Lucene search
+L
RedhatcveRecent

206713 matches found

redhatcve
redhatcve
•added 2026/05/28 9:8 p.m.•10 views

CVE-2026-46222

A flaw was found in the Linux kernel, specifically within the rockchip: rkcif media driver. This vulnerability occurs because the driver's pads do not properly check for connected devices, which can lead to a null pointer dereference when a media stream is enabled. A local attacker could exploit...

5.5CVSS5.8AI score0.00105EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/28 9:8 p.m.•12 views

CVE-2026-46221

A flaw was found in the Linux kernel's EDAC/versalnet component. A memory leak occurs because the device name, allocated during initialization, is not properly freed. Over time, this unreleased memory could lead to resource exhaustion, potentially impacting system stability and availability...

5.5CVSS5.8AI score0.00117EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/28 9:8 p.m.•12 views

CVE-2026-46226

A flaw was found in the Linux kernel's spi: fsl driver. This vulnerability arises from improper sequencing of controller deregistration before releasing underlying resources, such as Direct Memory Access DMA, during the driver unbind process. This could potentially lead to system instability or a...

5.5CVSS5.8AI score0.00119EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/28 9:8 p.m.•9 views

CVE-2026-46225

In the Linux kernel, the following vulnerability has been resolved: spi: rspi: fix controller deregistration Make sure to deregister the controller before releasing underlying resources like DMA during driver unbind...

5.5CVSS5.2AI score0.00119EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/28 9:8 p.m.•12 views

CVE-2026-46229

A flaw was found in the Linux kernel's drm/amdkfd component. This vulnerability arises because VRAM Video Random Access Memory allocations for the KFD Kernel Fusion Driver path do not properly clear previously used memory. This oversight allows a local attacker, utilizing a compute kernel, to...

5.5CVSS5.8AI score0.00119EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/28 9:8 p.m.•10 views

CVE-2026-46228

A flaw was found in the Linux kernel, specifically within the spi: ch341 driver. This vulnerability arises from incorrect management of device resources devres lifetime. When a Universal Serial Bus USB driver is unbound, the associated resources are not properly released, which can lead to memory...

5.5CVSS5.8AI score0.00117EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/28 9:8 p.m.•12 views

CVE-2026-46232

A flaw was found in the Linux kernel's Human Interface Device HID PlayStation driver. A malicious device could provide an excessively large number of touch reports, leading to an out-of-bounds read in the dualshock4parsereport function. This could allow an attacker to read up to 2 KiB of kernel...

8.1CVSS5.7AI score0.00258EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/28 9:7 p.m.•9 views

CVE-2026-46231

A flaw was found in the Linux kernel's batman-adv Better Approach To Mobile Ad-hoc Networking - Advanced Basic Link Arbitration BLA module. When the batadvblaaddclaim function fails to insert a new claim into the hash, it leaks a reference to the backbonegw object. This resource leak can accumula...

5.5CVSS5.8AI score0.00119EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/28 9:7 p.m.•15 views

CVE-2026-46233

A flaw was found in the Linux kernel's batman-adv module. This vulnerability allows a local attacker to trigger a NULL-pointer dereference within the batadvblapurgeclaims function. This issue arises from a timing conflict when a claim is being released simultaneously, causing a critical pointer t...

5.5CVSS5.8AI score0.00119EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/28 9:7 p.m.•11 views

CVE-2026-46230

A flaw was found in the Linux kernel's drm/amdgpu/vcn3 component. This vulnerability, an Out-of-Bounds OOB read, occurs when parsing decoder messages without proper boundary checks. A local attacker could potentially exploit this to read sensitive information from memory or cause system...

7.1CVSS5.8AI score0.00122EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/28 9:7 p.m.•12 views

CVE-2026-46237

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn3: Avoid overflow on msg bound check As pointed out by SDL, the previous condition may be vulnerable to overflow. cherry picked from commit db00257ac9e4a51eb2515aaea161a019f7125e10...

5.8AI score0.00013EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/28 9:7 p.m.•13 views

CVE-2026-46236

A flaw was found in the Linux kernel's media: rc: xboxremote driver. This vulnerability arises from incorrect handling of Direct Memory Access DMA buffers, where the buffer for I/O operations is improperly part of the device structure. This violation of DMA coherency rules could lead to data...

5.5CVSS5.9AI score0.00119EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/28 9:7 p.m.•12 views

CVE-2026-46235

A flaw was found in the saa7164 media driver in the Linux kernel. This vulnerability occurs due to missing return value checks for ioremap calls within the saa7164devsetup function. If ioremap fails for BAR0 or BAR2, it can lead to null pointer dereferences and improper cleanup of PCI memory...

5.5CVSS5.8AI score0.00119EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/28 9:7 p.m.•16 views

CVE-2026-46241

A flaw was found in the Linux kernel's spi: mpc52xx component. This use-after-free vulnerability occurs when the controller registration fails. An attacker could potentially exploit this flaw to cause a system crash or lead to a resource leak, impacting system stability and availability...

7.8CVSS5.8AI score0.00125EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/28 9:7 p.m.•14 views

CVE-2026-46240

A flaw was found in the Linux kernel, specifically within the media: iris driver. This vulnerability, a use-after-free, occurs when a buffer is prematurely freed by sessionreleasebuf while irisreleaseinternalbuffers continues to access it. This improper handling of memory can lead to system...

7.8CVSS6.2AI score0.00124EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/28 9:0 p.m.•13 views

CVE-2025-71305

A flaw was found in the Linux kernel's DisplayPort Multi-Stream Transport MST subsystem. When a DisplayPort 2.1 monitor is disconnected, a timing issue can cause the Virtual Channel Packet Interval VCPI value to become zero. Subsequent operations attempting to use this zero value in a bit shift c...

5.5CVSS5.8AI score0.00156EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/28 8:50 p.m.•13 views

CVE-2026-46015

A flaw was found in the Linux kernel's TCP networking subsystem. When an established network connection is migrated between listener sockets within the same SOREUSEPORT group, applications waiting for new connections may not be properly notified. This can cause poll, epollwait, and blocking accep...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/28 8:50 p.m.•11 views

CVE-2026-46012

A flaw was found in the Linux kernel's rxrpc subsystem. The rxkadverifyresponse function, which handles verification of responses, did not consistently release allocated memory. This oversight could lead to a memory leak, potentially causing system instability and a denial of service DoS over tim...

6.5CVSS5.8AI score0.00122EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/28 8:50 p.m.•16 views

CVE-2026-46094

A flaw was found in the Linux kernel's ext4 filesystem, specifically in the checkxattrs function. A local attacker could exploit a bounds check error, allowing an out-of-bounds read when processing extended attributes xattrs. This could lead to memory corruption, potentially causing a denial of...

7.1CVSS5.8AI score0.00125EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/28 8:48 p.m.•13 views

CVE-2026-46104

A flaw was found in the Linux kernel's SELinux Security-Enhanced Linux socket permission helpers. In configurations where multiple Linux Security Modules LSMs are active, the system may incorrectly access socket security data. This can lead to invalid security identifiers SIDs and class values...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/28 8:48 p.m.•16 views

CVE-2026-46105

A flaw was found in the mpt3sas driver within the Linux kernel. This vulnerability allows for oversized Non-Volatile Memory Express NVMe input/output I/O operations due to improper size limitations. An attacker or a malicious NVMe device could exploit this by issuing I/O requests that exceed the...

7.8CVSS5.8AI score0.00127EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/28 8:35 p.m.•13 views

CVE-2026-46106

A flaw was found in the Linux kernel's eventfs component. This vulnerability allows a local attacker to trigger a race condition during remount operations. By exploiting insufficient locking mechanisms when processing event descriptors, an attacker can cause memory corruption, leading to a denial...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/28 8:33 p.m.•12 views

CVE-2026-46107

A flaw was found in the Linux kernel's Device Mapper dm-thin component. This vulnerability, a metadata reference count underflow, occurs in the rebalancechildren function. When an internal btree node with a single entry is shared, the system incorrectly tracks the usage of child nodes. This can...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/28 8:22 p.m.•12 views

CVE-2026-46111

A flaw was found in the Linux kernel's Bluetooth subsystem. The createbigcomplete function, when handling errors during the creation of a Bluetooth Isochronous Group BIG synchronization, could attempt to access memory that has already been freed. This use-after-free UAF vulnerability could allow ...

7.8CVSS6AI score0.00125EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/28 8:22 p.m.•22 views

CVE-2026-46113

A flaw was found in the Linux kernel's KVM Kernel-based Virtual Machine x86 shadow paging mechanism. This use-after-free vulnerability arises from incorrect handling of Guest Frame Numbers GFNs when guest page tables are modified. A local attacker with control over a guest virtual machine could...

8.8CVSS5.7AI score0.00126EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/28 8:21 p.m.•15 views

CVE-2026-46115

A flaw was found in the Linux kernel's block subsystem. The biovecphysmergeable function, which combines physically contiguous memory segments, lacked a check to ensure these segments belonged to the same device page map devpagemap. This omission could result in the incorrect identification of th...

9.8CVSS5.8AI score0.00491EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/28 8:21 p.m.•15 views

CVE-2026-46114

A flaw was found in the Linux kernel's RDMA Remote Direct Memory Access subsystem, specifically within the rxe driver. A remote attacker could exploit this vulnerability by sending a specially crafted ATOMICWRITE request with a zero-byte payload. This improper handling of non-8-byte ATOMICWRITE...

7.5CVSS5.8AI score0.00467EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/28 8:20 p.m.•11 views

CVE-2026-46119

A flaw was found in the Linux kernel's libceph component. A remote attacker could exploit this vulnerability by sending a specially crafted CEPHMSGAUTHREPLY message. When the message's result field contains a positive value, it can be misinterpreted as a buffer size, leading to a slab-out-of-boun...

9.1CVSS5.9AI score0.00525EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/28 8:20 p.m.•15 views

CVE-2026-46121

A flaw was found in the Linux kernel's DAMON Data Access MONitor sysfs interface. A race condition exists between read and write operations on the memcgpath and path files. This allows a local attacker, by performing concurrent reads and writes with separate file handles, to trigger a...

7.8CVSS5.8AI score0.00125EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/28 8:20 p.m.•16 views

CVE-2026-9126

An use after free flaw was found in the DOM component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=496280532...

8.8CVSS5.7AI score0.00396EPSS
Exploits0References5
redhatcve
redhatcve
•added 2026/05/28 8:20 p.m.•15 views

CVE-2026-9124

An insufficient validation of untrusted input flaw was found in the Input component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=496375695...

6.8CVSS5.7AI score0.00261EPSS
Exploits0References5
redhatcve
redhatcve
•added 2026/05/28 8:20 p.m.•18 views

CVE-2026-9123

A heap buffer overflow flaw was found in the Chromecast component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=495988507...

7.8CVSS5.9AI score0.00187EPSS
Exploits0References5
redhatcve
redhatcve
•added 2026/05/28 8:20 p.m.•20 views

CVE-2026-9122

An out of bounds read flaw was found in the GPU component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=489579953...

6.5CVSS5.7AI score0.00269EPSS
Exploits0References5
redhatcve
redhatcve
•added 2026/05/28 8:19 p.m.•18 views

CVE-2026-9121

An out of bounds read flaw was found in the GPU component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=488064108...

8.8CVSS5.7AI score0.0033EPSS
Exploits0References5
redhatcve
redhatcve
•added 2026/05/28 8:13 p.m.•11 views

CVE-2026-9712

When creating an export through the pretix API, API clients are returned an UUID value for their export job a long, random string like 35742818-c375-4d15-839f-d49aecce94d6. Using this UUID, the API client can then request the actual file for download. The same kind of UUID is used in other places...

7CVSS5.8AI score0.00219EPSS
Exploits0References1
redhatcve
redhatcve
•added 2026/05/28 8:13 p.m.•15 views

CVE-2026-9607

A vulnerability was found in itsourcecode Courier Management System 1.0. The affected element is an unknown function of the file /parcellist.php. Performing a manipulation of the argument s results in sql injection. It is possible to initiate the attack remotely. The exploit has been made public...

6.5CVSS6.5AI score0.00192EPSS
Exploits0References1
redhatcve
redhatcve
•added 2026/05/28 8:13 p.m.•13 views

CVE-2026-9583

A weakness has been identified in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This impacts an unknown function of the file /index.php of the component SQL Handler. Executing a manipulation can lead to information exposure through error message. The attack may be...

5.3CVSS5.5AI score0.00242EPSS
Exploits0References1
redhatcve
redhatcve
•added 2026/05/28 8:13 p.m.•13 views

CVE-2026-9498

A vulnerability has been found in Dromara lamp-cloud up to 5.6.2. Impacted is the function GroovyClassLoader.parseClass of the component Message Template Handler. Such manipulation of the argument DefMsgTemplate.content leads to improper neutralization of special elements used in a template engin...

6.5CVSS6.2AI score0.00295EPSS
Exploits0References1
redhatcve
redhatcve
•added 2026/05/28 8:13 p.m.•13 views

CVE-2026-9531

A weakness has been identified in Totolink CA750-PoE 6.2c.510. Impacted is the function setUpgradeUboot of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. This manipulation of the argument FileName causes os command injection. The attack is possible to be carried out remotely. The...

6.5CVSS6.4AI score0.01803EPSS
Exploits0References1
redhatcve
redhatcve
•added 2026/05/28 8:13 p.m.•14 views

CVE-2026-9446

A vulnerability has been found in SourceCodester Simple POS and Inventory System 1.0. The affected element is an unknown function of the file /admin/editcustomer.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been disclosed t...

5.8CVSS5.7AI score0.00258EPSS
Exploits0References1
redhatcve
redhatcve
•added 2026/05/28 8:13 p.m.•15 views

CVE-2026-9440

A vulnerability was identified in Edimax BR-6478AC 1.23. Affected by this vulnerability is the function formAccept of the file /goform/formAccept of the component POST Request Handler. Such manipulation of the argument submit-url leads to command injection. It is possible to launch the attack...

6.5CVSS6.5AI score0.01364EPSS
Exploits0References1
redhatcve
redhatcve
•added 2026/05/28 8:13 p.m.•12 views

CVE-2026-9464

A vulnerability has been found in YunaiV yudao-cloud 2026.03. This affects the function IotDataSinkHttpConfig of the file /admin-api/iot/data-sink/create of the component Admin API Endpoint. Such manipulation leads to server-side request forgery. The attack may be launched remotely. The exploit h...

5.8CVSS5.4AI score0.0036EPSS
Exploits0References1
redhatcve
redhatcve
•added 2026/05/28 8:13 p.m.•19 views

CVE-2026-9511

A vulnerability was identified in Totolink CA750-PoE 6.2c.510. This affects the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Such manipulation of the argument webWlanIdx leads to os command injection. It is possible to launch the attack remotely. The...

6.5CVSS6.4AI score0.01057EPSS
Exploits0References1
redhatcve
redhatcve
•added 2026/05/28 8:13 p.m.•12 views

CVE-2026-38930

OpenRapid RapidCMS v1.3.1 was discovered to contain an authentication bypass in the /template/default/menu.php component. This vulnerability is exploited via injecting a crafted SQL payload into the name cookie parameter...

6.5CVSS5.9AI score0.0025EPSS
Exploits0References1
redhatcve
redhatcve
•added 2026/05/28 8:13 p.m.•12 views

CVE-2026-9542

A weakness has been identified in CodeAstro Leave Management System 1.0. The affected element is an unknown function of the file /admin/addstaff.php. Executing a manipulation of the argument emailid can lead to sql injection. The attack can be launched remotely. The exploit has been made availabl...

6.5CVSS6.5AI score0.00196EPSS
Exploits0References1
redhatcve
redhatcve
•added 2026/05/28 8:13 p.m.•13 views

CVE-2026-46740

Mojolicious::Plugin::Statsd versions through 0.04 for Perl allowed metric injections. The metric names and set values were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. Version 0.06 changes the module from being a stats...

5.3CVSS5.8AI score0.00326EPSS
Exploits0References1
redhatcve
redhatcve
•added 2026/05/28 8:13 p.m.•14 views

CVE-2026-37713

An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote attacker to execute arbitrary code via the htdocs/core/class/commonobject.class.php...

7.3CVSS6.2AI score0.00384EPSS
Exploits0References1
redhatcve
redhatcve
•added 2026/05/28 8:13 p.m.•11 views

CVE-2026-7876

IBM Aspera HSTS for CP4I 1.5.1 through 1.5.19 is affected by an authentication bypass vulnerability. A transfer client may be able to take advantage of this vulnerability to access files in the server's local storage that they should not have access to, when specific restriction settings are not ...

9.1CVSS5.5AI score0.00312EPSS
Exploits0References1
redhatcve
redhatcve
•added 2026/05/28 8:13 p.m.•15 views

CVE-2026-38807

Insecure Permissions vulnerability in kvf-admin v1.0.0 allows a remote attacker to escalate privileges via the UserController.java component...

8.8CVSS5.8AI score0.00341EPSS
Exploits0References1
redhatcve
redhatcve
•added 2026/05/28 8:13 p.m.•13 views

CVE-2026-37712

An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote attacker to execute arbitrary code via the htdocs/cron/class/cronjob.class.php, calluserfuncarray in function job type...

7.3CVSS6.2AI score0.00384EPSS
Exploits0References1
Total number of security vulnerabilities206713