5247 matches found
UBUNTU-CVE-2026-53232
In the Linux kernel, the following vulnerability has been resolved: net: phy: clean the sfp upstream if phy probing fails Sashiko reported that we don't call sfpbusdelupstream in the probe failure path, so let's add it, otherwise the sfp-bus is left with a dangling 'upstream' field, that may be...
CVE-2026-53232
In the Linux kernel, the following vulnerability has been resolved: net: phy: clean the sfp upstream if phy probing fails Sashiko reported that we don't call sfpbusdelupstream in the probe failure path, so let's add it, otherwise the sfp-bus is left with a dangling 'upstream' field, that may be...
EUVD-2026-39323
In the Linux kernel, the following vulnerability has been resolved: net: phy: clean the sfp upstream if phy probing fails Sashiko reported that we don't call sfpbusdelupstream in the probe failure path, so let's add it, otherwise the sfp-bus is left with a dangling 'upstream' field, that may be...
CVE-2026-53232
The CVE-2026-53232 entry concerns the Linux kernel net: phy component. The root cause is that on PHY probing failure, the SFP upstream is not cleaned up, leaving a dangling upstream reference on the SFP bus. Impact is potential system instability or unexpected behavior during SFP events. The issu...
CVE-2026-53232 net: phy: clean the sfp upstream if phy probing fails
In the Linux kernel, the following vulnerability has been resolved: net: phy: clean the sfp upstream if phy probing fails Sashiko reported that we don't call sfpbusdelupstream in the probe failure path, so let's add it, otherwise the sfp-bus is left with a dangling 'upstream' field, that may be...
CVE-2026-53232
In the Linux kernel, the following vulnerability has been resolved: net: phy: clean the sfp upstream if phy probing fails Sashiko reported that we don't call sfpbusdelupstream in the probe failure path, so let's add it, otherwise the sfp-bus is left with a dangling 'upstream' field, that may be...
python3.9 security update
3.9.25-7.0.1 - Remove upstream URL reference 3.9.25-7 - Security fixes for CVE-2026-4786 and CVE-2026-6100 Resolves: RHEL-167919, RHEL-168161 3.9.25-6 - Security fix for CVE-2026-4519 Resolves: RHEL-158117 3.9.25-5 - Rebuilding previous fixes for different build target Related: RHEL-143117,...
CVE-2026-53538
Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, QuerystringParser treated ; as a field separator in application/x-www-form-urlencoded bodies, in addition to &. The WHATWG URL standard, modern browsers, and Python's urllib.parse since the CVE-2021-23336 fix treat only...
DEBIAN-CVE-2026-53537
Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, parseoptionsheader parsed Content-Disposition and Content-Type headers with email.message.Message, which transparently applies RFC 2231/5987 decoding. The extended parameter syntax filename=charset'lang'value, name=...,...
DEBIAN-CVE-2026-53538
Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, QuerystringParser treated ; as a field separator in application/x-www-form-urlencoded bodies, in addition to &. The WHATWG URL standard, modern browsers, and Python's urllib.parse since the CVE-2021-23336 fix treat only...
CVE-2026-53537
Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, parseoptionsheader parsed Content-Disposition and Content-Type headers with email.message.Message, which transparently applies RFC 2231/5987 decoding. The extended parameter syntax filename=charset'lang'value, name=...,...
CVE-2026-53538 Python-Multipart: Semicolon treated as querystring field separator enables parameter smuggling
Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, QuerystringParser treated ; as a field separator in application/x-www-form-urlencoded bodies, in addition to &. The WHATWG URL standard, modern browsers, and Python's urllib.parse since the CVE-2021-23336 fix treat only...
CVE-2026-12032
The following flaw was identified in the Chromium browser: Inappropriate implementation Passwords. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=518128953...
CVE-2026-12031
The following flaw was identified in the Chromium browser: Inappropriate implementation Views. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=518045638...
CVE-2026-12028
The following flaw was identified in the Chromium browser: Use after free GPU. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517555461...
CVE-2026-12030
The following flaw was identified in the Chromium browser: Heap buffer overflow GPU. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=518007423...
CVE-2026-12026
The following flaw was identified in the Chromium browser: Out of bounds read Video. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517347084...
CVE-2026-12024
The following flaw was identified in the Chromium browser: Insufficient policy enforcement DevTools. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517086161...
CVE-2026-12019
The following flaw was identified in the Chromium browser: Out of bounds write Codecs. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=516872067...
Fedora 43 : kubernetes1.34 (2026-88ab77d111)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-88ab77d111 advisory. - Update to release v1.34.9 - Resolves: rhbz2467605 - Upstream fixes Tenable has extracted the preceding description block directly from the Fedora security...