|
871
|
5.3 |
MEDIUM
Network
|
-
|
-
|
ParquetSharp is a .NET library for reading and writing Apache Parquet files. From version 18.1.0 to before version 23.0.0.1, DecimalConverter.ReadDecimal makes a stackalloc using what might be an att…
|
CWE-789
Memory Allocation with Excessive Size Value
|
CVE-2026-42241
|
2026-05-8 05:37 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
872
|
- |
|
-
|
-
|
PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, on GnuTLS builds, the SIP TLS transport (sip_transport_tls) can accept connections with invalid o…
|
CWE-295
Improper Certificate Validation
|
CVE-2026-42225
|
2026-05-8 05:36 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
873
|
8.1 |
HIGH
Network
|
-
|
-
|
Budibase is an open-source low-code platform. Prior to version 3.35.10, the budibase:auth cookie containing the JWT session token is set with httpOnly: false at packages/backend-core/src/utils/utils.…
|
CWE-1004
Sensitive Cookie Without 'HttpOnly' Flag
|
CVE-2026-42239
|
2026-05-8 05:35 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
874
|
7.6 |
HIGH
Network
|
-
|
-
|
manage.get.gov is the .gov TLD registrar maintained by CISA. manage.get.gov allows an organization administrator to assign domain manager privileges for domains not already in another organization. F…
|
CWE-266
Incorrect Privilege Assignment
|
CVE-2026-43510
|
2026-05-8 05:32 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
875
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bpf: sockmap: Fix use-after-free of sk->sk_socket in sk_psock_verdict_data_ready().
syzbot reported use-after-free of AF_UNIX soc…
|
CWE-416
Use After Free
|
CVE-2026-43016
|
2026-05-8 05:31 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
876
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: macb: fix clk handling on PCI glue driver removal
platform_device_unregister() may still want to use the registered clks
dur…
|
CWE-416
Use After Free
|
CVE-2026-43015
|
2026-05-8 05:31 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
877
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: macb: properly unregister fixed rate clocks
The additional resources allocated with clk_register_fixed_rate() need
to be rel…
|
NVD-CWE-noinfo
|
CVE-2026-43014
|
2026-05-8 05:29 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
878
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5: lag: Check for LAG device before creating debugfs
__mlx5_lag_dev_add_mdev() may return 0 (success) even when an error
o…
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-43013
|
2026-05-8 05:28 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
879
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5: Fix switchdev mode rollback in case of failure
If for some internal reason switchdev mode fails, we rollback to legacy
…
|
NVD-CWE-noinfo
|
CVE-2026-43012
|
2026-05-8 05:28 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
880
|
9.8 |
CRITICAL
Network
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/x25: Fix potential double free of skb
When alloc_skb fails in x25_queue_rx_frame it calls kfree_skb(skb) at
line 48 and retur…
|
CWE-415
Double Free
|
CVE-2026-43011
|
2026-05-8 05:26 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
