CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2026-23138 In the Linux kernel, the following vulnerability has been resolved: tracing: Add recursion protection in kernel stack trace recording A bug was reported about an infinite recursion caused by tracing... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-23104 In the Linux kernel, the following vulnerability has been resolved: ice: fix devlink reload call trace Commit 4da71a77fc3b ("ice: read internal temperature sensor") introduced internal temperature s... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-23070 In the Linux kernel, the following vulnerability has been resolved: Octeontx2-af: Add proper checks for fwdata firmware populates MAC address, link modes (supported, advertised) and EEPROM data in s... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-21991 A DTrace component, dtprobed, allows arbitrary file creation through crafted USDT provider names. | 5.5 | MEDIUM | β | 0 |
| CVE-2026-23232 In the Linux kernel, the following vulnerability has been resolved: Revert "f2fs: block cache/dio write during f2fs_enable_checkpoint()" This reverts commit 196c81fdd438f7ac429d5639090a9816abb9760a.... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-20993 Improper export of android application components in Samsung Assistant prior to version 9.3.10.7 allows local attacker to access saved information. | 5.5 | MEDIUM | β | 0 |
| CVE-2026-21000 Improper access control in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store privilege. | 5.5 | MEDIUM | β | 0 |
| CVE-2026-21001 Path traversal in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store privilege. | 5.5 | MEDIUM | β | 0 |
| CVE-2026-21002 Improper verification of cryptographic signature in Galaxy Store prior to version 4.6.03.8 allows local attacker to install arbitrary application. | 5.5 | MEDIUM | β | 0 |
| CVE-2026-29122 International Data Casting (IDC) SFX2100 satellite receiver comes with the `/bin/date`Β utility installed with the setuid bit set. This configuration grants elevated privileges to any local user who ca... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-23384 In the Linux kernel, the following vulnerability has been resolved: RDMA/ionic: Fix kernel stack leak in ionic_create_cq() struct ionic_cq_resp resp { __u32 cqid[2]; // offset 0 - PARTIA... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-31617 In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_ncm: validate minimum block_len in ncm_unwrap_ntb() The block_len read from the host-supplied NTB header is checked... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-31616 In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_phonet: fix skb frags[] overflow in pn_rx_complete() A broken/bored/mean USB host can overflow the skb_shared_info-... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-31615 In the Linux kernel, the following vulnerability has been resolved: usb: gadget: renesas_usb3: validate endpoint index in standard request handlers The GET_STATUS and SET/CLEAR_FEATURE handlers extr... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-31610 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix mechToken leak when SPNEGO decode fails after token alloc The kernel ASN.1 BER decoder calls action callbacks increment... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-31596 In the Linux kernel, the following vulnerability has been resolved: ocfs2: handle invalid dinode in ocfs2_group_extend [BUG] kernel BUG at fs/ocfs2/resize.c:308! Oops: invalid opcode: 0000 [#1] SMP ... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-31595 In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-vntb: Stop cmd_handler work in epf_ntb_epc_cleanup Disable the delayed work before clearing BAR mappings an... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-23381 In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix nd_tbl NULL dereference when IPv6 is disabled When booting with the 'ipv6.disable=1' parameter, the nd_tbl is nev... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-23380 In the Linux kernel, the following vulnerability has been resolved: tracing: Fix WARN_ON in tracing_buffers_mmap_close When a process forks, the child process copies the parent's VMAs but the user_m... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-23375 In the Linux kernel, the following vulnerability has been resolved: mm: thp: deny THP for files on anonymous inodes file_thp_enabled() incorrectly allows THP for files on anonymous inodes (e.g. gues... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-23442 In the Linux kernel, the following vulnerability has been resolved: ipv6: add NULL checks for idev in SRv6 paths __in6_dev_get() can return NULL when the device has no IPv6 configuration (e.g. MTU <... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-23374 In the Linux kernel, the following vulnerability has been resolved: blktrace: fix __this_cpu_read/write in preemptible context tracing_record_cmdline() internally uses __this_cpu_read() and __this_c... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-23330 In the Linux kernel, the following vulnerability has been resolved: nfc: nci: complete pending data exchange on device close In nci_close_device(), complete any pending data exchange before closing.... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-31628 In the Linux kernel, the following vulnerability has been resolved: x86/CPU: Fix FPDSS on Zen1 Zen1's hardware divider can leave, under certain circumstances, partial results from previous operation... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-31621 In the Linux kernel, the following vulnerability has been resolved: bnge: return after auxiliary_device_uninit() in error path When auxiliary_device_add() fails, the error block calls auxiliary_devi... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-25180 Out-of-bounds read in Microsoft Graphics Component allows an unauthorized attacker to disclose information locally. | 5.5 | MEDIUM | β | 0 |
| CVE-2026-31606 In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_hid: don't call cdev_init while cdev in use When calling unbind, then bind again, cdev_init reinitialized the cdev,... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-31592 In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Protect *all* of sev_mem_enc_register_region() with kvm->lock Take and hold kvm->lock for before checking sev_guest() in... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-31593 In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Reject attempts to sync VMSA of an already-launched/encrypted vCPU Reject synchronizing vCPU state to its associated VMS... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-31579 In the Linux kernel, the following vulnerability has been resolved: wireguard: device: use exit_rtnl callback instead of manual rtnl_lock in pre_exit wg_netns_pre_exit() manually acquires rtnl_lock(... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-23370 In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data set_new_password() hex dumps the entire buffer, which contai... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-23368 In the Linux kernel, the following vulnerability has been resolved: net: phy: register phy led_triggers during probe to avoid AB-BA deadlock There is an AB-BA deadlock when both LEDS_TRIGGER_NETDEV ... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-23369 In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Revert "i2c: i801: replace acpi_lock with I2C bus lock" This reverts commit f707d6b9e7c18f669adfdb443906d46cfbaaa0c1. ... | 5.5 | MEDIUM | β | 0 |
| CVE-2018-25256 IP TOOLS 2.50 contains a local buffer overflow vulnerability in the SNMP Scanner component that allows local attackers to crash the application by supplying oversized input. Attackers can paste malici... | 5.5 | MEDIUM | β | 0 |
| CVE-2019-25657 AnyBurn 4.3 x86 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string to the image conversion function. Attackers can ... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-20670 An authorization issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.8.4, macOS Tahoe 26.3. An app may be able to access sensitive user data. | 5.5 | MEDIUM | β | 0 |
| CVE-2026-20668 A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.3, ... | 5.5 | MEDIUM | β | 0 |
| CVE-2025-55264 HCL Aftermarket DPC is affected by Failure to Invalidate Session on Password Change will allow attacker to access to a session, then they can maintain control over the account despite the password cha... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-28852 A stack overflow was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, tvOS 26.4, visionO... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-23366 In the Linux kernel, the following vulnerability has been resolved: drm/client: Do not destroy NULL modes 'modes' in drm_client_modeset_probe may fail to kcalloc. If this occurs, we jump to 'out', ... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-1653 A potential divide by zero vulnerability was reported in the Lenovo Virtual Bus driver used in Smart Connect that could allow a local authenticated user to cause a Windows blue screen error. | 5.5 | MEDIUM | β | 0 |
| CVE-2026-23362 In the Linux kernel, the following vulnerability has been resolved: can: bcm: fix locking for bcm_op runtime updates Commit c2aba69d0c36 ("can: bcm: add locking for bcm_op runtime updates") added a ... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-23314 In the Linux kernel, the following vulnerability has been resolved: regulator: bq257xx: Fix device node reference leak in bq257xx_reg_dt_parse_gpio() In bq257xx_reg_dt_parse_gpio(), if fails to get ... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-23358 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix error handling in slot reset If the device has not recovered after slot reset is called, it goes to out label for ... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-23316 In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix ARM64 alignment fault in multipath hash seed `struct sysctl_fib_multipath_hash_seed` contains two u32 fields (user_... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-5679 A security vulnerability has been detected in Totolink A3300R 17.0.0cu.557_B20221024. The impacted element is the function vsetTr069Cfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argume... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-5683 A vulnerability was found in Tenda CX12L 16.03.53.12. Affected by this vulnerability is the function fromP2pListFilter of the file /goform/P2pListFilter. Performing a manipulation of the argument page... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-28452 OpenClaw versions prior to 2026.2.14 contain a denial of service vulnerability in the extractArchive function within src/infra/archive.ts that allows attackers to consume excessive CPU, memory, and di... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-23352 In the Linux kernel, the following vulnerability has been resolved: x86/efi: defer freeing of boot services memory efi_free_boot_services() frees memory occupied by EFI_BOOT_SERVICES_CODE and EFI_BO... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-23338 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Do not allow userspace to trivially triger kernel warnings Userspace can either deliberately pass in the too sma... | 5.5 | MEDIUM | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.