Log inCVE-2026-3184 Util-linux: util-linux: access control bypass due to improper hostname canonicalization
1 Mei 2026 om 10:39
Information published.
Normale weergave
Ontvangen β 1 Mei 2026
β
Microsoft Security
-
Microsoft Security
- CVE-2026-3184 Util-linux: util-linux: access control bypass due to improper hostname canonicalization
-
- CVE-2026-27456 util-linux: TOCTOU Race Condition in util-linux mount(8) - Loop Device Setup
CVE-2026-27456 util-linux: TOCTOU Race Condition in util-linux mount(8) - Loop Device Setup
1 Mei 2026 om 10:39
Information published.
-
- CVE-2026-31478 ksmbd: replace hardcoded hdr2_len with offsetof() in smb2_calc_max_out_buf_len()
CVE-2026-31478 ksmbd: replace hardcoded hdr2_len with offsetof() in smb2_calc_max_out_buf_len()
1 Mei 2026 om 10:39
Information published.
CVE-2026-0964 Libssh: improper sanitation of paths received from scp servers
1 Mei 2026 om 10:39
Information published.
CVE-2026-0966 Libssh: buffer underflow in ssh_get_hexa() on invalid input
1 Mei 2026 om 10:39
Information published.
-
- CVE-2026-0967 Libssh: libssh: denial of service via inefficient regular expression processing
CVE-2026-0967 Libssh: libssh: denial of service via inefficient regular expression processing
1 Mei 2026 om 10:38
Information published.
-
- CVE-2026-0965 Libssh: libssh: denial of service via improper configuration file handling
CVE-2026-0965 Libssh: libssh: denial of service via improper configuration file handling
1 Mei 2026 om 10:38
Information published.
-
- CVE-2026-25645 Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function
CVE-2026-25645 Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function
1 Mei 2026 om 10:38
Information published.
-
- CVE-2026-3731 libssh SFTP Extension Name sftp.c sftp_extensions_get_data out-of-bounds
CVE-2026-3731 libssh SFTP Extension Name sftp.c sftp_extensions_get_data out-of-bounds
1 Mei 2026 om 10:38
Information published.
-
- CVE-2026-3087 shutil.unpack_archive() doesn't check for Windows absolute paths in ZIPs
CVE-2026-3087 shutil.unpack_archive() doesn't check for Windows absolute paths in ZIPs
1 Mei 2026 om 10:04
Information published.
-
- CVE-2026-6357 pip self-update functionality can import newly installed modules after wheel installation
CVE-2026-6357 pip self-update functionality can import newly installed modules after wheel installation
1 Mei 2026 om 10:04
Information published.
CVE-2026-41605 Apache Thrift: Swift Compact Protocol integer overflow
1 Mei 2026 om 10:04
Information published.
CVE-2026-41607 Apache Thrift: C++ JSON OOB read
1 Mei 2026 om 10:04
Information published.
-
- CVE-2025-48431 Apache Thrift: Specially crafted input can crash a c_glib Thrift server with invalid pointer error.
CVE-2025-48431 Apache Thrift: Specially crafted input can crash a c_glib Thrift server with invalid pointer error.
1 Mei 2026 om 10:04
Information published.
CVE-2026-41636 Apache Thrift: Node.js skip() recursion
1 Mei 2026 om 10:04
Information published.
CVE-2026-41604 Apache Thrift: Swift Range crash in skip()
1 Mei 2026 om 10:04
Information published.
CVE-2026-41606 Apache Thrift: c_glib dispatch stack overflow
1 Mei 2026 om 10:03
Information published.
CVE-2026-40356
1 Mei 2026 om 10:03
Information published.
CVE-2026-40355
1 Mei 2026 om 10:03
Information published.
CVE-2026-41526
1 Mei 2026 om 10:03
Information published.
CVE-2026-41602 Apache Thrift: Go TFramedTransport uint32 overflow
1 Mei 2026 om 10:03
Information published.
CVE-2026-41080
1 Mei 2026 om 10:03
Information published.
CVE-2026-31692 rtnetlink: add missing netlink_ns_capable() check for peer netns
1 Mei 2026 om 10:02
Information published.
CVE-2026-31612 ksmbd: validate EaNameLength in smb2_get_ea()
1 Mei 2026 om 10:02
Information published.
CVE-2026-31611 ksmbd: require 3 sub-authorities before reading sub_auth[2]
1 Mei 2026 om 10:02
Information published.
-
- CVE-2026-31610 ksmbd: fix mechToken leak when SPNEGO decode fails after token alloc
CVE-2026-31610 ksmbd: fix mechToken leak when SPNEGO decode fails after token alloc
1 Mei 2026 om 10:02
Information published.
-
- CVE-2026-31609 smb: client: avoid double-free in smbd_free_send_io() after smbd_send_batch_flush()
CVE-2026-31609 smb: client: avoid double-free in smbd_free_send_io() after smbd_send_batch_flush()
1 Mei 2026 om 10:02
Information published.
-
- CVE-2026-31608 smb: server: avoid double-free in smb_direct_free_sendmsg after smb_direct_flush_send_list()
CVE-2026-31608 smb: server: avoid double-free in smb_direct_free_sendmsg after smb_direct_flush_send_list()
1 Mei 2026 om 10:02
Information published.
CVE-2026-31606 usb: gadget: f_hid: don't call cdev_init while cdev in use
1 Mei 2026 om 10:02
Information published.
CVE-2026-31605 fbdev: udlfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO
1 Mei 2026 om 10:02
Information published.
