VYPR

CVEs

345,016 total · page 21 of 6,901

  • CVE-2026-53313Jun 27, 2026
    risk 0.00cvss epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid NULL dereference in dc_dmub_srv error paths In dc_dmub_srv_log_diagnostic_data() and dc_dmub_srv_enable_dpia_trace(). Both functions check: if (!dc_dmub_srv || !dc_dmub_srv->dmub) …

  • CVE-2026-53323Jun 27, 2026
    risk 0.00cvss epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: dsa: remove redundant netdev_lock_ops() from conduit ethtool ops DSA replaces the conduit (master) device's ethtool_ops with its own wrappers that aggregate stats from both the conduit and DSA switch…

  • CVE-2026-53291Jun 27, 2026
    risk 0.00cvss epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/conexant: Fix missing error check for jack detection In cx_probe(), the return value of snd_hda_jack_detect_enable_callback() is ignored. This function returns a pointer, and if it fails (e.g., due…

  • CVE-2026-53301Jun 27, 2026
    risk 0.00cvss epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: reset: amlogic: t7: Fix null reset ops Fix missing reset ops causing kernel null pointer dereference. This SOC's reset is currently not used yet.

  • CVE-2026-53322Jun 27, 2026
    risk 0.00cvss epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Clean up DMABUFs before disabling function On device shutdown, make vfio_pci_core_close_device() call vfio_pci_dma_buf_cleanup() before the function is disabled via vfio_pci_core_disable(). This…

  • CVE-2026-53289Jun 27, 2026
    risk 0.00cvss epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL pointer dereference in ice_reset_all_vfs() ice_reset_all_vfs() ignores the return value of ice_vf_rebuild_vsi(). When the VSI rebuild fails (e.g. during NVM firmware update via nvmupdate64e),…

  • CVE-2026-53294Jun 27, 2026
    risk 0.00cvss epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: mailbox: mailbox-test: don't free the reused channel The RX channel can be aliased to the TX channel if it has a different MMIO. This special case needs to be handled when freeing the channels otherwise a…

  • CVE-2026-53308Jun 27, 2026
    risk 0.00cvss epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: power: supply: max77705: Free allocated workqueue and fix removal order Use devm interface for allocating workqueue to fix two bugs at the same time: 1. Driver leaks the memory on remove(), because the…

  • CVE-2026-53280Jun 27, 2026
    risk 0.00cvss epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: iommu: Fix NULL group->domain dereference in pci_dev_reset_iommu_done() Local sashiko review pointed it out that group->domain could be NULL when a default domain fails to allocate during the first probe,…

  • CVE-2026-53286Jun 27, 2026
    risk 0.00cvss epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: idpf: fix double free and use-after-free in aux device error paths When auxiliary_device_add() fails in idpf_plug_vport_aux_dev() or idpf_plug_core_aux_dev(), the err_aux_dev_add label calls…

  • CVE-2026-53292Jun 27, 2026
    risk 0.00cvss epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: phonet: do not BUG_ON() in pn_socket_autobind() on failed bind syzbot reported a kernel BUG triggered from pn_socket_sendmsg() via pn_socket_autobind(): kernel BUG at net/phonet/socket.c:213! RIP:…

  • CVE-2026-53317Jun 27, 2026
    risk 0.00cvss epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: Place upper limit on station AID Any station configured with an AID over 20 causes a firmware crash. This situation occurred in our testing using an AP interface on 7922 hardware, with a…

  • CVE-2026-53281Jun 27, 2026
    risk 0.00cvss epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Avoid NULL pointer dereference or refcount corruption Commit 60f030f7418d ("iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE") fixed a NULL pointer dereference in an unlikely situation partly. If…

  • CVE-2026-53279Jun 27, 2026
    risk 0.00cvss epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drm/gma500/oaktrail_lvds: fix hang on init failure The LVDS init code looks up an I2C adapter using i2c_get_adapter() and tries to read the EDID before falling back to allocating and registering its own…

  • CVE-2026-53302Jun 27, 2026
    risk 0.00cvss epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: crypto: eip93 - fix hmac setkey algo selection eip93_hmac_setkey() allocates a temporary ahash transform for computing HMAC ipad/opad key material. The allocation uses the driver-specific cra_driver_name (e.g.…

  • CVE-2026-53298Jun 27, 2026
    risk 0.00cvss epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: airoha: Move ndesc initialization at end of airoha_qdma_init_rx_queue() If queue entry or DMA descriptor list allocation fails in airoha_qdma_init_rx_queue routine, airoha_qdma_cleanup() will trigger a…

  • CVE-2026-53290Jun 27, 2026
    risk 0.00cvss epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drm/xe/eustall: Fix drm_dev_put called before stream disable in close In xe_eu_stall_stream_close(), drm_dev_put() is called before the stream is disabled and its resources are freed. If this drops the last…

  • CVE-2026-53318Jun 27, 2026
    risk 0.00cvss epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: prevent NULL pointer dereference in mt7925_tx_check_aggr() Move the NULL check for 'sta' before dereferencing it to prevent a possible crash.

  • CVE-2026-53321Jun 27, 2026
    risk 0.00cvss epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: io_uring/napi: cap busy_poll_to 10 msec Currently there's no cap on the maximum amount of time that napi is allowed to poll if no events are found, which can lead to kernel complaints on a task being stuck as…

  • CVE-2026-53304Jun 27, 2026
    risk 0.00cvss epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Resolve soft lockup issue when opening /dev/sgX The parameter def_reserved_size defines the default buffer size reserved for each Sg_fd and should be restricted to a range between 0 and 1,048,576…

  • CVE-2026-54753modJun 26, 2026
    risk 0.31cvss 5.9epss 0.01

    Nx: Nx: `nx graph` dev server permissive CORS policy

  • CVE-2026-48090modJun 26, 2026
    risk 0.19cvss epss 0.01

    Envoy HTTP: OAuth2 filter late async token completion after stream teardown (UAF / crash risk)

  • CVE-2026-47220impJun 26, 2026
    risk 0.42cvss 7.5epss 0.01

    envoy: Envoy: Denial of Service via missing host header in specific logging configurations

  • CVE-2026-47205modJun 26, 2026
    risk 0.19cvss epss 0.00

    Envoy: ext_authz Use-After-Free during Stream Teardown with Per-Route Overrides

  • CVE-2026-47692modJun 26, 2026
    risk 0.24cvss 4.8epss 0.00

    envoy: Envoy: PROXY Protocol v2 header generator emits "skipped" TLVs, causing 65 KB attacker-controlled spillover into the upstream application stream

  • CVE-2026-48706modJun 26, 2026
    risk 0.38cvss 5.9epss 0.01

    envoy: Envoy Heap Buffer Overflow in TcpStatsdSink

  • CVE-2026-47204modJun 26, 2026
    risk 0.35cvss 6.5epss 0.00

    envoy: Envoy: Denial of Service via Connect protocol request

  • CVE-2026-47221modJun 26, 2026
    risk 0.31cvss 5.9epss 0.00

    envoy: Envoy: Null pointer deref in internal redirects

  • CVE-2026-48743impJun 26, 2026
    risk 0.42cvss 7.5epss 0.00

    envoy: Envoy: Request desynchronization allows security policy bypass via HTTP/3 to HTTP/1 translation

  • CVE-2026-48044impJun 26, 2026
    risk 0.42cvss 7.5epss 0.00

    Envoy: Envoy: Denial of Service via specially crafted zstd payload

  • CVE-2026-48042impJun 26, 2026
    risk 0.42cvss 7.5epss 0.01

    envoy: Envoy: Denial of Service via deeply nested JSON objects

  • CVE-2026-47778modJun 26, 2026
    risk 0.22cvss 4.4epss 0.00

    envoy: Envoy: Information disclosure via malicious certificate with NUL byte in DNS Subject Alternative Name (SAN)

  • CVE-2026-5757impJun 26, 2026
    risk 0.49cvss 7.5epss 0.01

    Ollama: There exists an unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine

  • CVE-2026-57915impJun 26, 2026
    risk 0.47cvss 7.3epss 0.00

    Apache Kerby: org.apache.kerby/kerb-server: Apache Kerby: Kerberos pre-authentication bypass via unrecognized PA-DATA

  • CVE-2026-57914modJun 26, 2026
    risk 0.42cvss 6.5epss 0.00

    apache-kerby: org.apache.kerby/kerby-asn1: Apache Kerby: Denial of Service via deeply nested ASN.1 structure

  • CVE-2026-13325modJun 26, 2026
    risk 0.55cvss 8.5epss 0.00

    virt-handler-rhel9: kubevirt: kubevirt: DisableTLS migration setting removes authentication, exposing unauthenticated virtqemud proxy on all interfaces

  • CVE-2026-40941Jun 26, 2026
    risk 0.00cvss epss 0.00

    Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a package import signature validation bypass allows which allows self-signed packages. This issue has been fixed in version 1.2.31.

  • CVE-2026-40084Jun 26, 2026
    risk 0.00cvss epss 0.00

    Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversal through the Report format_file Parameter, causing arbitrary file read. This vulnerability occurs in two stages. In the first stage (stored injection),…

  • CVE-2026-40082Jun 26, 2026
    risk 0.00cvss epss 0.00

    Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have missing session_regenerate_id() after login, leading to Session Fixation. session_regenerate_id() is NOT called after successful login. The login flow at auth_login.php:203-207…

  • CVE-2026-40080Jun 26, 2026
    risk 0.00cvss epss 0.00

    Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Open Redirect through a substring check rather than a host check at str_contains($referer, CACTI_PATH_URL). When the user's login_opts == '1' (redirect to referer…

  • CVE-2026-40083Jun 26, 2026
    risk 0.00cvss epss 0.00

    Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have SQL Injection through unsanitized unserialize+implode in managers.php. At line 756 of managers.php, the application assigns $selected_items by calling…

  • CVE-2026-55958Jun 26, 2026
    risk 0.00cvss epss 0.00

    Out-of-bounds write in the Renesas TSIP TLS 1.3 transcript buffer. In tsip_StoreMessage() the capacity check guarding the fixed message bag (MSGBAG_SIZE) sets an error code but fails to return, so execution falls through to an XMEMCPY that writes past the end of the buffer once…

  • CVE-2026-7532Jun 26, 2026
    risk 0.00cvss epss 0.00

    iPAddress name constraints bypass when WOLFSSL_IP_ALT_NAME is not defined. IP address name constraints are not enforced in that configuration, allowing a certificate to bypass an issuing CA's IP address constraints.

  • CVE-2026-6450Jun 26, 2026
    risk 0.00cvss epss 0.00

    A CRL critical extension bypass exists in ParseCRL_Extensions where critical extensions are not properly enforced, allowing a crafted CRL with an unhandled critical extension to be accepted. This only affects builds with CRL support enabled and where a crafted CRL had a trusted…

  • CVE-2026-55962Jun 26, 2026
    risk 0.00cvss epss 0.00

    TLS 1.3 post-handshake authentication (PHA) issue where a server could accept a client's Finished message without the client having sent a Certificate and CertificateVerify. The post-handshake-auth exemption that allows an empty/absent peer certificate was only intended for the…

  • CVE-2026-7531Jun 26, 2026
    risk 0.00cvss epss 0.00

    Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026-5460 (released in 5.9.1): a malicious TLS 1.3 server sending a truncated PQC hybrid KeyShare can still trigger the error cleanup path to operate on freed memory.

  • CVE-2026-6681Jun 26, 2026
    risk 0.00cvss epss 0.00

    The PKCS#7 decode path ignores the caller-supplied output buffer size (outputSz), allowing decoded content to be written past the bounds of the provided buffer. This affects wolfSSL 5.9.0 and earlier and was fixed in the 5.9.1 release.

  • CVE-2026-6330Jun 26, 2026
    risk 0.00cvss epss 0.00

    The ML-KEM ARM64 NEON ciphertext comparison only compares half of the input, breaking the Fujisaki-Okamoto transform's implicit rejection and weakening IND-CCA2 security on that code path. The constant-time comparison effectively ignored part of the re-encrypted ciphertext, so a…

  • CVE-2026-6412Jun 26, 2026
    risk 0.00cvss epss 0.00

    Certificate policy and RFC 8446 compliance concerns regarding the continued acceptance of SHA-1/MD5 in certificate processing.

  • CVE-2026-55960Jun 26, 2026
    risk 0.00cvss epss 0.00

    Un-negotiated Raw Public Key (RFC 7250) accepted in place of an X.509 certificate, bypassing chain validation. A raw public key has no chain, so ParseCertRelative() accepts it without performing any trust verification; it must therefore only be accepted when RPK was actually…