|
2251
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
ALSA: caiaq: fix stack out-of-bounds read in init_card
The loop creates a whitespace-stripped copy of the card shortname
where `l…
|
-
|
CVE-2026-31778
|
2026-05-2 00:24 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2252
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
spi: stm32-ospi: Fix resource leak in remove() callback
The remove() callback returned early if pm_runtime_resume_and_get()
faile…
|
-
|
CVE-2026-43004
|
2026-05-2 00:24 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2253
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
hwmon: (tps53679) Fix array access with zero-length block read
i2c_smbus_read_block_data() can return 0, indicating a zero-length…
|
-
|
CVE-2026-43005
|
2026-05-2 00:24 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2254
|
6.5 |
MEDIUM
Network
|
wazuh
|
wazuh
|
Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.0.0 to before version 4.14.4, multiple heap-based out-of-bounds WRITE vulnerabilities exis…
|
CWE-124
CWE-191
Buffer Underflow
Integer Underflow (Wrap or Wraparound)
|
CVE-2026-41499
|
2026-05-1 22:01 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2255
|
9.8 |
CRITICAL
Network
|
arc53
|
docsgpt
|
DocsGPT is a GPT-powered chat for documentation. From version 0.15.0 to before version 0.16.0, an attacker accessing both the official DocsGPT website or any local and public deployment, can craft a …
|
CWE-77
Command Injection
|
CVE-2026-26015
|
2026-05-1 21:56 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2256
|
7.5 |
HIGH
Network
|
postgresql
|
postgresql_jdbc_driver
|
pgjdbc is an open source postgresql JDBC Driver. From version 42.2.0 to before version 42.7.11, pgjdbc is vulnerable to a client-side denial of service during SCRAM-SHA-256 authentication. A maliciou…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-42198
|
2026-05-1 21:51 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2257
|
7.8 |
HIGH
Local
|
freebsd
|
freebsd
|
An operator precedence bug in the kernel results in a scenario where a buffer overflow causes attacker-controlled data to overwrite adjacent execve(2) argument buffers.
The bug may be exploitable by…
|
CWE-783
Operator Precedence Logic Error
|
CVE-2026-7270
|
2026-05-1 21:47 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2258
|
7.5 |
HIGH
Network
|
freebsd
|
freebsd
|
Incorrect packet validation allowed unbounded recursion parsing SCTP chunk parameters. This can eventually result in a stack overflow and panic.
Remote attackers can craft packets which cause affec…
|
CWE-674
CWE-791
Uncontrolled Recursion
Incomplete Filtering of Special Elements
|
CVE-2026-7164
|
2026-05-1 21:46 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2259
|
7.8 |
HIGH
Local
|
freebsd
|
freebsd
|
When exchanging data over a socket, libnv uses select(2) to wait for data to arrive. However, it does not verify whether the provided socket descriptor fits in select(2)'s file descriptor set size l…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-39457
|
2026-05-1 21:41 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2260
|
7.5 |
HIGH
Network
|
mozilla
|
firefox
thunderbird
|
Information disclosure due to incorrect boundary conditions in the Audio/Video component. This vulnerability was fixed in Firefox 150.0.1, Firefox ESR 140.10.1, Firefox ESR 115.35.1, Thunderbird 150.…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2026-7320
|
2026-05-1 21:32 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
