Lucene search
K

363741 matches found

NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-53316

In the Linux kernel, the following vulnerability has been resolved: drm/amd/ras: Fix NULL deref in rascorerasinterruptdetected Fixes a NULL pointer dereference when rascore is NULL and rascore-dev is accessed in the error path. Reported by: Dan Carpenter...

5.5CVSS0.00145EPSS
Exploits0References2
NVD
NVD
added 2026/06/26 8:17 p.m.6 views

CVE-2026-53300

In the Linux kernel, the following vulnerability has been resolved: net: enetc: fix NTMP DMA use-after-free issue The AI-generated review reported a potential DMA use-after-free issue 1. If netcxmitntmpcmd times out and returns an error, the pending command is not explicitly aborted, while...

7.8CVSS0.00124EPSS
Exploits0References3
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-53301

In the Linux kernel, the following vulnerability has been resolved: reset: amlogic: t7: Fix null reset ops Fix missing reset ops causing kernel null pointer dereference. This SOC's reset is currently not used yet...

5.5CVSS0.00166EPSS
Exploits0References3
NVD
NVD
added 2026/06/26 8:17 p.m.6 views

CVE-2026-53304

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Resolve soft lockup issue when opening /dev/sgX The parameter defreservedsize defines the default buffer size reserved for each Sgfd and should be restricted to a range between 0 and 1,048,576 see...

5.5CVSS0.00185EPSS
Exploits0References8
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-53303

In the Linux kernel, the following vulnerability has been resolved: f2fs: protect extensionlist reading with sblock in f2fssbishow In f2fssbishow, the extensionlist, extensioncount and hotextcount are read without holding sbi-sblock. If a concurrent sysfs store modifies the extension list via...

7.1CVSS0.00172EPSS
Exploits0References6
NVD
NVD
added 2026/06/26 8:17 p.m.5 views

CVE-2026-53306

In the Linux kernel, the following vulnerability has been resolved: tty: hvciucv: fix off-by-one in number of supported devices MAXHVCIUCVLINES == HVCALLOCTTYADAPTERS == 8. This is the number of entries in: static struct hvciucvprivate hvciucvtableMAXHVCIUCVLINES; Sometimes hvciucvtable is limite...

5.5CVSS0.00177EPSS
Exploits0References8
NVD
NVD
added 2026/06/26 8:17 p.m.6 views

CVE-2026-53302

In the Linux kernel, the following vulnerability has been resolved: crypto: eip93 - fix hmac setkey algo selection eip93hmacsetkey allocates a temporary ahash transform for computing HMAC ipad/opad key material. The allocation uses the driver-specific cradrivername e.g. "sha256-eip93" but passes...

5.5CVSS0.00166EPSS
Exploits0References3
NVD
NVD
added 2026/06/26 8:17 p.m.6 views

CVE-2026-53305

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ps883x: Fix Oops at unbind When trying to unbind a device in order to bind to it vfio-platform as: echo bc0000.geniqup /sys/bus/platform/devices/bc0000.geniqup/driver/unbind I get the following Oops: 436.478639 Unable...

5.5CVSS0.00166EPSS
Exploits0References3
NVD
NVD
added 2026/06/26 8:17 p.m.6 views

CVE-2026-53299

In the Linux kernel, the following vulnerability has been resolved: net: airoha: Move ndesc initialization at end of airohaqdmainittx If queue entry list allocation fails in airohaqdmainittxqueue routine, airohaqdmacleanuptxqueue will trigger a NULL pointer dereference accessing the queue entry...

0.00166EPSS
Exploits0References3
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-53298

In the Linux kernel, the following vulnerability has been resolved: net: airoha: Move ndesc initialization at end of airohaqdmainitrxqueue If queue entry or DMA descriptor list allocation fails in airohaqdmainitrxqueue routine, airohaqdmacleanup will trigger a NULL pointer dereference running...

0.00168EPSS
Exploits0References4
NVD
NVD
added 2026/06/26 8:17 p.m.6 views

CVE-2026-53296

In the Linux kernel, the following vulnerability has been resolved: mailbox: mailbox-test: free channels on probe error On probe error, free the previously obtained channels. This not only prevents a leak, but also UAF scenarios because the client structure will be removed nonetheless because it...

0.00176EPSS
Exploits0References8
NVD
NVD
added 2026/06/26 8:17 p.m.8 views

CVE-2026-53292

In the Linux kernel, the following vulnerability has been resolved: net: phonet: do not BUGON in pnsocketautobind on failed bind syzbot reported a kernel BUG triggered from pnsocketsendmsg via pnsocketautobind: kernel BUG at net/phonet/socket.c:213! RIP: 0010:pnsocketautobind...

0.00155EPSS
Exploits0References2
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-53293

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix AMDGPUINFOREADMMRREG There were multiple issues in that code. First of all the order between the reset semaphore and the mmlock was wrong e.g. copytouser was called while holding the lock. Then we allocated memory...

0.00168EPSS
Exploits0References5
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-53294

In the Linux kernel, the following vulnerability has been resolved: mailbox: mailbox-test: don't free the reused channel The RX channel can be aliased to the TX channel if it has a different MMIO. This special case needs to be handled when freeing the channels otherwise a double-free occurs...

0.00177EPSS
Exploits0References8
NVD
NVD
added 2026/06/26 8:17 p.m.8 views

CVE-2026-53295

In the Linux kernel, the following vulnerability has been resolved: mailbox: add sanity check for channel array Fail gracefully if there is no channel array attached to the mailbox controller. Otherwise the later dereference will cause an OOPS which might not be seen because mailbox controllers...

0.00177EPSS
Exploits0References8
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-53297

In the Linux kernel, the following vulnerability has been resolved: net: mana: Guard manaremove against double invocation If PM resume fails e.g., manaattach returns an error, manaprobe calls manaremove, which tears down the device and sets gd-gdmacontext = NULL and gd-driverdata = NULL. However,...

0.00166EPSS
Exploits0References3
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-53291

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/conexant: Fix missing error check for jack detection In cxprobe, the return value of sndhdajackdetectenablecallback is ignored. This function returns a pointer, and if it fails e.g., due to memory allocation failure, it...

0.00172EPSS
Exploits0References7
NVD
NVD
added 2026/06/26 8:17 p.m.8 views

CVE-2026-53285

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Wrap DCN32 phantom-plane allocation in DCRUNWITHPREEMPTIONENABLED Why dcn32validatebandwidth wraps dcn32internalvalidatebw with DCFPSTART/DCFPEND. In x86 non-RT, DCFPSTART takes fpregslock, which disables local...

0.00155EPSS
Exploits0References2
NVD
NVD
added 2026/06/26 8:17 p.m.6 views

CVE-2026-53286

In the Linux kernel, the following vulnerability has been resolved: idpf: fix double free and use-after-free in aux device error paths When auxiliarydeviceadd fails in idpfplugvportauxdev or idpfplugcoreauxdev, the errauxdevadd label calls auxiliarydeviceuninit and falls through to errauxdevinit...

0.00169EPSS
Exploits0References3
NVD
NVD
added 2026/06/26 8:17 p.m.6 views

CVE-2026-53288

In the Linux kernel, the following vulnerability has been resolved: arm64: Reserve an extra page for early kernel mapping The final part of data, end segment may overflow into the next page of initpgend1 which is the gap page before earlyinitstack2: 1 crasharm64v9.0.1 vtop ffffffed00601000 VIRTUA...

0.00168EPSS
Exploits0References4
NVD
NVD
added 2026/06/26 8:17 p.m.6 views

CVE-2026-53290

In the Linux kernel, the following vulnerability has been resolved: drm/xe/eustall: Fix drmdevput called before stream disable in close In xeeustallstreamclose, drmdevput is called before the stream is disabled and its resources are freed. If this drops the last reference, the device structures...

7.8CVSS0.00124EPSS
Exploits0References3
NVD
NVD
added 2026/06/26 8:17 p.m.6 views

CVE-2026-53287

In the Linux kernel, the following vulnerability has been resolved: audit: fix incorrect inheritable capability in CAPSET records auditlogcapset records the effective capability set into the inheritable field due to a copy-paste error. Every CAPSET audit record therefore reports cappi process...

0.00176EPSS
Exploits0References8
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-53289

In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL pointer dereference in iceresetallvfs iceresetallvfs ignores the return value of icevfrebuildvsi. When the VSI rebuild fails e.g. during NVM firmware update via nvmupdate64e, icevsirebuild tears down the VSI on its...

0.00172EPSS
Exploits0References6
NVD
NVD
added 2026/06/26 8:17 p.m.9 views

CVE-2026-53283

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Bounds-check devid in rlookupamdiommu iommudeviceregister walks every device on the PCI bus via busforeachdev and calls amdiommuprobedevice for each. The inlined checkdevice path computes the device's sbdf, calls...

0.00166EPSS
Exploits0References3
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-53284

In the Linux kernel, the following vulnerability has been resolved: btrfs: only release the dirty pages io tree after successful writes WARNING With extra warning on dirty extent buffers at umount aka, the next patch in the series, test case generic/388 can trigger the following warning about dir...

7.5CVSS0.00432EPSS
Exploits0References3
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-53282

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Push kjump return address even for non-kjump kexec The version of purgatory code shipped by kexec-tools attempts to look above the top of its stack to find a return address for a kjump, even in a non-kjump kexec. After...

0.00166EPSS
Exploits0References3
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-53279

In the Linux kernel, the following vulnerability has been resolved: drm/gma500/oaktraillvds: fix hang on init failure The LVDS init code looks up an I2C adapter using i2cgetadapter and tries to read the EDID before falling back to allocating and registering its own adapter. The error handling doe...

0.00172EPSS
Exploits0References6
NVD
NVD
added 2026/06/26 8:17 p.m.8 views

CVE-2026-53280

In the Linux kernel, the following vulnerability has been resolved: iommu: Fix NULL group-domain dereference in pcidevresetiommudone Local sashiko review pointed it out that group-domain could be NULL when a default domain fails to allocate during the first probe, which can crash at...

0.00155EPSS
Exploits0References2
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-52785

OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, there is a SQL injection in timestamps functionality. OpenProject baseline comparison allows callers to request historic work-package attributes using the timestamps parameter. This vulnerability is fix...

9.9CVSS0.00221EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-53278

In the Linux kernel, the following vulnerability has been resolved: armmpam: Check whether the config array is allocated before destroying it destroycomponentcfg is called to free the configuration array. It uses the embedded 'garbage' structure, which means the array has to be allocated. If...

0.00155EPSS
Exploits0References2
NVD
NVD
added 2026/06/26 8:17 p.m.8 views

CVE-2026-53281

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Avoid NULL pointer dereference or refcount corruption Commit 60f030f7418d "iommu/vt-d: Avoid use of NULL after WARNONONCE" fixed a NULL pointer dereference in an unlikely situation partly. If devpasid is not found in...

8.8CVSS0.0012EPSS
Exploits0References6
NVD
NVD
added 2026/06/26 8:17 p.m.10 views

CVE-2026-52784

OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, there is a CSRF on TARGET through /users/:id via POST parameter "useradmin". This vulnerability is fixed in 17.3.3 and 17.4.1...

8.8CVSS0.00163EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 8:17 p.m.10 views

CVE-2026-52780

OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, cache store poisoning leads to Remote Code Execution RCE. This vulnerability is fixed in 17.3.3 and 17.4.1...

9.6CVSS0.00233EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 8:17 p.m.6 views

CVE-2026-52781

OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, the HTML sanitizer grants elements unrestricted data- attributes via :data wildcard. An attacker injects data-controller="poll-for-changes" into a work package description, causing Stimulus.js to mount ...

6.4CVSS0.0015EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-52783

OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, OpenProject's Storages module writes the OneDrive/SharePoint userless OAuth accesstoken plaintext to Rails.cache under the deterministic key storage..httpxaccesstoken, repopulated continuously by an...

8.2CVSS0.00129EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 8:17 p.m.8 views

CVE-2026-52782

OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, there is an IDOR through /projects//settings/projectstorages/ via PATCH parameter "storagesprojectstorageprojectfolderid" leads to Access to Unauthorized Resources. A project-admin in one project can...

9.9CVSS0.00258EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-52779

OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, a cross-project IDOR / authorization context confusion in the Calendar and Team Planner modules allows a user with management permissions in one project to delete public Calendar or Team Planner Queries...

5.4CVSS0.00185EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 8:17 p.m.6 views

CVE-2026-49355

OpenProject is open-source, web-based project management software. Prior to 17.4.0, GET /api/v3/meetings/:meetingid/agendaitems/:agendaitemid discloses private work package data from a linked work package that belongs to a private/inaccessible project. This vulnerability is fixed in 17.4.0...

4.3CVSS0.00214EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 8:17 p.m.8 views

CVE-2026-49991

RustFS is a distributed object storage system built in Rust. In 1.0.0-beta.4, authenticated users with only PutObject permission on their own bucket can exploit a path traversal vulnerability in the Snowball auto-extract feature to write arbitrary objects into other users' buckets, completely...

8.6CVSS0.00273EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 8:17 p.m.8 views

CVE-2026-47193

OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, the journal diff endpoint discloses hidden historical field values without enforcing object and field visibility. This vulnerability is fixed in 17.3.3 and 17.4.1...

7.5CVSS0.00252EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 8:17 p.m.6 views

CVE-2026-46386

OpenProject is open-source, web-based project management software. Prior to , the official openproject/openproject Docker image ships ENV SECRETKEYBASE=OVERWRITEME as the default Rails master key. Combined with cookiesserializer = :marshal, this gives any logged-in user a deterministic...

9.9CVSS0.00272EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-44734

OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, a Missing Authorization vulnerability exists in OpenProject's CostReportsController. The rename and update actions allow any authenticated user to modify the name, filters, and grouping of any Public co...

6.5CVSS0.00231EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 8:17 p.m.6 views

CVE-2026-44736

OpenProject is open-source, web-based project management software. Prior to 17.4.0, the GET /api/v3/relations endpoint allows any authenticated user to retrieve relations — and the subject title of work packages they have no permission to view — by supplying an arbitrary work package ID in the...

6.5CVSS0.00286EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 8:17 p.m.6 views

CVE-2026-44735

OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, the GET /api/v3/shares endpoint returns share details for ALL work packages in a project to any user with the viewsharedworkpackages permission. The authorization check operates at the project level onl...

6.5CVSS0.0027EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 8:17 p.m.5 views

CVE-2026-44732

OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, OpenProject exposes a document update endpoint used to modify existing documents. The target document is loaded with visibility checks and then updated. During update, attacker-controlled attributes are...

4.3CVSS0.00201EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-44733

OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, Business Logic Error on OpenProject through PATCH request to /api/v3/users/me permits to bypass password requirements. A password validation flaw in the change password behavior allows attackers to chan...

5.9CVSS0.00175EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-44696

OpenProject is open-source, web-based project management software. Prior to 17.4.0, OpenProject's rich text markdown rendering pipeline uses Sanitize::Config::RELAXED:css for inline style sanitization. This configuration permits essentially all CSS properties in style attributes on permitted HTML...

5.7CVSS0.00211EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-44731

OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, the web application's meetings filter feature leaks whether a given user ID corresponds to a valid account and discloses the user's full name, allowing an attacker to enumerate all existing user account...

4.3CVSS0.00186EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 8:16 p.m.5 views

CVE-2026-29509

Patool before 4.0.5 contains a path traversal vulnerability in the safeextract function in patoolib/programs/pytarfile.py when running on Python before 3.12, where the iswithindirectory helper uses os.path.commonprefix for character-level string comparison instead of path-level comparison, allowi...

5.4CVSS0.00285EPSS
Exploits0References3
NVD
NVD
added 2026/06/26 8:16 p.m.6 views

CVE-2026-32833

Cudy LT300 3.0 running firmware prior to version 2.5.12 contains an OS command injection vulnerability that allows authenticated attackers to execute arbitrary commands by injecting shell metacharacters into the cbid.system.ntp.current POST parameter in the system time configuration interface...

8.8CVSS0.0134EPSS
Exploits0References2
Total number of security vulnerabilities363741