|
1611
|
- |
|
-
|
-
|
Masa CMS is affected by an Open Redirect vulnerability due to improper handling of scheme-relative URLs. The application incorrectly interprets paths beginning with double slashes (//) as internal pa…
|
CWE-601
Open Redirect
|
CVE-2026-40332
|
2026-05-7 06:22 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1612
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
fuse: abort on fatal signal during sync init
When sync init is used and the server exits for some reason (error, crash)
while pro…
|
NVD-CWE-noinfo
|
CVE-2026-31713
|
2026-05-7 06:13 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1613
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
f2fs: fix to avoid memory leak in f2fs_rename()
syzbot reported a f2fs bug as below:
BUG: memory leak
unreferenced object 0xffff…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2026-31714
|
2026-05-7 06:12 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1614
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: validate rec->used in journal-replay file record check
check_file_record() validates rec->total against the record size…
|
CWE-787
Out-of-bounds Write
|
CVE-2026-31716
|
2026-05-7 06:10 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1615
|
8.8 |
HIGH
Network
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: validate owner of durable handle on reconnect
Currently, ksmbd does not verify if the user attempting to reconnect
to a du…
|
NVD-CWE-noinfo
|
CVE-2026-31717
|
2026-05-7 06:08 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1616
|
9.8 |
CRITICAL
Network
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix use-after-free in __ksmbd_close_fd() via durable scavenger
When a durable file handle survives session disconnect (TCP…
|
CWE-416
Use After Free
|
CVE-2026-31718
|
2026-05-7 06:07 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1617
|
7.5 |
HIGH
Network
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
crypto: krb5enc - fix async decrypt skipping hash verification
krb5enc_dispatch_decrypt() sets req->base.complete as the skcipher…
|
NVD-CWE-noinfo
|
CVE-2026-31719
|
2026-05-7 05:59 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1618
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
usb: gadget: f_uac1_legacy: validate control request size
f_audio_complete() copies req->length bytes into a 4-byte stack
variabl…
|
CWE-787
Out-of-bounds Write
|
CVE-2026-31720
|
2026-05-7 05:58 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1619
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
usb: gadget: f_hid: move list and spinlock inits from bind to alloc
There was an issue when you did the following:
- setup and bi…
|
NVD-CWE-noinfo
|
CVE-2026-31721
|
2026-05-7 05:56 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1620
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
usb: gadget: f_rndis: Fix net_device lifecycle with device_move
The net_device is allocated during function instance creation and…
|
NVD-CWE-noinfo
|
CVE-2026-31722
|
2026-05-7 05:55 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
