|
2001
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: airoha: Fix memory leak in airoha_qdma_rx_process()
If an error occurs on the subsequents buffers belonging to the
non-linea…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2026-43102
|
2026-05-12 02:34 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2002
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: lapbether: handle NETDEV_PRE_TYPE_CHANGE
lapbeth_data_transmit() expects the underlying device type
to be ARPHRD_ETHER.
Ret…
|
NVD-CWE-noinfo
|
CVE-2026-43103
|
2026-05-12 02:33 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2003
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/vc4: Fix a memory leak in hang state error path
When vc4_save_hang_state() encounters an early return condition, it
returns w…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2026-43104
|
2026-05-12 02:32 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2004
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/vc4: Fix memory leak of BO array in hang state
The hang state's BO array is allocated separately with kzalloc() in
vc4_save_h…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2026-43105
|
2026-05-12 02:32 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2005
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
cachefiles: fix incorrect dentry refcount in cachefiles_cull()
The patch mentioned below changed cachefiles_bury_object() to expe…
|
NVD-CWE-Other
|
CVE-2026-43106
|
2026-05-12 02:31 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2006
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
xfrm: account XFRMA_IF_ID in aevent size calculation
xfrm_get_ae() allocates the reply skb with xfrm_aevent_msgsize(), then
build…
|
CWE-131
Incorrect Calculation of Buffer Size
|
CVE-2026-43107
|
2026-05-12 02:30 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2007
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
soc: qcom: pd-mapper: Fix element length in servreg_loc_pfr_req_ei
It looks element length declared in servreg_loc_pfr_req_ei for…
|
NVD-CWE-noinfo
|
CVE-2026-43108
|
2026-05-12 02:27 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2008
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
x86: shadow stacks: proper error handling for mmap lock
김영민 reports that shstk_pop_sigframe() doesn't check for errors from
mmap_…
|
NVD-CWE-noinfo
|
CVE-2026-43109
|
2026-05-12 02:25 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2009
|
4.3 |
MEDIUM
Network
|
weblate
|
weblate
|
Weblate is a web based localization tool. Prior to version 5.17.1, the screenshots, tasks, and component link API allowed for the enumeration of translations in a project inaccessible to the user. Th…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2026-44263
|
2026-05-12 02:24 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2010
|
7.5 |
HIGH
Network
|
prometheus
|
prometheus
|
Prometheus is an open-source monitoring system and time series database. Prior to versions 3.5.3 and 3.11.3, the remote read endpoint (/api/v1/read) does not validate the declared decoded length in a…
|
CWE-400
CWE-789
Uncontrolled Resource Consumption
Memory Allocation with Excessive Size Value
|
CVE-2026-42154
|
2026-05-12 02:22 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
