Total
29891 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-50012 | 1 Linux | 1 Linux Kernel | 2026-06-01 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: cpufreq: Avoid a bad reference count on CPU node In the parse_perf_domain function, if the call to of_parse_phandle_with_args returns an error, then the reference to the CPU device node that was acquired at the start of the function would not be properly decremented. Address this by declaring the variable with the __free(device_node) cleanup attribute. | |||||
| CVE-2022-49183 | 1 Linux | 1 Linux Kernel | 2026-06-01 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: net/sched: act_ct: fix ref leak when switching zones When switching zones or network namespaces without doing a ct clear in between, it is now leaking a reference to the old ct entry. That's because tcf_ct_skb_nfct_cached() returns false and tcf_ct_flow_table_lookup() may simply overwrite it. The fix is to, as the ct entry is not reusable, free it already at tcf_ct_skb_nfct_cached(). | |||||
| CVE-2024-12136 | 1 Elfatek | 2 Anka Jpd00028, Anka Jpd00028 Firmware | 2026-06-01 | N/A | 6.9 MEDIUM |
| Missing Critical Step in Authentication vulnerability in Elfatek Elektronics ANKA JPD-00028 allows Authentication Bypass. This issue affects ANKA JPD-00028: before V.01.01. | |||||
| CVE-2016-3115 | 2 Openbsd, Oracle | 2 Openssh, Vm Server | 2026-05-29 | 5.5 MEDIUM | 6.4 MEDIUM |
| Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions. | |||||
| CVE-2010-5107 | 1 Openbsd | 1 Openssh | 2026-05-29 | 5.0 MEDIUM | 7.5 HIGH |
| The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections. | |||||
| CVE-2016-20012 | 2 Netapp, Openbsd | 5 Clustered Data Ontap, Hci Management Node, Ontap Select Deploy Administration Utility and 2 more | 2026-05-29 | 4.3 MEDIUM | 5.3 MEDIUM |
| OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product | |||||
| CVE-2026-23291 | 1 Linux | 1 Linux Kernel | 2026-05-29 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: properly drop the usb interface reference on disconnect When the device is disconnected from the driver, there is a "dangling" reference count on the usb interface that was grabbed in the probe callback. Fix this up by properly dropping the reference after we are done with it. | |||||
| CVE-2014-0759 | 1 Schneider-electric | 1 Floating License Manager | 2026-05-28 | 6.9 MEDIUM | 5.9 MEDIUM |
| Unquoted Windows search path vulnerability in Schneider Electric Floating License Manager 1.0.0 through 1.4.0 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character. | |||||
| CVE-1999-0632 | 2026-05-28 | N/A | 7.3 HIGH | ||
| The RPC portmapper service is running. | |||||
| CVE-1999-0517 | 2 Hp, Sun | 2 Hp-ux, Sunos | 2026-05-28 | 7.5 HIGH | 5.9 MEDIUM |
| An SNMP community name is the default (e.g. public), null, or missing. | |||||
| CVE-1999-0511 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-05-28 | 7.5 HIGH | 9.1 CRITICAL |
| IP forwarding is enabled on a machine which is not a router or firewall. | |||||
| CVE-2026-23296 | 1 Linux | 1 Linux Kernel | 2026-05-26 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix refcount leak for tagset_refcnt This leak will cause a hang when tearing down the SCSI host. For example, iscsid hangs with the following call trace: [130120.652718] scsi_alloc_sdev: Allocation failure during SCSI scanning, some SCSI devices might not be configured PID: 2528 TASK: ffff9d0408974e00 CPU: 3 COMMAND: "iscsid" #0 [ffffb5b9c134b9e0] __schedule at ffffffff860657d4 #1 [ffffb5b9c134ba28] schedule at ffffffff86065c6f #2 [ffffb5b9c134ba40] schedule_timeout at ffffffff86069fb0 #3 [ffffb5b9c134bab0] __wait_for_common at ffffffff8606674f #4 [ffffb5b9c134bb10] scsi_remove_host at ffffffff85bfe84b #5 [ffffb5b9c134bb30] iscsi_sw_tcp_session_destroy at ffffffffc03031c4 [iscsi_tcp] #6 [ffffb5b9c134bb48] iscsi_if_recv_msg at ffffffffc0292692 [scsi_transport_iscsi] #7 [ffffb5b9c134bb98] iscsi_if_rx at ffffffffc02929c2 [scsi_transport_iscsi] #8 [ffffb5b9c134bbf0] netlink_unicast at ffffffff85e551d6 #9 [ffffb5b9c134bc38] netlink_sendmsg at ffffffff85e554ef | |||||
| CVE-2026-23313 | 1 Linux | 1 Linux Kernel | 2026-05-26 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: i40e: Fix preempt count leak in napi poll tracepoint Using get_cpu() in the tracepoint assignment causes an obvious preempt count leak because nothing invokes put_cpu() to undo it: softirq: huh, entered softirq 3 NET_RX with preempt_count 00000100, exited with 00000101? This clearly has seen a lot of testing in the last 3+ years... Use smp_processor_id() instead. | |||||
| CVE-2026-31391 | 1 Linux | 1 Linux Kernel | 2026-05-26 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-sha204a - Fix OOM ->tfm_count leak If memory allocation fails, decrement ->tfm_count to avoid blocking future reads. | |||||
| CVE-2013-1609 | 1 Symantec | 1 Enterprise Vault For File System Archiving | 2026-05-22 | 6.8 MEDIUM | 7.8 HIGH |
| Multiple unquoted Windows search path vulnerabilities in the (1) File Collector and (2) File PlaceHolder services in Symantec Enterprise Vault (EV) for File System Archiving before 9.0.4 and 10.x before 10.0.1 allow local users to gain privileges via a Trojan horse program. | |||||
| CVE-2005-1794 | 1 Microsoft | 2 Remote Desktop Connection, Windows Terminal Services Using Rdp | 2026-05-22 | 6.4 MEDIUM | 7.4 HIGH |
| Microsoft Terminal Server using Remote Desktop Protocol (RDP) 5.2 stores an RSA private key in mstlsapi.dll and uses it to sign a certificate, which allows remote attackers to spoof public keys of legitimate servers and conduct man-in-the-middle attacks. | |||||
| CVE-2023-3374 | 1 Bookreen | 1 Bookreen | 2026-05-22 | N/A | 9.8 CRITICAL |
| Incomplete List of Disallowed Inputs vulnerability in Unisign Bookreen allows Privilege Escalation. This issue affects Bookreen: before 3.0.0. | |||||
| CVE-2026-23283 | 1 Linux | 1 Linux Kernel | 2026-05-22 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: regulator: fp9931: Fix PM runtime reference leak in fp9931_hwmon_read() In fp9931_hwmon_read(), if regmap_read() failed, the function returned the error code without calling pm_runtime_put_autosuspend(), causing a PM reference leak. | |||||
| CVE-2026-43399 | 1 Linux | 1 Linux Kernel | 2026-05-21 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Fix reference leak in amdgpu_userq_wait_ioctl Drop reference to syncobj and timeline fence when aborting the ioctl due output array being too small. (cherry picked from commit 68951e9c3e6bb22396bc42ef2359751c8315dd27) | |||||
| CVE-2023-5570 | 1 Inohom | 1 Home Manager Gateway | 2026-05-21 | N/A | 7.5 HIGH |
| Improper Protection for Outbound Error Messages and Alert Signals vulnerability in Inohom Home Manager Gateway allows Account Footprinting. This issue affects Home Manager Gateway: before v.1.27.12. | |||||