|
1431
|
7.1 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed
When retrieving the PDH cert, don't attempt to cop…
|
CWE-787
Out-of-bounds Write
|
CVE-2026-31698
|
2026-05-7 04:06 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1432
|
8.1 |
HIGH
Network
|
-
|
-
|
A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger a write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the pro…
|
CWE-416
Use After Free
|
CVE-2026-22165
|
2026-05-7 04:05 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1433
|
8.1 |
HIGH
Network
|
-
|
-
|
A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the proce…
|
CWE-416
Use After Free
|
CVE-2026-22166
|
2026-05-7 04:05 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1434
|
7.8 |
HIGH
Local
|
-
|
-
|
Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages.
Under certain circumstances this exploit could b…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2026-22167
|
2026-05-7 04:05 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1435
|
- |
|
-
|
-
|
A critical IDOR vulnerability has been discovered in Comet Backup affecting all versions from 20.11.0 to 26.1.1 and 26.2.1. The vulnerability allows a tenant administrator to impersonate any end-user…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-29200
|
2026-05-7 04:05 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1436
|
7.1 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed
When retrieving the PEK CSR, don't attempt to copy the …
|
CWE-787
Out-of-bounds Write
|
CVE-2026-31699
|
2026-05-7 04:04 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1437
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd()
In tpacket_snd(), when PACKET_VNET_HDR is enabled, vnet_hdr point…
|
CWE-362
Race Condition
|
CVE-2026-31700
|
2026-05-7 04:01 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1438
|
8.8 |
HIGH
Network
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco Unity Connection could allow an authenticated, remote attacker to execute arbitrary code on an affected device.
This vulnerability is…
|
CWE-35
Path Traversal: '.../...//'
|
CVE-2026-20034
|
2026-05-7 03:59 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1439
|
7.2 |
HIGH
Network
|
-
|
-
|
A vulnerability in the web UI of Cisco Unity Connection Web Inbox could allow an unauthenticated, remote attacker to conduct SSRF attacks through an affected device.
This vulnerability is due to i…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-20035
|
2026-05-7 03:59 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1440
|
7.7 |
HIGH
Network
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco IoT Field Network Director could allow an authenticated, remote attacker with low privileges to cause a DoS condition on a remotely mana…
|
CWE-284
Improper Access Control
|
CVE-2026-20167
|
2026-05-7 03:59 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
