VYPR

CVEs

345,015 total · page 18 of 6,901

  • CVE-2026-14324modJul 1, 2026
    risk 0.42cvss 6.5epss 0.00

    pipewire: RAOP RTSP NULL Deref

  • CVE-2026-14330modJul 1, 2026
    risk 0.36cvss 5.5epss 0.00

    pipewire: Pulse Server alloca Stack Overflow

  • CVE-2026-53326lowJul 1, 2026
    risk 0.29cvss 5.5epss 0.00

    kernel: debugobjects: Don't call fill_pool() in early boot hardirq context

  • CVE-2026-53327lowJul 1, 2026
    risk 0.29cvss 5.5epss 0.00

    kernel: debugobjects: Do not fill_pool() if pi_blocked_on

  • CVE-2026-53328Jul 1, 2026
    risk 0.00cvss epss 0.00

    kernel: sched_ext: Don't warn on NULL cgrp_moving_from in scx_cgroup_move_task()

  • CVE-2026-53329Jul 1, 2026
    risk 0.00cvss epss 0.00

    kernel: drm/amd/display: Use krealloc_array() in dal_vector_reserve()

  • CVE-2026-53330Jul 1, 2026
    risk 0.00cvss epss 0.00

    kernel: drm/amd/display: Fix out-of-bounds read in dp_get_eq_aux_rd_interval()

  • CVE-2026-53331modJul 1, 2026
    risk 0.19cvss epss 0.00

    kernel: slimbus: qcom-ngd-ctrl: Avoid ABBA on tx_lock/ctrl->lock

  • CVE-2026-53332Jul 1, 2026
    risk 0.00cvss epss 0.00

    kernel: slimbus: qcom-ngd-ctrl: Register callbacks after creating the ngd

  • CVE-2026-53333lowJul 1, 2026
    risk 0.29cvss 5.5epss 0.00

    kernel: mm/mincore: handle non-swap entries before !CONFIG_SWAP guard

  • CVE-2026-53334Jul 1, 2026
    risk 0.00cvss epss 0.00

    kernel: mm/damon/reclaim: handle ctx allocation failure

  • CVE-2026-53335Jul 1, 2026
    risk 0.00cvss epss 0.00

    kernel: mm/damon/lru_sort: handle ctx allocation failure

  • CVE-2026-53336Jul 1, 2026
    risk 0.00cvss epss 0.00

    kernel: nvmem: layouts: onie-tlv: fix hang on unknown types

  • CVE-2026-53337lowJul 1, 2026
    risk 0.29cvss 5.5epss 0.00

    kernel: net: bonding: fix NULL pointer dereference in bond_do_ioctl()

  • CVE-2026-53338Jul 1, 2026
    risk 0.00cvss epss 0.00

    kernel: net: airoha: Add NULL check for of_reserved_mem_lookup() in airoha_qdma_init_hfwd_queues()

  • CVE-2026-53339lowJul 1, 2026
    risk 0.29cvss 5.5epss 0.00

    kernel: i2c: qcom-cci: Fix NULL pointer dereference in cci_remove()

  • CVE-2026-53340lowJul 1, 2026
    risk 0.29cvss 5.5epss 0.00

    kernel: i2c: imx: fix clock and pinctrl state inconsistency in runtime PM

  • CVE-2026-53341modJul 1, 2026
    risk 0.39cvss 7.0epss 0.00

    kernel: fhandle: fix UAF due to unlocked ->mnt_ns read in may_decode_fh()

  • CVE-2026-53342modJul 1, 2026
    risk 0.19cvss epss 0.00

    kernel: arm64: mm: call pagetable dtor when freeing hot-removed page tables

  • CVE-2026-53343Jul 1, 2026
    risk 0.00cvss epss 0.00

    kernel: ARM: 9475/1: entry: use byte load for KASAN VMAP stack shadow

  • CVE-2026-53344modJul 1, 2026
    risk 0.19cvss epss 0.00

    kernel: pinctrl: mcp23s08: Initialize mcp->dev and mcp->addr before regmap init

  • CVE-2026-53345Jul 1, 2026
    risk 0.00cvss epss 0.00

    kernel: KVM: Don't WARN if memory is dirtied without a vCPU when the VM is dying

  • CVE-2026-53347lowJul 1, 2026
    risk 0.29cvss 5.5epss 0.00

    kernel: drm/virtio: Fix driver removal with disabled KMS

  • CVE-2026-53348lowJul 1, 2026
    risk 0.29cvss 5.5epss 0.00

    kernel: ASoC: SDCA: fix NULL pointer dereference in sdca_dev_unregister_functions

  • CVE-2026-53349modJul 1, 2026
    risk 0.29cvss 5.5epss 0.00

    kernel: netfilter: nf_conntrack: destroy stale expectfn expectations on unregister

  • CVE-2026-53350lowJul 1, 2026
    risk 0.29cvss 5.5epss 0.00

    kernel: ASoC: wm_adsp: Fix NULL dereference when removing firmware controls

  • CVE-2026-53351Jul 1, 2026
    risk 0.00cvss epss 0.00

    kernel: riscv/ptrace: Use USER_REGSET_NOTE_TYPE for REGSET_CFI

  • CVE-2026-53352lowJul 1, 2026
    risk 0.29cvss 5.5epss 0.00

    kernel: signal: clear JOBCTL_PENDING_MASK for caller in zap_other_threads()

  • CVE-2026-53353lowJul 1, 2026
    risk 0.29cvss 5.5epss 0.00

    kernel: hsr: Remove WARN_ONCE() in hsr_addr_is_self()

  • CVE-2026-53354modJul 1, 2026
    risk 0.39cvss 7.0epss 0.00

    kernel: arm64: errata: Mitigate TLBI errata on various Arm CPUs

  • CVE-2026-53355modJul 1, 2026
    risk 0.39cvss 7.0epss 0.00

    kernel: net: rds: clear i_sends on setup unwind

  • CVE-2026-53356Jul 1, 2026
    risk 0.00cvss epss 0.00

    kernel: drm/i915/gem: Fix phys BO pread/pwrite with offset

  • CVE-2026-54672impJun 30, 2026
    risk 0.40cvss 7.3epss 0.00

    electron-updater: app-builder-lib: Electron-updater: Arbitrary code execution through AppImage library loading vulnerability

  • CVE-2026-54673modJun 30, 2026
    risk 0.35cvss 6.5epss 0.00

    electron-updater: electron-builder: Electron-updater: Information disclosure via unstripped credential headers during HTTP redirects

  • CVE-2026-58371lowJun 30, 2026
    risk 0.13cvss 3.1epss 0.00

    github.com/seaweedfs/seaweedfs: SeaweedFS: Information disclosure via unvalidated JSONP callback parameter

  • CVE-2026-13455modJun 30, 2026
    risk 0.21cvss 4.3epss 0.00

    postgresql_anonymizer: PostgreSQL Anonymizer: Information Disclosure via brute-force attack on hash function

  • CVE-2026-53433modJun 30, 2026
    risk 0.42cvss 7.5epss 0.00

    fzf: fzf: Denial of Service via inefficient HTTP body processing

  • CVE-2026-53432modJun 30, 2026
    risk 0.26cvss 5.0epss 0.00

    github.com/junegunn/fzf: fzf: Denial of Service via Integer Overflow in FuzzyMatchV2 function

  • CVE-2026-12388modJun 30, 2026
    risk 0.42cvss 6.5epss 0.00

    keycloak-broker: Keycloak: Privilege escalation to realm administrator via improper authorization in identity provider mapper

  • CVE-2026-14209modJun 30, 2026
    risk 0.28cvss 4.3epss 0.00

    keycloak-admin-ui: keycloak-admin-ui: Keycloak: Admin UI extension brute-force-user endpoint bypasses FGAPv2 user view restrictions

  • CVE-2026-49434impJun 30, 2026
    risk 0.42cvss 7.6epss 0.01

    org.apache.activemq/activemq-broker: org.apache.activemq/activemq-core: org.apache.activemq/activemq-all: Apache ActiveMQ: Unauthorized broker instantiation via improper input validation in LDAP entries

  • CVE-2026-49432impJun 30, 2026
    risk 0.42cvss 7.5epss 0.01

    org.apache.activemq/activemq: org.apache.activemq/activemq-all: org.apache.activemq/activemq-stomp: Apache ActiveMQ: Denial of Service via improper input validation in STOMP connector

  • CVE-2026-50734impJun 30, 2026
    risk 0.42cvss 7.5epss 0.01

    Apache ActiveMQ Client: Apache ActiveMQ: Apache ActiveMQ All: Apache ActiveMQ: Denial of Service via crafted WireFormatInfo frame

  • CVE-2026-50750impJun 30, 2026
    risk 0.49cvss 7.5epss 0.01

    activemq: Apache ActiveMQ: Denial of Service via repeated BrokerInfo commands

  • CVE-2026-53916impJun 30, 2026
    risk 0.42cvss 7.5epss 0.01

    Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp: Unbounded header buffer in STOMP NIO codec

  • CVE-2026-53917modJun 30, 2026
    risk 0.35cvss 6.5epss 0.01

    activemq: activemq-all: activemq-client: activemq-broker: Apache ActiveMQ: Denial of Service via crafted OpenWire Message

  • CVE-2026-54475impJun 30, 2026
    risk 0.46cvss 8.2epss 0.01

    org.apache.activemq/activemq-broker: org.apache.activemq/activemq-all: org.apache.activemq/activemq: Apache ActiveMQ: Information disclosure due to broken temporary destination isolation

  • CVE-2026-13523Jun 30, 2026
    risk 0.00cvss epss 0.00

    A weakness has been identified in GPAC up to 26.02.0. This affects an unknown part of the file src/utils/base_encoding.c of the component ISOBMFF Parser. Executing a manipulation can lead to highly compressed data. The attack needs to be launched locally. The exploit has been…

  • CVE-2026-58302Jun 30, 2026
    risk 0.00cvss epss 0.00

    rtapi_app in linuxcnc-uspace in LinuxCNC before 2.9.9 allows privilege escalation. It is installed SUID root and loads shared library modules via dlopen() by using a user-supplied module name. Insufficient validation of the module name allows path traversal, enabling an…

  • CVE-2026-13601Jun 30, 2026
    risk 0.00cvss epss 0.00

    A flaw was found in Yelp due to an overly permissive Content Security Policy (CSP) implementation provided by yelp-xsl. A malicious Flatpak application can open crafted help content through the OpenURI portal. By embedding an untrusted CSS stylesheet within a structured SVG…