Vulnerabilites CVE
Base de donnees CVE enrichie avec CISA KEV et NVD
| CVE ID | CVSS | Severite | KEV | Observations |
|---|---|---|---|---|
| CVE-2026-23152 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: correctly decode TTLM with default link map TID-To-Link Mapping (TTLM) elements do not contain any link mapping pr... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-23151 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix memory leak in set_ssp_complete Fix memory leak in set_ssp_complete() where mgmt_pending_cmd structures are n... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-23166 In the Linux kernel, the following vulnerability has been resolved: ice: Fix NULL pointer dereference in ice_vsi_set_napi_queues Add NULL pointer checks in ice_vsi_set_napi_queues() to prevent crash... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-23150 In the Linux kernel, the following vulnerability has been resolved: nfc: llcp: Fix memleak in nfc_llcp_send_ui_frame(). syzbot reported various memory leaks related to NFC, struct nfc_llcp_sock, sk_... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21358 InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in application denial-of-service. An attacker could exploit this vulnera... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21350 After Effects versions 25.6 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash... | 5.5 | MEDIUM | — | 0 |
| CVE-2025-71229 In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: Fix alignment fault in rtw_core_enable_beacon() rtw_core_enable_beacon() reads 4 bytes from an address that is not a ... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21339 Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sen... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21338 Substance3D - Designer versions 15.1.0 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerabili... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-23219 In the Linux kernel, the following vulnerability has been resolved: mm/slab: Add alloc_tagging_slab_free_hook for memcg_alloc_abort_single When CONFIG_MEM_ALLOC_PROFILING_DEBUG is enabled, the follo... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21332 InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sen... | 5.5 | MEDIUM | — | 0 |
| CVE-2025-71227 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't WARN for connections on invalid channels It's not clear (to me) how exactly syzbot managed to hit this, but ... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-23149 In the Linux kernel, the following vulnerability has been resolved: drm: Do not allow userspace to trigger kernel warnings in drm_gem_change_handle_ioctl() Since GEM bo handles are u32 in the uapi a... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-23211 In the Linux kernel, the following vulnerability has been resolved: mm, swap: restore swap_space attr aviod kernel panic commit 8b47299a411a ("mm, swap: mark swap address space ro and add context de... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-23147 In the Linux kernel, the following vulnerability has been resolved: btrfs: zlib: fix the folio leak on S390 hardware acceleration [BUG] After commit aa60fe12b4f4 ("btrfs: zlib: refactor S390x HW acc... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-23146 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_uart: fix null-ptr-deref in hci_uart_write_work hci_uart_set_proto() sets HCI_UART_PROTO_INIT before calling hci_ua... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-23144 In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: cleanup attrs subdirs on context dir setup failure When a context DAMON sysfs directory setup is failed after setu... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-23143 In the Linux kernel, the following vulnerability has been resolved: virtio_net: Fix misalignment bug in struct virtnet_info Use the new TRAILING_OVERLAP() helper to fix a misalignment bug along with... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-23142 In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-scheme: cleanup access_pattern subdirs on scheme dir setup failure When a DAMOS-scheme DAMON sysfs directory setup ... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21317 Audition versions 25.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive informati... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21316 Audition versions 25.3 and earlier are affected by an Access of Memory Location After End of Buffer vulnerability that could lead to application denial-of-service. An attacker could exploit this vulne... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21315 Audition versions 25.3 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21314 Audition versions 25.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive informati... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21313 Audition versions 25.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive informati... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21261 Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21336 Substance3D - Designer versions 15.1.0 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerabili... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21258 Improper input validation in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | 5.5 | MEDIUM | — | 0 |
| CVE-2026-23137 In the Linux kernel, the following vulnerability has been resolved: of: unittest: Fix memory leak in unittest_data_add() In unittest_data_add(), if of_resolve_phandles() fails, the allocated unittes... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-23135 In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix dma_free_coherent() pointer dma_alloc_coherent() allocates a DMA mapped buffer and stores the addresses in XXX_u... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-23064 In the Linux kernel, the following vulnerability has been resolved: net/sched: act_ife: avoid possible NULL deref tcf_ife_encode() must make sure ife_encode() does not return NULL. syzbot reported:... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-23134 In the Linux kernel, the following vulnerability has been resolved: slab: fix kmalloc_nolock() context check for PREEMPT_RT On PREEMPT_RT kernels, local_lock becomes a sleeping lock. The current che... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-23063 In the Linux kernel, the following vulnerability has been resolved: uacce: ensure safe queue release with state management Directly calling `put_queue` carries risks since it cannot guarantee that r... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-23133 In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: fix dma_free_coherent() pointer dma_alloc_coherent() allocates a DMA mapped buffer and stores the addresses in XXX_u... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-23132 In the Linux kernel, the following vulnerability has been resolved: drm/bridge: synopsys: dw-dp: fix error paths of dw_dp_bind Fix several issues in dw_dp_bind() error handling: 1. Missing return a... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-25122 apko allows users to build and publish OCI container images built from apk packages. From version 0.14.8 to before 1.1.0, expandapk.Split drains the first gzip stream of an APK archive via io.Copy(io.... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-23062 In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix kernel panic in GET_INSTANCE_ID macro The GET_INSTANCE_ID macro that caused a kernel panic when acce... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-23213 In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Disable MMIO access during SMU Mode 1 reset During Mode 1 reset, the ASIC undergoes a reset cycle and becomes temporar... | 5.5 | MEDIUM | — | 0 |
| CVE-2025-71202 In the Linux kernel, the following vulnerability has been resolved: iommu/sva: invalidate stale IOTLB entries for kernel address space Introduce a new IOMMU interface to flush IOTLB paging cache ent... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-23131 In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix kobject warnings for empty attribute names The hp-bioscfg driver attempts to register kobjects with ... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21319 After Effects versions 25.6 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive inform... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-23130 In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix dead lock while flushing management frames Commit [1] converted the management transmission work item into a wip... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-23129 In the Linux kernel, the following vulnerability has been resolved: dpll: Prevent duplicate registrations Modify the internal registration helpers dpll_xa_ref_{dpll,pin}_add() to reject duplicate re... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-23145 In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref The error branch for ext4_xattr_inode_update_ref forget to release the refco... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-23061 In the Linux kernel, the following vulnerability has been resolved: can: kvaser_usb: kvaser_usb_read_bulk_callback(): fix URB memory leak Fix similar memory leak as in commit 7352e1d5932a ("can: gs_... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-23128 In the Linux kernel, the following vulnerability has been resolved: arm64: Set __nocfi on swsusp_arch_resume() A DABT is reported[1] on an android based system when resume from hiberate. This happen... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-23127 In the Linux kernel, the following vulnerability has been resolved: perf: Fix refcount warning on event->mmap_count increment When calling refcount_inc(&event->mmap_count) inside perf_mmap_rb(), the... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-23125 In the Linux kernel, the following vulnerability has been resolved: sctp: move SCTP_CMD_ASSOC_SHKEY right after SCTP_CMD_PEER_INIT A null-ptr-deref was reported in the SCTP transmit path when SCTP-A... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-21222 Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally. | 5.5 | MEDIUM | — | 0 |
| CVE-2026-23140 In the Linux kernel, the following vulnerability has been resolved: bpf, test_run: Subtract size of xdp_frame from allowed metadata size The xdp_frame structure takes up part of the XDP frame headro... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-23123 In the Linux kernel, the following vulnerability has been resolved: interconnect: debugfs: initialize src_node and dst_node to empty strings The debugfs_create_str() API assumes that the string poin... | 5.5 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.