|
661
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
scsi: target: tcm_loop: Drain commands in target_reset handler
tcm_loop_target_reset() violates the SCSI EH contract: it returns …
Update
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2026-43054
|
2026-05-8 03:28 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
662
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
xfs: close crash window in attr dabtree inactivation
When inactivating an inode with node-format extended attributes,
xfs_attr3_n…
Update
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2026-43053
|
2026-05-8 03:24 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
663
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
atm: lec: fix use-after-free in sock_def_readable()
A race condition exists between lec_atm_close() setting priv->lecd
to NULL an…
Update
|
CWE-416
Use After Free
|
CVE-2026-43050
|
2026-05-8 03:21 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
664
|
7.1 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: mac80211: check tdls flag in ieee80211_tdls_oper
When NL80211_TDLS_ENABLE_LINK is called, the code only checks if the
stati…
Update
|
NVD-CWE-noinfo
|
CVE-2026-43052
|
2026-05-8 03:19 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
665
|
8.1 |
HIGH
Adjacent
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq
The wacom_intuos_bt_irq() function processes Bluetooth HID reports
with…
Update
|
CWE-125
Out-of-bounds Read
|
CVE-2026-43051
|
2026-05-8 03:00 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
666
|
9.8 |
CRITICAL
Network
|
paloaltonetworks
|
pan-os
|
A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code w…
New
|
CWE-787
Out-of-bounds Write
|
CVE-2026-0300
|
2026-05-8 02:46 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
667
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
vt: discard stale unicode buffer on alt screen exit after resize
When enter_alt_screen() saves vc_uni_lines into vc_saved_uni_lin…
Update
|
CWE-125
Out-of-bounds Read
|
CVE-2026-31742
|
2026-05-8 02:42 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
668
|
9.1 |
CRITICAL
Network
|
torproject
|
tor
|
Tor before 0.4.9.7 has an out-of-bounds read when an END, a TRUNCATE, or a TRUNCATED cell lacks a reason in its payload, aka TROVE-2026-011.
New
|
CWE-684
Incorrect Provision of Specified Functionality
|
CVE-2026-44597
|
2026-05-8 02:34 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
669
|
5.3 |
MEDIUM
Network
|
torproject
|
tor
|
Tor before 0.4.9.7 can attempt or accept BEGIN_DIR via conflux legs, aka TROVE-2026-008.
New
|
CWE-669
Incorrect Resource Transfer Between Spheres
|
CVE-2026-44599
|
2026-05-8 02:31 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
670
|
5.3 |
MEDIUM
Network
|
torproject
|
tor
|
Tor before 0.4.9.7 mishandles accounting of the conflux out-of-order queue during the clearing of a queue, aka TROVE-2026-010.
New
|
CWE-696
Incorrect Behavior Order
|
CVE-2026-44600
|
2026-05-8 02:26 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
