|
3251
|
8.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
iommupt: Fix short gather if the unmap goes into a large mapping
unmap has the odd behavior that it can unmap more than requested…
|
NVD-CWE-noinfo
|
CVE-2026-31735
|
2026-05-8 01:52 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3252
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
sched_ext: Fix is_bpf_migration_disabled() false negative on non-PREEMPT_RCU
Since commit 8e4f0b1ebcf2 ("bpf: use rcu_read_lock_d…
|
NVD-CWE-noinfo
|
CVE-2026-31734
|
2026-05-8 01:50 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3253
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
sched_ext: Fix stale direct dispatch state in ddsp_dsq_id
@p->scx.ddsp_dsq_id can be left set (non-SCX_DSQ_INVALID) triggering a
…
|
NVD-CWE-noinfo
|
CVE-2026-31733
|
2026-05-8 01:44 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3254
|
5.7 |
MEDIUM
Network
|
hcltech
|
bigfix_service_management
|
HHCL BigFix Service Management (SM) is affected by a Cross‑Site Request Forgery (CSRF) vulnerability. This could lead to unauthorized changes or exposure of sensitive data.
|
CWE-352
Origin Validation Error
|
CVE-2025-31957
|
2026-05-8 01:35 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3255
|
3.5 |
LOW
Network
|
hcltech
|
bigfix_service_management
|
HCL BigFix Service Management (SM) application fails to strip EXIF metadata from uploaded images. This could lead to confidentiality and privacy risks if sensitive location information is unintentio…
|
CWE-1230
Exposure of Sensitive Information Through Metadata
|
CVE-2025-31959
|
2026-05-8 01:35 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3256
|
5.3 |
MEDIUM
Network
|
hcltech
|
bigfix_service_management
|
HCL BigFix Service Management (SM) is affected by an Information Disclosure – Server Banner issue was identified. Exposed server banners may reveal software versions and system details, potentially a…
|
CWE-200
Information Exposure
|
CVE-2025-31975
|
2026-05-8 01:33 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3257
|
7.5 |
HIGH
Network
|
hcltech
|
bigfix_service_management
|
HCL BigFix Service Management (SM) is vulnerable to insufficiently protected credentials for a short duration while communicating with a backend, internal application which could allow an attacker to…
|
CWE-200
CWE-522
Information Exposure
Insufficiently Protected Credentials
|
CVE-2025-31976
|
2026-05-8 01:30 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3258
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
usb: gadget: uvc: fix NULL pointer dereference during unbind race
Commit b81ac4395bbe ("usb: gadget: uvc: allow for application t…
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-31726
|
2026-05-8 01:26 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3259
|
4.6 |
MEDIUM
Network
|
hcltech
|
bigfix_service_management
|
HCL BigFix Service Management (SM) does not adequately sanitize or safely render spreadsheet files (CSV, XLS, XLSX) before processing or distributing them. An attacker could populate data fields whic…
|
CWE-201
Insertion of Sensitive Information Into Sent Data
|
CVE-2025-31978
|
2026-05-8 01:26 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3260
|
5.4 |
MEDIUM
Network
|
hcltech
|
bigfix_service_management
|
HCL BigFix Service Management (SM) is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header. This could allow browsers to perform MIME-type sniffing, p…
|
CWE-200
Information Exposure
|
CVE-2025-31984
|
2026-05-8 01:25 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
