|
601
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: MGMT: Fix dangling pointer on mgmt_add_adv_patterns_monitor_complete
This fixes the condition checking so mgmt_pending…
Update
|
CWE-416
Use After Free
|
CVE-2026-31511
|
2026-04-28 23:59 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
602
|
9.9 |
CRITICAL
Network
|
saltcorn
|
saltcorn
|
Saltcorn is an extensible, open source, no-code database application builder. Prior to 1.4.6, 1.5.6, and 1.6.0-beta.5, a SQL injection vulnerability in Saltcorn’s mobile-sync routes allows any authen…
Update
|
CWE-89
SQL Injection
|
CVE-2026-41478
|
2026-04-28 23:58 |
2026-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
603
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
team: fix header_ops type confusion with non-Ethernet ports
Similar to commit 950803f72547 ("bonding: fix type confusion in
bond_…
Update
|
CWE-843
Type Confusion
|
CVE-2026-31502
|
2026-04-28 23:47 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
604
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
RDMA/efa: Fix use of completion ctx after free
On admin queue completion handling, if the admin command completed with
error we p…
Update
|
CWE-416
Use After Free
|
CVE-2026-31493
|
2026-04-28 23:45 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
605
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: macb: use the current queue number for stats
There's a potential mismatch between the memory reserved for statistics
and the…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2026-31494
|
2026-04-28 23:44 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
606
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: ctnetlink: use netlink policy range checks
Replace manual range and mask validations with netlink policy
annotations i…
Update
|
NVD-CWE-noinfo
|
CVE-2026-31495
|
2026-04-28 23:44 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
607
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_conntrack_expect: skip expectations in other netns via proc
Skip expectations that do not reside in this netns.
Si…
Update
|
NVD-CWE-noinfo
|
CVE-2026-31496
|
2026-04-28 23:43 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
608
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: btusb: clamp SCO altsetting table indices
btusb_work() maps the number of active SCO links to USB alternate
settings t…
Update
|
NVD-CWE-noinfo
|
CVE-2026-31497
|
2026-04-28 23:42 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
609
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: L2CAP: Fix ERTM re-init and zero pdu_len infinite loop
l2cap_config_req() processes CONFIG_REQ for channels in BT_CONN…
Update
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2026-31498
|
2026-04-28 23:41 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
610
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: usb: cdc-phonet: fix skb frags[] overflow in rx_complete()
A malicious USB device claiming to be a CDC Phonet modem can over…
Update
|
CWE-120
Classic Buffer Overflow
|
CVE-2026-31623
|
2026-04-28 23:17 |
2026-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
