|
921
|
8.8 |
HIGH
Adjacent
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
HID: core: Mitigate potential OOB by removing bogus memset()
The memset() in hid_report_raw_event() has the good intention of
cle…
|
CWE-125
Out-of-bounds Read
|
CVE-2026-43048
|
2026-05-8 04:07 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
922
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
HID: logitech-hidpp: Prevent use-after-free on force feedback initialisation failure
Presently, if the force feedback initialisat…
|
CWE-416
Use After Free
|
CVE-2026-43049
|
2026-05-8 04:05 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
923
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: mana: fix use-after-free in add_adev() error path
If auxiliary_device_add() fails, add_adev() jumps to add_fail and calls
au…
|
CWE-416
Use After Free
|
CVE-2026-43056
|
2026-05-8 04:02 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
924
|
8.8 |
HIGH
Network
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
crypto: tegra - Add missing CRYPTO_ALG_ASYNC
The tegra crypto driver failed to set the CRYPTO_ALG_ASYNC on its
asynchronous algor…
|
CWE-617
Reachable Assertion
|
CVE-2026-31739
|
2026-05-8 04:00 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
925
|
7.5 |
HIGH
Network
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
scsi: target: file: Use kzalloc_flex for aio_cmd
The target_core_file doesn't initialize the aio_cmd->iocb for the
ki_write_strea…
|
NVD-CWE-noinfo
|
CVE-2026-43055
|
2026-05-8 03:58 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
926
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
vxlan: validate ND option lengths in vxlan_na_create
vxlan_na_create() walks ND options according to option-provided
lengths. A m…
|
NVD-CWE-noinfo
|
CVE-2026-31738
|
2026-05-8 03:58 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
927
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: ftgmac100: fix ring allocation unwind on open failure
ftgmac100_alloc_rings() allocates rx_skbs, tx_skbs, rxdes, txdes, and
…
|
NVD-CWE-noinfo
|
CVE-2026-31737
|
2026-05-8 03:55 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
928
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in router-for-me CLIProxyAPI 6.9.29. Affected by this issue is some unknown functionality of the file internal/api/handlers/management/api_tools.go of the component API…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-8081
|
2026-05-8 03:51 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
929
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Insecure Permissions vulnerability in grokability snipe-it v.8.4.0 and before and fixed after 2026-03-10 commit 676a9958 allows a remote attacker to execute arbitrary code via the app/Http/Controller…
|
CWE-284
Improper Access Control
|
CVE-2026-37709
|
2026-05-8 03:50 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
930
|
7.5 |
HIGH
Network
|
-
|
-
|
Regex Denial of Service in youtube-regex npm package through version 1.0.5.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2025-65122
|
2026-05-8 03:50 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
