|
341
|
8.8 |
HIGH
Network
|
struktur
|
libheif
|
libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow (write) vulnerability in the grid tile compositing, allowing an attacker to write …
|
CWE-787
Out-of-bounds Write
|
CVE-2026-32740
|
2026-05-21 23:16 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
342
|
9.1 |
CRITICAL
Network
|
eclipse
|
glassfish
|
An authenticated Remote Code Execution (RCE) vulnerability was identified in GlassFish's Administration Console. A user with access to the panel can send crafted requests that allow the execution of …
|
CWE-94
CWE-917
Code Injection
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
|
CVE-2026-2586
|
2026-05-21 22:18 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
343
|
9.6 |
CRITICAL
Network
|
eclipse
|
glassfish
|
A critical Remote Code Execution (RCE) vulnerability was identified in the server-side template rendering mechanism used by the Glassfish gadget handler. The application processes .xml files and eval…
|
CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
|
CVE-2026-2587
|
2026-05-21 22:18 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
net/rds: handle zerocopy send cleanup before the message is queued
A zerocopy send can fail after user pages have been pinned but…
|
-
|
CVE-2026-43502
|
2026-05-21 22:16 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
ipv6: rpl: reserve mac_len headroom when recompressed SRH grows
ipv6_rpl_srh_rcv() decompresses an RFC 6554 Source Routing Header…
|
-
|
CVE-2026-43501
|
2026-05-21 22:16 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
rtmutex: Use waiter::task instead of current in remove_waiter()
remove_waiter() is used by the slowlock paths, but it is also use…
|
-
|
CVE-2026-43499
|
2026-05-21 22:16 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
accel/ivpu: Disallow re-exporting imported GEM objects
Prevent re-exporting of imported GEM buffers by adding a custom
prime_hand…
|
-
|
CVE-2026-43498
|
2026-05-21 22:16 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
fbdev: udlfb: add vm_ops to dlfb_ops_mmap to prevent use-after-free
dlfb_ops_mmap() uses remap_pfn_range() to map vmalloc framebu…
|
-
|
CVE-2026-43497
|
2026-05-21 22:16 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
349
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
net/sched: sch_red: Replace direct dequeue call with peek and qdisc_dequeue_peeked
When red qdisc has children (eg qfq qdisc) who…
|
-
|
CVE-2026-43496
|
2026-05-21 22:16 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
net: wwan: t7xx: validate port_count against message length in t7xx_port_enum_msg_handler
t7xx_port_enum_msg_handler() uses the m…
|
-
|
CVE-2026-43495
|
2026-05-21 22:16 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
