Log inCVE-2026-21246 Windows Graphics Component Elevation of Privilege Vulnerability
29 April 2026 om 16:00
Acknowledgement added. This is an informational change only.
Normale weergave
Ontvangen β 29 April 2026
β
Microsoft Security
-
Microsoft Security
- CVE-2026-22701 filelock Time-of-Check-Time-of-Use (TOCTOU) Symlink Vulnerability in SoftFileLock
CVE-2026-22701 filelock Time-of-Check-Time-of-Use (TOCTOU) Symlink Vulnerability in SoftFileLock
29 April 2026 om 10:43
Information published.
-
- CVE-2025-68146 filelock has TOCTOU race condition that allows symlink attacks during lock file creation
CVE-2025-68146 filelock has TOCTOU race condition that allows symlink attacks during lock file creation
29 April 2026 om 10:43
Information published.
-
- CVE-2026-2443 Libsoup: out-of-bounds read in libsoup handle_partial_get() leading to heap information disclosure
CVE-2026-2443 Libsoup: out-of-bounds read in libsoup handle_partial_get() leading to heap information disclosure
29 April 2026 om 10:42
Information published.
-
- CVE-2026-27141 Sending certain HTTP/2 frames can cause a server to panic in golang.org/x/net
CVE-2026-27141 Sending certain HTTP/2 frames can cause a server to panic in golang.org/x/net
29 April 2026 om 10:11
Information published.
-
- CVE-2026-24051 OpenTelemetry-Go Affected by Arbitrary Code Execution via PATH Hijacking
CVE-2026-24051 OpenTelemetry-Go Affected by Arbitrary Code Execution via PATH Hijacking
29 April 2026 om 10:11
Information published.
CVE-2022-2068 The c_rehash script allows command injection
29 April 2026 om 10:08
Information published.
-
- CVE-2026-34591 Poetry Has Wheel Path Traversal Which Can Lead to Arbitrary File Write
CVE-2026-34591 Poetry Has Wheel Path Traversal Which Can Lead to Arbitrary File Write
29 April 2026 om 10:47
Information published.
CVE-2026-23388 Squashfs: check metadata block offset is within range
29 April 2026 om 10:47
Information published.
-
- CVE-2026-31619 ALSA: fireworks: bound device-supplied status before string array lookup
CVE-2026-31619 ALSA: fireworks: bound device-supplied status before string array lookup
29 April 2026 om 10:47
Information published.
-
- CVE-2026-31658 net: altera-tse: fix skb leak on DMA mapping error in tse_start_xmit()
CVE-2026-31658 net: altera-tse: fix skb leak on DMA mapping error in tse_start_xmit()
29 April 2026 om 10:47
Information published.
-
- CVE-2026-31592 KVM: SEV: Protect *all* of sev_mem_enc_register_region() with kvm->lock
CVE-2026-31592 KVM: SEV: Protect *all* of sev_mem_enc_register_region() with kvm->lock
29 April 2026 om 10:47
Information published.
CVE-2026-31597 ocfs2: fix use-after-free in ocfs2_fault() when VM_FAULT_RETRY
29 April 2026 om 10:47
Information published.
-
- CVE-2026-31578 media: as102: fix to not free memory after the device is registered in as102_usb_probe()
CVE-2026-31578 media: as102: fix to not free memory after the device is registered in as102_usb_probe()
29 April 2026 om 10:46
Information published.
CVE-2026-31586 mm: blk-cgroup: fix use-after-free in cgwb_release_workfn()
29 April 2026 om 10:46
Information published.
-
- CVE-2026-31576 media: hackrf: fix to not free memory after the device is registered in hackrf_probe()
CVE-2026-31576 media: hackrf: fix to not free memory after the device is registered in hackrf_probe()
29 April 2026 om 10:46
Information published.
-
- CVE-2026-31588 KVM: x86: Use scratch field in MMIO fragment to hold small write values
CVE-2026-31588 KVM: x86: Use scratch field in MMIO fragment to hold small write values
29 April 2026 om 10:46
Information published.
CVE-2026-31649 net: stmmac: fix integer underflow in chain mode
29 April 2026 om 10:46
Information published.
CVE-2026-31582 hwmon: (powerz) Fix use-after-free on USB disconnect
29 April 2026 om 10:46
Information published.
CVE-2026-31669 mptcp: fix slab-use-after-free in __inet_lookup_established
29 April 2026 om 10:45
Information published.
CVE-2026-31628 x86/CPU: Fix FPDSS on Zen1
29 April 2026 om 10:45
Information published.
CVE-2026-31630 rxrpc: proc: size address buffers for %pISpc output
29 April 2026 om 10:45
Information published.
CVE-2026-31629 nfc: llcp: add missing return after LLCP_CLOSED checks
29 April 2026 om 10:45
Information published.
-
- CVE-2026-33055 tar-rs incorrectly ignores PAX size headers if header size is nonzero
CVE-2026-33055 tar-rs incorrectly ignores PAX size headers if header size is nonzero
29 April 2026 om 10:45
Information published.
CVE-2026-31657 batman-adv: hold claim backbone gateways by reference
29 April 2026 om 10:45
Information published.
-
- CVE-2026-31616 usb: gadget: f_phonet: fix skb frags[] overflow in pn_rx_complete()
CVE-2026-31616 usb: gadget: f_phonet: fix skb frags[] overflow in pn_rx_complete()
29 April 2026 om 10:45
Information published.
-
- CVE-2026-33056 tar-rs: unpack_in can chmod arbitrary directories by following symlinks
CVE-2026-33056 tar-rs: unpack_in can chmod arbitrary directories by following symlinks
29 April 2026 om 10:45
Information published.
CVE-2026-31662 tipc: fix bc_ackers underflow on duplicate GRP_ACK_MSG
29 April 2026 om 10:45
Information published.
-
- CVE-2026-31587 ASoC: qcom: q6apm: move component registration to unmanaged version
CVE-2026-31587 ASoC: qcom: q6apm: move component registration to unmanaged version
29 April 2026 om 10:44
Information published.
