdctl, trivy-operator, chisel, opentelemetry-collector, cert-manager, rancher-agent, cilium-cli, kubernetes-dashboard, kyverno, gatus, istio, docker-machine-driver-harvester, flux-image-automation-controller, teleport, osv-scanner, dagger,...
CVE-2026-46595 vulnerabilities
Vulnerabilities for packages: trivy, backup-restore-operator, coder-fips, reports-server, loki, kubescape-server, knative-serving-fips, aactl, kaf, kube-state-metrics, gitea, external-dns, flux-fips, kubescape, calico-fips, snyk-cli, seaweedfs-rocksdb, argocd-image-updater, argo-workflows-fips,...
CVE-2026-39829 vulnerabilities
Vulnerabilities for packages: crossplane-provider-azure-notificationhubs, trivy, backup-restore-operator, coder-fips, crossplane-provider-azure-streamanalytics, reports-server, nuclei, caddy, crossplane-provider-azure-managedidentity, fulcio, ko, loki, step-issuer, terragrunt, atlantis,...
MAL-2026-4833 Malicious code in bulletproof-json (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 00849bd08fa4e9ebb1877039ab1ff287fd0ab89a683a45229176f717b6db1e9d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
EUVD-2026-32483
In the Linux kernel, the following vulnerability has been resolved: fs: afs: revert mmapprepare change Partially reverts commit 9d5403b1036c "fs: convert most other genericfilemmap users to .mmapprepare". This is because the .mmap invocation establishes a refcount, but .mmapprepare is called at a...
CVE-2026-46100 fs: afs: revert mmap_prepare() change
In the Linux kernel, the following vulnerability has been resolved: fs: afs: revert mmapprepare change Partially reverts commit 9d5403b1036c "fs: convert most other genericfilemmap users to .mmapprepare". This is because the .mmap invocation establishes a refcount, but .mmapprepare is called at a...
CVE-2026-46100
In the Linux kernel, the following vulnerability has been resolved: fs: afs: revert mmapprepare change Partially reverts commit 9d5403b1036c "fs: convert most other genericfilemmap users to .mmapprepare". This is because the .mmap invocation establishes a refcount, but .mmapprepare is called at a...
CVE-2026-46095
In the Linux kernel, the following vulnerability has been resolved: md/md-llbitmap: raise barrier before state machine transition Move the barrier raise operation before calling llbitmapstatemachine in both llbitmapstartwrite and llbitmapstartdiscard. This ensures the barrier is in place before a...
CVE-2026-46094
Summary: CVE-2026-46094 affects the Linux kernel’s ext4 xattr handling. The vulnerability stems from an out-of-bounds read in check_xattrs() where the next xattr entry could be advanced to end-1, allowing IS_LAST_ENTRY() to read 4 bytes starting at end-1. The fix changes the bounds check to ensur...
CVE-2026-46086
In the Linux kernel, the following vulnerability has been resolved: net: bridge: use a stable FDB dst snapshot in RCU readers Local FDB entries can be rewritten in place by fdbdeletelocal, which updates f-dst to another port or to NULL while keeping the entry alive. Several bridge RCU readers...
CVE-2026-46083
In the Linux kernel, the following vulnerability has been resolved: spi: fix resource leaks on device setup failure Make sure to call controller cleanup if spisetup fails while registering a device to avoid leaking any resources allocated by setup...
CVE-2026-46080
In the Linux kernel, the following vulnerability has been resolved: ocfs2: split transactions in dio completion to avoid credit exhaustion During ocfs2 dio operations, JBD2 may report warnings via following call trace: ocfs2dioendiowrite ocfs2markextentwritten ocfs2changeextentflag ocfs2splitexte...
CVE-2026-46066
In the Linux kernel, the following vulnerability has been resolved: ceph: fix numops off-by-one when crypto allocation fails movedirtyfolioinpagearray may fail if the file is encrypted, the dirty folio is not the first in the batch, and it fails to allocate a bounce buffer to hold the ciphertext...
CVE-2026-46060
In the Linux kernel, the following vulnerability has been resolved: crypto: qat - fix IRQ cleanup on 6xxx probe failure When adfdevup partially completes and then fails, the IRQ handlers registered during adfisrresourcealloc are not detached before the MSI-X vectors are released. Since the device...
SUSE CVE-2026-48852
PuTTY 0.71 before 0.84 has an assertion failure in ECDSA signature verification...
CVE-2026-46046 ext4: fix missing brelse() in ext4_xattr_inode_dec_ref_all()
In the Linux kernel, the following vulnerability has been resolved: ext4: fix missing brelse in ext4xattrinodedecrefall The commit c8e008b60492 "ext4: ignore xattrs past end" introduced a refcount leak in when blockcsum is false. ext4xattrinodedecrefall calls ext4getinodeloc to get iloc.bh, but...
CVE-2026-46021
In the Linux kernel, the following vulnerability has been resolved: thermal: core: Fix thermal zone governor cleanup issues If thermalzonedeviceregisterwithtrips fails after adding a thermal governor to the thermal zone being registered, the governor is not removed from it as appropriate which ma...