Export limit exceeded: 361387 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361387 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-5952 | 1 Gitlab | 1 Gitlab | 2026-06-25 | 4.3 Medium |
| GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.11 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with developer-role permissions to bypass package protection rules and overwrite protected Maven package metadata due to incorrect authorization checks. | ||||
| CVE-2026-8330 | 1 Gitlab | 1 Gitlab | 2026-06-25 | 4.4 Medium |
| GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.3 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed sensitive information to be written to application logs due to insufficient filtering in a CI/CD API endpoint. | ||||
| CVE-2026-11379 | 1 Gitlab | 1 Gitlab | 2026-06-25 | 5.3 Medium |
| GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 prior to 18.11.6, 19.0 prior to 19.0.3, and 19.1 prior to 19.1.1 in which incorrect authorization in DAST site profile management could allow a user with Developer role to exfiltrate DAST site profile secrets under certain conditions. | ||||
| CVE-2026-12053 | 1 Gitlab | 1 Gitlab | 2026-06-25 | 8.6 High |
| GitLab has remediated an issue in GitLab EE affecting all versions from 19.1 before 19.1.1 that under certain conditions could have allowed a user to access sensitive information that had already been committed to a project, due to insufficient output filtering in Duo Workflows. | ||||
| CVE-2026-12635 | 1 Gitlab | 1 Gitlab | 2026-06-25 | 0 Low |
| GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.3 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with maintainer-role permissions to make requests to internal network resources through mirror synchronization due to improper URL validation. | ||||
| CVE-2025-26466 | 4 Canonical, Debian, Openbsd and 1 more | 6 Ubuntu Linux, Debian Linux, Openssh and 3 more | 2026-06-25 | 5.9 Medium |
| A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack. | ||||
| CVE-2026-53116 | 1 Linux | 1 Linux Kernel | 2026-06-25 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: s390/ap: use generic driver_override infrastructure When the AP masks are updated via apmask_store() or aqmask_store(), ap_bus_revise_bindings() is called after ap_attr_mutex has been released. This calls __ap_revise_reserved(), which accesses the driver_override field without holding any lock, racing against a concurrent driver_override_store() that may free the old string, resulting in a potential UAF. Fix this by using the driver-core driver_override infrastructure, which protects all accesses with an internal spinlock. Note that unlike most other buses, the AP bus does not check driver_override in its match() callback; the override is checked in ap_device_probe() and __ap_revise_reserved() instead. Also note that we do not enable the driver_override feature of struct bus_type, as AP - in contrast to most other buses - passes "" to sysfs_emit() when the driver_override pointer is NULL. Thus, printing "\n" instead of "(null)\n". Additionally, AP has a custom counter that is modified in the corresponding custom driver_override_store(). | ||||
| CVE-2026-53123 | 1 Linux | 1 Linux Kernel | 2026-06-25 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: md: wake raid456 reshape waiters before suspend During raid456 reshape, direct IO across the reshape position can sleep in raid5_make_request() waiting for reshape progress while still holding an active_io reference. If userspace then freezes reshape and writes md/suspend_lo or md/suspend_hi, mddev_suspend() kills active_io and waits for all in-flight IO to drain. This can deadlock: the IO needs reshape progress to continue, but the reshape thread is already frozen, so the active_io reference is never dropped and suspend never completes. raid5_prepare_suspend() already wakes wait_for_reshape for dm-raid. Do the same for normal md suspend when reshape is already interrupted, so waiting raid456 IO can abort, drop its reference, and let suspend finish. The mdadm test tests/25raid456-reshape-deadlock reproduces the hang. | ||||
| CVE-2025-2784 | 2 Gnome, Redhat | 27 Libsoup, Codeready Linux Builder, Codeready Linux Builder For Arm64 and 24 more | 2026-06-25 | 7 High |
| A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_insight_whitespace() function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server. | ||||
| CVE-2024-45783 | 1 Redhat | 3 Enterprise Linux, Openshift, Rhivos | 2026-06-25 | 4.4 Medium |
| A flaw was found in grub2. When failing to mount an HFS+ grub, the hfsplus filesystem driver doesn't properly set an ERRNO value. This issue may lead to a NULL pointer access. | ||||
| CVE-2024-45782 | 2 Gnu, Redhat | 5 Grub2, Enterprise Linux, Openshift and 2 more | 2026-06-25 | 7.8 High |
| A flaw was found in the HFS filesystem. When reading an HFS volume's name at grub_fs_mount(), the HFS filesystem driver performs a strcpy() using the user-provided volume name as input without properly validating the volume name's length. This issue may read to a heap-based out-of-bounds writer, impacting grub's sensitive data integrity and eventually leading to a secure boot protection bypass. | ||||
| CVE-2024-45781 | 1 Redhat | 3 Enterprise Linux, Openshift, Rhivos | 2026-06-25 | 6.7 Medium |
| A flaw was found in grub2. When reading a symbolic link's name from a UFS filesystem, grub2 fails to validate the string length taken as an input. The lack of validation may lead to a heap out-of-bounds write, causing data integrity issues and eventually allowing an attacker to circumvent secure boot protections. | ||||
| CVE-2024-45780 | 1 Redhat | 3 Enterprise Linux, Openshift, Rhivos | 2026-06-25 | 6.7 Medium |
| A flaw was found in grub2. When reading tar files, grub2 allocates an internal buffer for the file name. However, it fails to properly verify the allocation against possible integer overflows. It's possible to cause the allocation length to overflow with a crafted tar file, leading to a heap out-of-bounds write. This flaw eventually allows an attacker to circumvent secure boot protections. | ||||
| CVE-2024-45779 | 2 Gnu, Redhat | 4 Grub2, Enterprise Linux, Openshift and 1 more | 2026-06-25 | 6 Medium |
| An integer overflow flaw was found in the BFS file system driver in grub2. When reading a file with an indirect extent map, grub2 fails to validate the number of extent entries to be read. A crafted or corrupted BFS filesystem may cause an integer overflow during the file reading, leading to a heap of bounds read. As a consequence, sensitive data may be leaked, or grub2 will crash. | ||||
| CVE-2024-45778 | 2 Gnu, Redhat | 5 Grub2, Enterprise Linux, Openshift and 2 more | 2026-06-25 | 4.1 Medium |
| A stack overflow flaw was found when reading a BFS file system. A crafted BFS filesystem may lead to an uncontrolled loop, causing grub2 to crash. | ||||
| CVE-2024-45777 | 2 Gnu, Redhat | 4 Grub2, Enterprise Linux, Openshift and 1 more | 2026-06-25 | 6.7 Medium |
| A flaw was found in grub2. The calculation of the translation buffer when reading a language .mo file in grub_gettext_getstr_from_position() may overflow, leading to a Out-of-bound write. This issue can be leveraged by an attacker to overwrite grub2's sensitive heap data, eventually leading to the circumvention of secure boot protections. | ||||
| CVE-2024-45776 | 1 Redhat | 3 Enterprise Linux, Openshift, Rhivos | 2026-06-25 | 6.7 Medium |
| When reading the language .mo file in grub_mofile_open(), grub2 fails to verify an integer overflow when allocating its internal buffer. A crafted .mo file may lead the buffer size calculation to overflow, leading to out-of-bound reads and writes. This flaw allows an attacker to leak sensitive data or overwrite critical data, possibly circumventing secure boot protections. | ||||
| CVE-2024-45774 | 1 Redhat | 3 Enterprise Linux, Openshift, Rhivos | 2026-06-25 | 6.7 Medium |
| A flaw was found in grub2. A specially crafted JPEG file can cause the JPEG parser of grub2 to incorrectly check the bounds of its internal buffers, resulting in an out-of-bounds write. The possibility of overwriting sensitive information to bypass secure boot protections is not discarded. | ||||
| CVE-2024-12747 | 1 Redhat | 4 Discovery, Enterprise Linux, Openshift and 1 more | 2026-06-25 | 5.6 Medium |
| A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symbolic links. Rsync's default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass the default behavior and traverse symbolic links. Depending on the privileges of the rsync process, an attacker could leak sensitive information, potentially leading to privilege escalation. | ||||
| CVE-2024-12088 | 8 Almalinux, Archlinux, Gentoo and 5 more | 22 Almalinux, Arch Linux, Linux and 19 more | 2026-06-25 | 6.5 Medium |
| A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory. | ||||