|
1301
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
spi: spi-fsl-lpspi: fix teardown order issue (UAF)
There is a teardown order issue in the driver. The SPI controller is
registere…
|
CWE-416
Use After Free
|
CVE-2026-31485
|
2026-04-28 22:12 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1302
|
7.1 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
hwmon: (pmbus/core) Protect regulator operations with mutex
The regulator operations pmbus_regulator_get_voltage(),
pmbus_regulat…
|
CWE-667
Improper Locking
|
CVE-2026-31486
|
2026-04-28 22:06 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1303
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
spi: use generic driver_override infrastructure
When a driver is probed through __driver_attach(), the bus' match()
callback is c…
|
CWE-667
Improper Locking
|
CVE-2026-31487
|
2026-04-28 22:05 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1304
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Do not skip unrelated mode changes in DSC validation
Starting with commit 17ce8a6907f7 ("drm/amd/display: Add ds…
|
CWE-416
Use After Free
|
CVE-2026-31488
|
2026-04-28 21:58 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1305
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
spi: meson-spicc: Fix double-put in remove path
meson_spicc_probe() registers the controller with
devm_spi_register_controller(),…
|
CWE-415
Double Free
|
CVE-2026-31489
|
2026-04-28 21:57 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1306
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/xe/pf: Fix use-after-free in migration restore
When an error is returned from xe_sriov_pf_migration_restore_produce(),
the da…
|
CWE-416
Use After Free
|
CVE-2026-31490
|
2026-04-28 21:52 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1307
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
RDMA/irdma: Harden depth calculation functions
An issue was exposed where OS can pass in U32_MAX for SQ/RQ/SRQ size.
This can cau…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-31491
|
2026-04-28 21:51 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1308
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
RDMA/irdma: Initialize free_qp completion before using it
In irdma_create_qp, if ib_copy_to_udata fails, it will call
irdma_destr…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2026-31492
|
2026-04-28 21:46 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1309
|
9.6 |
CRITICAL
Network
|
microsoft
|
partner_center
|
Improper access control in Microsoft Partner Center allows an authorized attacker to elevate privileges over a network.
|
CWE-284
Improper Access Control
|
CVE-2026-24303
|
2026-04-28 21:11 |
2026-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1310
|
10.0 |
CRITICAL
Network
|
microsoft
|
entra_id
|
Server-side request forgery (ssrf) in Microsoft Entra ID Entitlement Management allows an unauthorized attacker to perform spoofing over a network.
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-35431
|
2026-04-28 21:10 |
2026-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
