|
601
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
hfsplus: pretend special inodes as regular files
Since commit af153bb63a33 ("vfs: catch invalid modes in may_open()")
requires an…
Update
|
NVD-CWE-noinfo
|
CVE-2026-43268
|
2026-05-9 06:02 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
602
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
EFI/CPER: don't go past the ARM processor CPER record buffer
There's a logic inside GHES/CPER to detect if the section_length
is …
Update
|
NVD-CWE-noinfo
|
CVE-2026-43266
|
2026-05-9 05:46 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
603
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
gfs2: fiemap page fault fix
In gfs2_fiemap(), we are calling iomap_fiemap() while holding the inode
glock. This can lead to recu…
Update
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2026-43262
|
2026-05-9 05:41 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
604
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
arm64: Add support for TSV110 Spectre-BHB mitigation
The TSV110 processor is vulnerable to the Spectre-BHB (Branch History
Buffer…
Update
|
NVD-CWE-noinfo
|
CVE-2026-43261
|
2026-05-9 05:37 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
605
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
KVM: x86: Ignore -EBUSY when checking nested events from vcpu_block()
Ignore -EBUSY when checking nested events after exiting a b…
Update
|
NVD-CWE-noinfo
|
CVE-2026-43265
|
2026-05-9 05:33 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
606
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
fbdev: of: display_timing: fix refcount leak in of_get_display_timings()
of_parse_phandle() returns a device_node with refcount i…
Update
|
NVD-CWE-Other
|
CVE-2026-43264
|
2026-05-9 05:33 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
607
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bnxt_en: Fix RSS context delete logic
We need to free the corresponding RSS context VNIC
in FW everytime an RSS context is delete…
Update
|
CWE-415
Double Free
|
CVE-2026-43260
|
2026-05-9 05:31 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
608
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
phy: fsl-imx8mq-usb: set platform driver data
Add missing platform_set_drvdata() as the data will be used in remove().
Update
|
NVD-CWE-noinfo
|
CVE-2026-43259
|
2026-05-9 05:31 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
609
|
8.1 |
HIGH
Network
|
google
|
chrome
|
Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via malicious network traffic. (Chromium security…
Update
|
NVD-CWE-noinfo
CWE-693
Protection Mechanism Failure
|
CVE-2026-8018
|
2026-05-9 05:16 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
610
|
4.2 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient data validation in DataTransfer in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted H…
Update
|
CWE-20
Improper Input Validation
|
CVE-2026-7989
|
2026-05-9 05:16 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
