Lucene search
K
UbuntucveRecent

68528 matches found

UbuntuCve
UbuntuCve
added 2026/02/02 2:16 p.m.5 views

CVE-2026-1760

A flaw was found in SoupServer. This HTTP request smuggling vulnerability occurs because SoupServer improperly handles requests that combine Transfer-Encoding: chunked and Connection: keep-alive headers. A remote, unauthenticated client can exploit this by sending specially crafted requests,...

5.3CVSS6.1AI score0.00423EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/02/02 2:16 p.m.2 views

CVE-2026-1761

A flaw was found in libsoup. This stack-based buffer overflow vulnerability occurs during the parsing of multipart HTTP responses due to an incorrect length calculation. A remote attacker can exploit this by sending a specially crafted multipart HTTP response, which can lead to memory corruption...

8.6CVSS7.1AI score0.00947EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/02/02 1:15 p.m.9 views

CVE-2026-1757

A flaw was identified in the interactive shell of the xmllint utility, part of the libxml2 project, where memory allocated for user input is not properly released under certain conditions. When a user submits input consisting only of whitespace, the program skips command execution but fails to fr...

6.2CVSS6.1AI score0.00194EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/02/02 12:0 a.m.6 views

CVE-2026-1751

A vulnerability has been discovered in GitLab CE/EE affecting all versions starting with 16.8 before 18.5.0 that could have allowed unauthorized edits to merge request approval rules under certain conditions...

3.1CVSS5.7AI score0.00194EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2026/02/01 1:15 p.m.3 views

CVE-2022-50942

Incinga Web 2.8.2 contains a client-side cross-site scripting vulnerability that allows remote attackers to inject malicious script codes through the icinga.min.js file. Attackers can exploit the EventListener.handleEvent method to execute arbitrary scripts, potentially leading to session hijacki...

5.4CVSS6.1AI score0.00256EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.5 views

CVE-2026-23015

In the Linux kernel, the following vulnerability has been resolved: gpio: mpsse: fix reference leak in gpiompsseprobe error paths The reference obtained by calling usbgetdev is not released in the gpiompsseprobe error paths. Fix that by using device managed helper functions. Also remove the...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.7 views

CVE-2026-23017

In the Linux kernel, the following vulnerability has been resolved: idpf: fix error handling in the inittask on load If the inittask fails during a driver load, we end up without vports and netdevs, effectively failing the entire process. In that state a subsequent reset will result in a crash as...

5.5CVSS5.7AI score0.00132EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.4 views

CVE-2025-71191

In the Linux kernel, the following vulnerability has been resolved: dmaengine: athdmac: fix device leak on ofdmaxlate Make sure to drop the reference taken when looking up the DMA platform device during ofdmaxlate when releasing channel resources. Note that commit 3832b78b3ec2 "dmaengine: athdmac...

5.5CVSS5.7AI score0.00183EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.3 views

CVE-2025-71182

In the Linux kernel, the following vulnerability has been resolved: can: j1939: make j1939sessionactivate fail if device is no longer registered syzbot is still reporting unregisternetdevice: waiting for vcan0 to become free. Usage count = 2 even after commit 93a27b5891b8 "can: j1939: add missing...

5.5CVSS5.9AI score0.00156EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.4 views

CVE-2026-23038

In the Linux kernel, the following vulnerability has been resolved: pnfs/flexfiles: Fix memory leak in nfs4ffallocdeviceidnode In nfs4ffallocdeviceidnode, if the allocation for dsversions fails, the function jumps to the outscratch label without freeing the already allocated dsaddrs list, leading...

5.9AI score0.00222EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.6 views

CVE-2025-71190

In the Linux kernel, the following vulnerability has been resolved: dmaengine: bcm-sba-raid: fix device leak on probe Make sure to drop the reference taken when looking up the mailbox device during probe on probe failures and on driver unbind...

5.5CVSS5.9AI score0.00183EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.6 views

CVE-2026-23028

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvmdevice leak in kvmipidestroy In kvmioctlcreatedevice, kvmdevice has allocated memory, kvmdevice-destroy seems to be supposed to free its kvmdevice struct, but kvmipidestroy is not currently doing this, that...

5.7AI score0.00194EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.4 views

CVE-2026-23018

In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before initializing extent tree in btrfsreadlockedinode In btrfsreadlockedinode we are calling btrfsinitfileextenttree while holding a path with a read locked leaf from a subvolume tree, and...

5.5CVSS5.8AI score0.001EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.4 views

CVE-2025-71181

In the Linux kernel, the following vulnerability has been resolved: rustbinder: remove spinlock in rustshrinkfreepage When forward-porting Rust Binder to 6.18, I neglected to take commit fb56fdf8b9a2 "mm/listlru: split the lock to per-cgroup scope" into account, and apparently I did not end up...

5.5CVSS5.7AI score0.00102EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.4 views

CVE-2026-23029

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvmdevice leak in kvmeiointcdestroy In kvmioctlcreatedevice, kvmdevice has allocated memory, kvmdevice-destroy seems to be supposed to free its kvmdevice struct, but kvmeiointcdestroy is not currently doing...

5.7AI score0.00194EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.4 views

CVE-2026-23036

In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before igetfailed in btrfsreadlockedinode In btrfsreadlockedinode if we fail to lookup the inode, we jump to the 'out' label with a path that has a read locked leaf and then we call igetfailed. This can result...

5.8AI score0.00194EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.1 views

CVE-2026-23021

In the Linux kernel, the following vulnerability has been resolved: net: usb: pegasus: fix memory leak in updateethregsasync When asynchronously writing to the device registers and if usbsubmiturb fail, the code fail to release allocated to this point resources...

5.5CVSS6AI score0.00149EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.4 views

CVE-2025-71188

In the Linux kernel, the following vulnerability has been resolved: dmaengine: lpc18xx-dmamux: fix device leak on route allocation Make sure to drop the reference taken when looking up the DMA mux platform device during route allocation. Note that holding a reference to a device does not prevent...

5.5CVSS5.7AI score0.00183EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.3 views

CVE-2026-23034

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Fix fence reference leak on queue teardown v2 The user mode queue keeps a pointer to the most recent fence in userq-lastfence. This pointer holds an extra dmafence reference. When the queue is destroyed, we free...

5.7AI score0.00177EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.4 views

CVE-2026-23019

In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix NULL dereference on devlinkalloc failure devlinkalloc may return NULL on allocation failure, but presteradevlinkalloc unconditionally calls devlinkpriv on the returned pointer. This leads to a NULL...

5.5CVSS5.7AI score0.00115EPSS
Exploits0References24
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.2 views

CVE-2025-71186

In the Linux kernel, the following vulnerability has been resolved: dmaengine: stm32: dmamux: fix device leak on route allocation Make sure to drop the reference taken when looking up the DMA mux platform device during route allocation. Note that holding a reference to a device does not prevent i...

5.5CVSS5.7AI score0.00183EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.4 views

CVE-2026-23020

In the Linux kernel, the following vulnerability has been resolved: net: 3com: 3c59x: fix possible null dereference in vortexprobe1 pdev can be null and freering: can be called in 1297 with a null pdev...

5.5CVSS5.9AI score0.00115EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.8 views

CVE-2026-23027

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvmdevice leak in kvmpchpicdestroy In kvmioctlcreatedevice, kvmdevice has allocated memory, kvmdevice-destroy seems to be supposed to free its kvmdevice struct, but kvmpchpicdestroy is not currently doing this...

5.7AI score0.00194EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.2 views

CVE-2025-71185

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: dma-crossbar: fix device leak on am335x route allocation Make sure to drop the reference taken when looking up the crossbar platform device during am335x route allocation...

5.5CVSS5.7AI score0.00183EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.4 views

CVE-2026-23016

In the Linux kernel, the following vulnerability has been resolved: inet: frags: drop fraglist conntrack references Jakub added a warning in nfconntrackcleanupnetlist to make debugging leaked skbs/conntrack references more obvious. syzbot reports this as triggering, and I can also reproduce this...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.5 views

CVE-2026-23037

In the Linux kernel, the following vulnerability has been resolved: can: etases58x: allow partial RX URB allocation to succeed When es58xallocrxurbs fails to allocate the requested number of URBs but succeeds in allocating some, it returns an error code. This causes es58xopen to return early,...

5.7AI score0.00217EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.3 views

CVE-2026-23030

In the Linux kernel, the following vulnerability has been resolved: phy: rockchip: inno-usb2: Fix a double free bug in rockchipusb2phyprobe The foreachavailablechildofnode calls ofnodeput to release childnp in each success loop. After breaking from the loop with the childnp has been released, the...

5.8AI score0.00217EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.3 views

CVE-2025-71184

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix NULL dereference on root when tracing inode eviction When evicting an inode the first thing we do is to setup tracing for it, which implies fetching the root's id. But in btrfsevictinode the root might be NULL, as...

5.5CVSS5.7AI score0.00118EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.3 views

CVE-2026-23031

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: fix URB memory leak In gscanopen, the URBs for USB-in transfers are allocated, added to the parent-rxsubmitted anchor and submitted. In the complete callback gsusbreceivebulkcallback, the URB...

5.7AI score0.00197EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.2 views

CVE-2025-71180

In the Linux kernel, the following vulnerability has been resolved: counter: interrupt-cnt: Drop IRQFNOTHREAD flag An IRQ handler can either be IRQFNOTHREAD or acquire spinlockt, as CONFIGPROVERAWLOCKNESTING warns: ============================= BUG: Invalid wait context 6.18.0-rc1+git... 1...

5.5CVSS5.7AI score0.00149EPSS
Exploits0References24
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.6 views

CVE-2026-23032

In the Linux kernel, the following vulnerability has been resolved: nullblk: fix kmemleak by releasing references to fault configfs items When CONFIGBLKDEVNULLBLKFAULTINJECTION is enabled, the null-blk driver sets up fault injection support by creating the timeoutinject, requeueinject, and...

5.7AI score0.00206EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.2 views

CVE-2026-23024

In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leak of flow steer list on rmmod The flow steering list maintains entries that are added and removed as ethtool creates and deletes flow steering rules. Module removal with active entries causes memory leak as th...

5.5CVSS5.7AI score0.00132EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.3 views

CVE-2025-71187

In the Linux kernel, the following vulnerability has been resolved: dmaengine: sh: rz-dmac: fix device leak on probe failure Make sure to drop the reference taken when looking up the ICU device during probe also on probe failures e.g. probe deferral...

5.5CVSS5.7AI score0.00157EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.3 views

CVE-2026-23022

In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leak in idpfvccoredeinit Make sure to free hw-lanregs. Reported by kmemleak during reset: unreferenced object 0xff1b913d02a936c0 size 96: comm "kworker/u258:14", pid 2174, jiffies 4294958305 hex dump first 32...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.4 views

CVE-2026-23025

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: prevent pcp corruption with SMP=n The kernel test robot has reported: BUG: spinlock trylock failure on UP on CPU0, kcompactd0/28 lock: 0xffff888807e35ef0, .magic: dead4ead, .owner: kcompactd0/28, .ownercpu: 0 CPU: 0...

7.8CVSS5.8AI score0.00184EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.4 views

CVE-2026-23039

In the Linux kernel, the following vulnerability has been resolved: drm/gud: fix NULL fb and crtc dereferences on USB disconnect On disconnect drmatomichelperdisableall is called which sets both the fb and crtc for a plane to NULL before invoking a commit. This causes a kernel oops on every displ...

5.8AI score0.00194EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.3 views

CVE-2026-23026

In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: gpi: Fix memory leak in gpiperipheralconfig Fix a memory leak in gpiperipheralconfig where the original memory pointed to by gchan-config could be lost if krealloc fails. The issue occurs when: 1. gchan-config...

5.5CVSS5.7AI score0.00183EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.4 views

CVE-2025-71183

In the Linux kernel, the following vulnerability has been resolved: btrfs: always detect conflicting inodes when logging inode refs After rename exchanging either with the rename exchange operation or regular renames in multiple non-atomic steps two inodes and at least one of them is a directory,...

5.5CVSS5.8AI score0.00161EPSS
Exploits0References13
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.4 views

CVE-2025-71189

In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw: dmamux: fix OF node leak on route allocation failure Make sure to drop the reference taken to the DMA master OF node also on late route allocation failures...

5.5CVSS5.7AI score0.00183EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.4 views

CVE-2026-23035

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Pass netdev to mlx5edestroynetdev instead of priv mlx5epriv is an unstable structure that can be memset0 if profile attaching fails. Pass netdev to mlx5edestroynetdev to guarantee it will work on a valid netdev. On...

5.7AI score0.00209EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.5 views

CVE-2026-23023

In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leak in idpfvportrel Free vport-rxptypelkup in idpfvportrel to avoid leaking memory during a reset. Reported by kmemleak: unreferenced object 0xff450acac838a000 size 4096: comm "kworker/u258:5", pid 7732, jiffies...

5.5CVSS5.7AI score0.00147EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/01/31 12:16 p.m.8 views

CVE-2026-23033

In the Linux kernel, the following vulnerability has been resolved: dmaengine: omap-dma: fix dmapool resource leak in error paths The dmapool created by dmapoolcreate is not destroyed when dmaasyncdeviceregister or ofdmacontrollerregister fails, causing a resource leak in the probe error paths. A...

5.7AI score0.00202EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/01/30 11:16 p.m.6 views

CVE-2020-37040

Code Blocks 17.12 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by crafting a malicious file name with Unicode characters. Attackers can trigger the vulnerability by pasting a specially crafted payload into the file name field during project...

8.4CVSS6.4AI score0.00188EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/01/30 11:16 p.m.4 views

CVE-2020-37038

Code Blocks 20.03 contains a denial of service vulnerability that allows attackers to crash the application by manipulating input in the FSymbols search field. Attackers can paste a large payload of 5000 repeated characters into the search field to trigger an application crash...

7.5CVSS5.9AI score0.00373EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/01/30 10:15 p.m.3 views

CVE-2025-36365

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 under specific configuration of cataloged remote storage aliases could allow an authenticated user to execute unauthorized commands due to an authorization bypass vulnerability using a...

7.5CVSS5.5AI score0.00261EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/01/30 10:15 p.m.4 views

CVE-2025-36442

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query with XML columns...

7.5CVSS5.4AI score0.00387EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/01/30 10:15 p.m.5 views

CVE-2025-36366

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow a user to cause a denial of service by executing a query that invokes the JSONObject scalar function, which may trigger an unhandled exception leading to abnormal server termination...

6.5CVSS5.5AI score0.00355EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/01/30 10:15 p.m.4 views

CVE-2025-36423

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 12.1.0 - 12.1.3 could allow a local user to cause a denial of service due to improper neutralization of special elements in data query logic...

6.5CVSS5.4AI score0.00242EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/01/30 10:15 p.m.6 views

CVE-2025-36428

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic when the RPSCAN feature is enabled...

5.3CVSS5.4AI score0.003EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/01/30 10:15 p.m.4 views

CVE-2025-36009

IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server could allow an authenticated user to cause a denial of service due to excessive use of a global variable...

6.5CVSS5.5AI score0.00339EPSS
Exploits0References2
Total number of security vulnerabilities68528