|
3221
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
LoongArch: KVM: Fix base address calculation in kvm_eiointc_regs_access()
In function kvm_eiointc_regs_access(), the register bas…
|
NVD-CWE-noinfo
|
CVE-2026-31564
|
2026-04-28 05:31 |
2026-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3222
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
rxrpc: Fix leak of rxgk context in rxgk_verify_response()
Fix rxgk_verify_response() to clean up the rxgk context it creates.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2026-31632
|
2026-04-28 05:30 |
2026-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3223
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/mediatek: dsi: Store driver data before invoking mipi_dsi_host_register
The call to mipi_dsi_host_register triggers a callbac…
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-31562
|
2026-04-28 05:30 |
2026-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3224
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
rxrpc: fix reference count leak in rxrpc_server_keyring()
This patch fixes a reference count leak in rxrpc_server_keyring()
by ch…
|
NVD-CWE-Other
|
CVE-2026-31634
|
2026-04-28 05:30 |
2026-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3225
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
x86/cpu: Remove X86_CR4_FRED from the CR4 pinned bits mask
Commit in Fixes added the FRED CR4 bit to the CR4 pinned bits mask so
…
|
NVD-CWE-noinfo
|
CVE-2026-31561
|
2026-04-28 05:30 |
2026-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3226
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
spi: spi-dw-dma: fix print error log when wait finish transaction
If an error occurs, the device may not have a current message. …
|
NVD-CWE-noinfo
|
CVE-2026-31560
|
2026-04-28 05:30 |
2026-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3227
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
media: verisilicon: Fix kernel panic due to __initconst misuse
Fix a kernel panic when probing the driver as a module:
Unable …
|
NVD-CWE-noinfo
|
CVE-2026-31573
|
2026-04-28 05:29 |
2026-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3228
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulat…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7152
|
2026-04-28 05:21 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3229
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the function setMiniuiHomeInfoShow of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. …
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7153
|
2026-04-28 05:21 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3230
|
8.8 |
HIGH
Network
|
-
|
-
|
The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Privilege Escalation in versions up to and including 5.4.1. This is due to a missing authoriz…
|
CWE-269
Improper Privilege Management
|
CVE-2026-6741
|
2026-04-28 05:21 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
