Export limit exceeded: 357335 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (357335 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-46183 | 1 Linux | 1 Linux Kernel | 2026-06-11 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-schemes: protect path kfree() with damon_sysfs_lock damon_sysfs_quot_goal->path can be read and written by users, via DAMON sysfs 'path' file. It can also be indirectly read, for the parameters {on,off}line committing to DAMON. The reads for parameters committing are protected by damon_sysfs_lock to avoid the sysfs files being destroyed while any of the parameters are being read. But the user-driven direct reads and writes are not protected by any lock, while the write is deallocating the path-pointing buffer. As a result, the readers could read the already freed buffer (user-after-free). Note that the user-reads don't race when the same open file is used by the writer, due to kernfs's open file locking. Nonetheless, doing the reads and writes with separate open files would be common. Fix it by protecting both the user-direct reads and writes with damon_sysfs_lock. | ||||
| CVE-2026-46182 | 1 Linux | 1 Linux Kernel | 2026-06-11 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: pseries/papr-hvpipe: Prevent kernel stack memory leak to userspace The hdr variable is allocated on the stack and only hdr.version and hdr.flags are initialized explicitly. Because the struct papr_hvpipe_hdr contains reserved padding bytes (reserved[3] and reserved2[40]), these could leak the uninitialized bytes to userspace after copy_to_user(). This patch fixes that by initializing the whole struct to 0. | ||||
| CVE-2026-46181 | 1 Linux | 1 Linux Kernel | 2026-06-11 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event() Sashiko points out the radix_tree itself is RCU safe, but nothing ever frees the mlx4_srq struct with RCU, and it isn't even accessed within the RCU critical section. It also will crash if an event is delivered before the srq object is finished initializing. Use the spinlock since it isn't easy to make RCU work, use refcount_inc_not_zero() to protect against partially initialized objects, and order the refcount_set() to be after the srq is fully initialized. | ||||
| CVE-2026-46180 | 1 Linux | 1 Linux Kernel | 2026-06-11 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix potential use-after-free issue when stopping watchdog task Watchdog task might end between send_sig() and kthread_stop() calls, what results in the use-after-free issue. Fix this by increasing watchdog task reference count before calling send_sig() and dropping it by switching to kthread_stop_put(). | ||||
| CVE-2026-46179 | 1 Linux | 1 Linux Kernel | 2026-06-11 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Don't allow pointer operations on unconfigured streams When reporting the pointer for a compressed stream we report the current I/O frame position by dividing the position by the number of channels multiplied by the number of container bytes. These values default to 0 and are only configured as part of setting the stream parameters so this allows a divide by zero to be configured. Validate that they are non zero, returning an error if not | ||||
| CVE-2022-26758 | 1 Apple | 1 Macos Monterey | 2026-06-11 | 7.1 High |
| A malicious application may cause unexpected changes in memory shared between processes. A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4. | ||||
| CVE-2022-48575 | 1 Apple | 1 Macos Monterey | 2026-06-11 | 3.5 Low |
| A person with access to a Mac may be able to bypass Login Window. A consistency issue was addressed with improved state handling. This issue is fixed in macOS Monterey 12.4. | ||||
| CVE-2026-46178 | 1 Linux | 1 Linux Kernel | 2026-06-11 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx4: Fix resource leak on error in mlx4_ib_create_srq() Sashiko points out that mlx4_srq_alloc() was not undone during error unwind, add the missing call to mlx4_srq_free(). | ||||
| CVE-2026-24197 | 1 Nvidia | 7 Geforce, Gpu Display Driver, Nvs and 4 more | 2026-06-11 | 6.5 Medium |
| NVIDIA Display Driver for Linux contains a vulnerability in the Multi-Instance GPU (MIG) partition management, where an insecure default initialization of memory subsystem routing resources could lead to data corruption or a hang during partition reconfiguration. A successful exploit of this vulnerability might lead to denial of service. | ||||
| CVE-2026-24196 | 1 Nvidia | 7 Geforce, Gpu Display Driver, Guest Driver and 4 more | 2026-06-11 | 7.1 High |
| NVIDIA Display Driver for Linux contains a vulnerability where a user could cause an out-of-bounds read. A successful exploit of this vulnerability might lead to denial of service and information disclosure. | ||||
| CVE-2026-24195 | 1 Nvidia | 2 Gpu Display Driver, Guest Driver | 2026-06-11 | 7.1 High |
| NVIDIA Display Driver for Linux contains a vulnerability in UVM, where a user could cause improper input validation. A successful exploit of this vulnerability might lead to denial of service. | ||||
| CVE-2026-24194 | 1 Nvidia | 7 Geforce, Gpu Display Driver, Guest Driver and 4 more | 2026-06-11 | 7.8 High |
| NVIDIA Display Driver for Linux contains a vulnerability in a kernel mode layer handler, where a user could cause improper permission handling. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution. | ||||
| CVE-2026-24193 | 1 Nvidia | 6 Geforce, Gpu Display Driver, Nvs and 3 more | 2026-06-11 | 7.8 High |
| NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could cause an out-of-bounds write. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution. | ||||
| CVE-2026-24192 | 1 Nvidia | 7 Geforce, Gpu Display Driver, Nvs and 4 more | 2026-06-11 | 7.8 High |
| NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause an incorrect conversion between numeric types, leading to a heap buffer overflow. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution. | ||||
| CVE-2026-24191 | 1 Nvidia | 8 Geforce, Gpu Display Driver, Guest Driver and 5 more | 2026-06-11 | 7.8 High |
| NVIDIA Display Driver for Windows contains a vulnerability where an attacker could cause a time-of-check time-of-use issue. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution. | ||||
| CVE-2026-24190 | 1 Nvidia | 7 Geforce, Gpu Display Driver, Nvs and 4 more | 2026-06-11 | 7.8 High |
| NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user could cause improper access to GPU resources. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution. | ||||
| CVE-2026-24187 | 1 Nvidia | 8 Geforce, Gpu Display Driver, Guest Driver and 5 more | 2026-06-11 | 8.8 High |
| NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution. | ||||
| CVE-2025-33221 | 1 Nvidia | 7 Geforce, Gpu Display Driver, Guest Driver and 4 more | 2026-06-11 | 4.4 Medium |
| NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successful exploit of this vulnerability might lead to data tampering and denial of service. | ||||
| CVE-2026-24182 | 1 Nvidia | 8 Geforce, Gpu Display Driver, Guest Driver and 5 more | 2026-06-11 | 6.5 Medium |
| NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could leak held driver locks. A successful exploit of this vulnerability might lead to denial of service. | ||||
| CVE-2026-36784 | 1 Tenda | 1 O3 Wireless Router | 2026-06-11 | 7.5 High |
| Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router v1.0.0.5(4180) was discovered to contain a stack overflow in the ip parameter of the fromNetToolGet function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a HTTP request. | ||||