Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2026-43375 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: net: mctp: fix device leak on probe failure Driver core holds a reference to the USB interface and…
CVE-2026-43374 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix percpu use-after-free in remove_nh_grp_entry When removing a nexthop from a group, remove_nh_grp_entry() publishes the new…
CVE-2026-43373 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: net: ncsi: fix skb leak in error paths Early return paths in NCSI RX and AEN handlers fail…
CVE-2026-43372 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: net: dsa: microchip: Fix error path in PTP IRQ setup If request_threaded_irq() fails during the PTP message IRQ…
CVE-2026-43371 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: net: macb: Shuffle the tx ring before enabling tx Quanyang observed that when using an NFS rootfs on…
CVE-2026-43370 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix use-after-free race in VM acquire Replace non-atomic vm->process_info assignment with cmpxchg() to prevent race when parent/child…
CVE-2026-43369 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix NULL pointer dereference in device cleanup When GPU initialization fails due to an unsupported HW block…
CVE-2026-43368 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix potential overflow of shmem scatterlist length When a scatterlists table of a GEM shmem object of…
CVE-2026-43367 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix a few more NULL pointer dereference in device cleanup I found a few more paths that…
CVE-2026-43366 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: io_uring/kbuf: check if target buffer list is still legacy on recycle There's a gap between when the buffer…
CVE-2026-43365 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: xfs: fix undersized l_iclog_roundoff values If the superblock doesn't list a log stripe unit, we set the incore…
CVE-2026-43364 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: ublk: fix NULL pointer dereference in ublk_ctrl_set_size() ublk_ctrl_set_size() unconditionally dereferences ub->ub_disk via set_capacity_and_notify() without checking if it is…
CVE-2026-43363 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: x86/apic: Disable x2apic on resume if the kernel expects so When resuming from s2ram, firmware may re-enable x2apic…
CVE-2026-43362 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix in-place encryption corruption in SMB2_write() SMB2_write() places write payload in iov[1..n] as part of rq_iov.…
CVE-2026-43361 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction abort when snapshotting received subvolumes Currently a user can trigger a transaction abort by snapshotting…
CVE-2026-43360 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction abort on file creation due to name hash collision If we attempt to create several…
CVE-2026-43359 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction abort on set received ioctl due to item overflow If the set received ioctl fails…
CVE-2026-43358 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: btrfs: add missing RCU unlock in error path in try_release_subpage_extent_buffer() Call rcu_read_lock() before exiting the loop in try_release_subpage_extent_buffer()…
CVE-2026-43357 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: iio: gyro: mpu3050-core: fix pm_runtime error handling The return value of pm_runtime_get_sync() is not checked, allowing the driver…
CVE-2026-43356 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: iio: imu: adis: Fix NULL pointer dereference in adis_init The adis_init() function dereferences adis->ops to check if the…
CVE-2026-43355 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: iio: light: bh1780: fix PM runtime leak on error path Move pm_runtime_put_autosuspend() before the error check to ensure…
CVE-2026-43354 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: iio: proximity: hx9023s: Protect against division by zero in set_samp_freq Avoid division by zero when sampling frequency is…
CVE-2026-43353 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Fix race in DMA ring dequeue The HCI DMA dequeue path (hci_dma_dequeue_xfer()) may be invoked for…
CVE-2026-43352 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Correct RING_CTRL_ABORT handling in DMA dequeue The logic used to abort the DMA ring contains several…
CVE-2026-43351 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Eagerly init vgic dist/redist on vgic creation If vgic_allocate_private_irqs_locked() fails for any odd reason, we exit…
CVE-2026-43284 2026-05-08 HIGH 7.8 In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to…
CVE-2026-41906 2026-05-07 HIGH 7.1 FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.214, the Change Customer modal correctly hides out-of-scope customers through the…
CVE-2026-39826 2026-05-07 MEDIUM 6.1 If a trusted template author were to write a tag containing an empty 'type' attribute or a 'type' attribute with an ASCII whitespace, the execution of the template…
CVE-2026-39823 2026-05-07 MEDIUM 6.1 CVE-2026-27142 fixed a vulnerability in which URLs were not correctly escaped inside of a tag's attribute. If the URL content were to insert ASCII whitespaces around the '='…
CVE-2026-39820 2026-05-07 HIGH 7.5 Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations.
CVE-2026-33811 2026-05-07 HIGH 7.5 When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash.
CVE-2026-8142 2026-05-07 MEDIUM 6.5 VINCE versions 3.0.38 and earlier do not properly verify the From address authenticity due to encoding confusion and use the from address for automated actions such as Ticket…
CVE-2026-43350 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: smb: client: require a full NFS mode SID before reading mode bits parse_dacl() treats an ACE SID matching…
CVE-2026-43349 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid uninit-value access in f2fs_sanity_check_node_footer syzbot reported a f2fs bug as below: BUG: KMSAN: uninit-value…
CVE-2026-43348 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: mshv_vtl: Fix vmemmap_shift exceeding MAX_FOLIO_ORDER When registering VTL0 memory via MSHV_ADD_VTL0_MEMORY, the kernel computes pgmap->vmemmap_shift as the number…
CVE-2026-43347 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: monaco: Reserve full Gunyah metadata region We observe spurious "Synchronous External Abort" exceptions (ESR=0x96000010) and…
CVE-2026-43346 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: ice: ptp: don't WARN when controlling PF is unavailable In VFIO passthrough setups, it is possible to pass…
CVE-2026-43345 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: net: ipa: fix event ring index not programmed for IPA v5.0+ For IPA v5.0+, the event ring index…
CVE-2026-43344 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix die ID init and look up bugs In snbep_pci2phy_map_init(), in the nr_node_ids > 8 path, uncore_device_to_die()…
CVE-2026-43343 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_subset: Fix unbalanced refcnt in geth_free geth_alloc() increments the reference count, but geth_free() fails to decrement…
CVE-2026-43342 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_rndis: Protect RNDIS options with mutex The class/subclass/protocol options are suspectible to race conditions as they…
CVE-2026-43341 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: net/ipv6: ioam6: prevent schema length wraparound in trace fill ioam6_fill_trace_data() stores the schema contribution to the trace length…
CVE-2026-43340 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: comedi: Reinit dev->spinlock between attachments to low-level drivers `struct comedi_device` is the main controlling structure for a COMEDI…
CVE-2026-43339 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent possible UaF in addrconf_permanent_addr() The mentioned helper try to warn the user about an exceptional condition,…
CVE-2026-43338 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: btrfs: reserve enough transaction items for qgroup ioctls Currently our qgroup ioctls don't reserve any space, they just…
CVE-2026-43337 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL pointer dereference in dcn401_init_hw() dcn401_init_hw() assumes that update_bw_bounding_box() is valid when entering the update path.…
CVE-2026-43336 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: lib/crypto: chacha: Zeroize permuted_state before it leaves scope Since the ChaCha permutation is invertible, the local variable 'permuted_state'…
CVE-2026-43335 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: interconnect: qcom: sm8450: Fix NULL pointer dereference in icc_link_nodes() The change to dynamic IDs for SM8450 platform interconnects…
CVE-2026-43334 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SMP: force responder MITM requirements before building the pairing response smp_cmd_pairing_req() currently builds the pairing response from…
CVE-2026-43333 2026-05-08 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: bpf: reject direct access to nullable PTR_TO_BUF pointers check_mem_access() matches PTR_TO_BUF via base_type() which strips PTR_MAYBE_NULL, allowing direct…
« Anterior Página 221 de 4477 Siguiente »