206286 matches found
CVE-2026-53298
A flaw was found in the Linux kernel's airoha network driver. An issue with early initialization of the ndesc variable in the airohaqdmainitrxqueue routine can lead to a NULL pointer dereference during cleanup. This can result in a Denial of Service DoS condition. Additionally, improper ordering ...
CVE-2026-54285
A flaw was found in the @opentelemetry/core component of the OpenTelemetry JavaScript Client. This vulnerability allows a remote attacker to trigger uncontrolled memory allocation by sending oversized baggage HTTP headers. The system's inability to enforce size limits during inbound baggage parsi...
CVE-2026-53302
A flaw was found in the Linux kernel's cryptographic module, specifically within the EIP93 hardware accelerator driver. An error in how the system allocates resources for HMAC Keyed-Hash Message Authentication Code operations can lead to a critical system failure. When certain cryptographic...
CVE-2026-53313
A flaw was found in the Linux kernel's drm/amd/display module. This vulnerability allows for a denial of service DoS due to a NULL pointer dereference. Specifically, the dcdmubsrvlogdiagnosticdata and dcdmubsrvenabledpiatrace functions do not correctly handle a NULL dcdmubsrv pointer before...
CVE-2026-53296
A flaw was found in the Linux kernel, specifically within the mailbox-test component. This vulnerability occurs when channels are not correctly released during a probe error, leading to a memory leak and a Use-After-Free UAF condition. A Use-After-Free UAF is a memory corruption vulnerability tha...
CVE-2026-53290
A flaw was found in the Linux kernel's drm/xe/eustall component. This vulnerability occurs because the drmdevput function is called before a stream is disabled and its resources are freed within xeeustallstreamclose. This timing issue can lead to a use-after-free condition, where device structure...
CVE-2026-56766
A flaw was found in Hydra. A malicious server can exploit a stack buffer overflow vulnerability in the NTLM authentication modules by sending a specially crafted NTLM Type-2 challenge. This can lead to an overflow of a stack buffer, potentially enabling remote code execution on systems that lack...
CVE-2026-53308
A flaw was found in the Linux kernel's max77705 power supply driver. Incorrect management of workqueues and interrupt handlers during device removal can lead to a use-after-free vulnerability. This allows for the potential use of freed memory, which could result in system instability or, in certa...
CVE-2026-53286
A flaw was found in the Linux kernel. Specifically, a double free and use-after-free vulnerability exists in the idpf driver's auxiliary device error paths. This flaw occurs when auxiliarydeviceadd fails, leading to improper memory handling where memory is freed twice or accessed after being free...
CVE-2026-53291
A flaw was found in the Advanced Linux Sound Architecture ALSA hda/conexant driver within the Linux kernel. A missing error check for the sndhdajackdetectenablecallback function's return value in cxprobe can lead to a kernel crash. If the registration of the jack detection callback fails, the...
CVE-2026-53284
A flaw was found in the Linux kernel's Btrfs filesystem. A local user performing specific filesystem operations could trigger an error during the writing of dirty extent buffers. This improper handling of the dirty pages I/O tree can prevent unsubmitted records from being cleaned up, leading to...
CVE-2026-53300
A flaw was found in the Linux kernel's enetc network driver. This issue arises when the netcxmitntmpcmd function times out and returns an error, causing a DMA Direct Memory Access buffer to be prematurely freed. Subsequently, the hardware may write to the physical address of this freed buffer,...
CVE-2026-55603
A flaw was found in http-proxy-middleware. A remote attacker could exploit a vulnerability in the fixRequestBody function, which is used to re-emit a request body. By injecting carriage return and line feed characters \r\n into a request body key or value, an attacker can bypass security policies...
CVE-2026-53311
A flaw was found in the FUSE Filesystem in Userspace subsystem of the Linux kernel. An uninitialized value vulnerability exists in the fusedentryrevalidate function, where it may be called with a dentry that has an uninitialized dtime field. This can lead to unpredictable system behavior or a...
CVE-2026-53320
A flaw was found in the Linux kernel's nilfs2 filesystem. A local attacker could exploit this vulnerability by sending a specially crafted input/output control ioctl request to the nilfsioctlmarkblocksdirty function. By providing a zero block number, the attacker can bypass a critical dead block...
CVE-2026-57434
A flaw was found in Nokogiri, an open source XML and HTML library for the Ruby programming language. A remote attacker could exploit this vulnerability by calling specific methods on allocated-but-uninitialized native wrapper classes that inherit from Nokogiri::XML::Node. This could lead to a NUL...
CVE-2026-57436
A flaw was found in Nokogiri, an open-source library used for processing XML and HTML documents. This vulnerability occurs due to insufficient validation when setting the document's root element, allowing a malicious document to trigger a memory error. This can lead to a heap use-after-free,...
CVE-2026-13606
A flaw was found in GraphicsMagick's Photo CD PCD decoder. A remote attacker could exploit this vulnerability by providing a specially crafted PCD file. This could lead to an out-of-bounds write, corrupting memory and potentially causing a denial of service or other unpredictable system behavior...
CVE-2026-57235
A flaw was found in Nokogiri, an XML and HTML library for Ruby. This vulnerability allows an attacker to trigger an out-of-bounds read by providing a specially crafted large negative index to certain methods. This can lead to a denial of service DoS by crashing the application on CRuby, or by...
CVE-2026-57435
A flaw was found in Nokogiri, an XML and HTML library for Ruby. This use-after-free vulnerability occurs when replacing the value of an XML attribute. If a Ruby wrapper already points to the attribute's child node, the underlying native child node can be freed while the wrapper remains accessible...
CVE-2026-53309
A flaw was found in the Linux kernel's OCFS2 Distributed Lock Manager DLM component. An off-by-one error in the dlmmatchregions function's region comparison loop causes it to read beyond the valid memory range of qrregions. This out-of-bounds read could lead to system instability or crashes...
CVE-2026-53307
A flaw was found in the Linux kernel. The pinctrl: pinconf-generic subsystem does not properly validate the 'pinmux' property. An attacker could provide an empty 'pinmux' property, which would cause the system to crash due to invalid memory access. This could lead to a denial of service...
CVE-2026-53295
A flaw was found in the Linux kernel's mailbox component. This vulnerability arises from an insufficient sanity check for the channel array. When a mailbox controller is initialized without an attached channel array, a subsequent operation can lead to a null pointer dereference, causing a kernel...
CVE-2026-53303
A flaw was found in the Linux kernel's f2fs filesystem. This vulnerability allows for potential out-of-bounds memory access or the display of stale data. It occurs because the extensionlist and related counts are read without proper synchronization, enabling a concurrent system file system sysfs...
CVE-2026-53319
A flaw was found in the Linux kernel's block writeback throttling blk-wbt component. The wbtinitenabledefault function used a warning mechanism WARNONONCE for expected failure paths during memory allocation or if writeback throttling was already registered. This could lead to spurious warnings, b...
CVE-2026-53292
A flaw was found in the Linux kernel's phonet networking subsystem. A local user could trigger a kernel panic by sending a specially crafted message, leading to a denial of service. This occurs because the pnsocketautobind function incorrectly assumes a socket is already bound when pnsocketbind...
CVE-2026-53304
A flaw was found in the Linux kernel's SCSI generic sg module. A local user could bypass the intended size restrictions for the defreservedsize module parameter. By setting this parameter to an invalid value and then attempting to open a SCSI generic device, the system can experience a soft locku...
CVE-2026-53294
A flaw was found in the Linux kernel's mailbox subsystem. This vulnerability occurs when the receive RX channel is aliased to the transmit TX channel with a different Memory-Mapped I/O MMIO and is not properly handled during the freeing of channels. This can lead to a double-free condition, which...
CVE-2026-53282
A flaw was found in the Linux kernel's kexec functionality, specifically within the purgatory code used by kexec-tools. This vulnerability occurs when the purgatory code attempts to locate a return address on the stack during a non-kjump kexec operation, but the address is not present. This can...
CVE-2026-53310
A flaw was found in the Linux kernel. This vulnerability occurs in the soc/tegra: cbb component when a fabric receives an error interrupt, causing the system to use an incorrect memory address during a target timeout lookup. This can lead to a kernel page fault, potentially resulting in a denial ...
CVE-2026-53297
A flaw was found in the Linux kernel's mana network driver. This vulnerability occurs when the manaremove function is invoked a second time without proper checks after a power management PM resume failure and subsequent driver unbinding. A local attacker could exploit this double invocation to...
CVE-2026-57964
A flaw was found in spice-vdagent. On macOS and BSD platforms, an unprivileged local user can bypass authentication by connecting to the Unix Domain Socket Client/Server UDSCS socket. This allows the unauthorized user to receive host-to-guest messages, including clipboard data and file transfers,...
CVE-2026-57966
A path traversal vulnerability was found in spice-vdagent. This flaw allows a malicious or compromised SPICE host to write arbitrary files to any location on the guest operating system. This occurs because the filename provided by the SPICE host during file transfers is not properly sanitized...
CVE-2026-57965
A flaw was found in spice-vdagent. A malicious or compromised SPICE host can trigger an integer overflow by sending a specially crafted message. This vulnerability can lead to a heap buffer overflow, causing the spice-vdagent daemon to crash and resulting in a Denial of Service DoS for the virtua...
CVE-2026-53280
A flaw was found in the Linux kernel's Input-Output Memory Management Unit IOMMU component. This vulnerability occurs when a default IOMMU domain fails to allocate during the initial probe, leading to a NULL pointer dereference. This can cause a system crash, resulting in a Denial of Service DoS...
CVE-2026-53279
A flaw was found in the Linux kernel's drm/gma500/oaktraillvds component. This issue occurs during the initialization of the Low-Voltage Differential Signaling LVDS display interface. Due to improper error handling, the system may attempt to deregister an I2C adapter that is still in use, causing...
CVE-2026-53325
A flaw was found in the Linux kernel's AMD64 AGP Accelerated Graphics Port driver. This vulnerability occurs in virtualized environments lacking a physical AMD northbridge. Due to incorrect error handling, the driver attempts to initialize without the required hardware, leading to a NULL pointer...
CVE-2026-41696
A flaw was found in Spring Data MongoDB. Repository query methods that use regular expression regex parameter binding perform insufficient validation of the bound parameter. A remote attacker can exploit this by supplying a crafted string, which could lead to breaking out of the intended regular...
CVE-2026-13023
An uninitialized use flaw was found in the GPU component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517080836...
CVE-2026-13031
An use after free flaw was found in the Blink component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=523308824...
CVE-2026-13038
An use after free flaw was found in the Autofill component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=523740781...
CVE-2026-13025
An insufficient validation of untrusted input flaw was found in the DevTools component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=518043569...
CVE-2026-13024
An insufficient validation of untrusted input flaw was found in the Navigation component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517148260...
CVE-2026-13033
An out of bounds read flaw was found in the BlinkInterestGroups component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=523677844...
CVE-2026-13032
An use after free flaw was found in the WebGL component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=523591974...
CVE-2026-13026
An use after free flaw was found in the Digital Credentials component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=519728279...
CVE-2026-13027
An use after free flaw was found in the FileSystem component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=520543781...
CVE-2026-13283
An use after free flaw was found in the AdFilter component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=522561151...
CVE-2026-13281
An integer overflow flaw was found in the Mojo component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513138301...
CVE-2026-13282
An use after free flaw was found in the Payments component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517522620...