|
31
|
9.8 |
CRITICAL
Network
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
lib/scatterlist: fix length calculations in extract_kvec_to_sg
Patch series "Fix bugs in extract_iter_to_sg()", v3.
Fix bugs in …
Update
|
-
|
CVE-2026-46289
|
2026-06-14 15:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
32
|
8.4 |
HIGH
Local
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
of: unittest: fix use-after-free in of_unittest_changeset()
The variable 'parent' is assigned the value of 'nchangeset' earlier i…
Update
|
-
|
CVE-2026-46288
|
2026-06-14 15:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
33
|
7.8 |
HIGH
Local
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
lib: test_hmm: evict device pages on file close to avoid use-after-free
Patch series "Minor hmm_test fixes and cleanups".
Two bu…
Update
|
-
|
CVE-2026-46280
|
2026-06-14 15:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
34
|
7.8 |
HIGH
Local
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
mm/zone_device: do not touch device folio after calling ->folio_free()
The contents of a device folio can immediately change afte…
Update
|
-
|
CVE-2026-46277
|
2026-06-14 15:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
35
|
7.8 |
HIGH
Local
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: hci_uart: fix UAFs and race conditions in close and init paths
Vulnerabilities leading to Use-After-Free (UAF) and Nul…
Update
|
-
|
CVE-2026-46275
|
2026-06-14 15:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
36
|
7.8 |
HIGH
Local
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
io-wq: check that the predecessor is hashed in io_wq_remove_pending()
io_wq_remove_pending() needs to fix up wq->hash_tail[] if t…
Update
|
-
|
CVE-2026-46274
|
2026-06-14 15:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
37
|
6.8 |
MEDIUM
Network
|
-
|
-
|
In OpenStack Ironic through 35.0.1, when applying a PATCH to update fields in volume properties the user is authorized for, Ironic can return unredacted sensitive information (such as iSCSI credentia…
New
|
CWE-212
Improper Removal of Sensitive Information Before Storage or Transfer
|
CVE-2026-54421
|
2026-06-14 13:16 |
2026-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
38
|
8.5 |
HIGH
Network
|
-
|
-
|
LiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn before 5.3.2.0) mishandles symlinks provided by a user with FTP or web shell access on a shared hosting server running Clo…
New
|
CWE-61
UNIX Symbolic Link (Symlink) Following
|
CVE-2026-54420
|
2026-06-14 13:16 |
2026-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
39
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. The impacted element is an unknown function of the file /index.php. The manipulation of…
New
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-12176
|
2026-06-14 09:16 |
2026-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
40
|
6.5 |
MEDIUM
Network
|
gpac
|
gpac
|
A NULL pointer dereference in the ctts_box_write function (isomedia/box_code_base.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2025-55659
|
2026-06-14 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
