CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.16)

CVE-2026-23087
Medium

In the Linux kernel, a vulnerability in the Xen scsiback driver was found where memory allocated for the vscsiblk_info structure in scsiback_probe() is not freed in scsiback_remove() or in error paths of scsiback_probe(), leading to potential memory leaks.

CVE-2026-23086
Medium

In the Linux kernel, a vulnerability in the vsock/virtio driver allowed TX credit to be derived solely from the remote endpoint's peer_buf_alloc. A malicious guest or host could advertise a large buffer and read slowly, forcing the other side to allocate excessive sk_buff memory, leading to out-of-memory (OOM) conditions.

CVE-2026-23084
Medium

In the Linux kernel, a vulnerability was found in the be2net driver, involving a NULL pointer dereference in the be_cmd_get_mac_from_list function. The issue occurs when the function is called with pmac_id_valid set to false and pmac_id pointer set to NULL, leading to a write attempt at address NULL.

CVE-2026-23060
Medium

A vulnerability in the Linux kernel's authencesn crypto module allows a kernel panic (DoS) via a too-short AAD (assoclen<8). Missing validation of the authentication data length leads to an out-of-bounds read on the destination scatterlist and a NULL pointer dereference.

CVE-2026-20123
Medium

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This is due to improper input validation of HTTP request parameters.

CVE-2026-20111
Medium

A vulnerability in the web-based management interface of Cisco Prime Infrastructure allows an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack against users of the interface. This is due to improper validation of user-supplied input.

CVE-2025-70545
Medium

A stored cross-site scripting (XSS) vulnerability exists in the web management interface of the PPC (Belden) ONT 2K05X router running firmware v1.1.9_206L. The CGI component improperly handles user-supplied input, allowing a remote, unauthenticated attacker to inject persistent JavaScript.

CVE-2025-69618
Medium

An arbitrary file overwrite vulnerability in the file import process of Tarot, Astro & Healing v11.4.0 allows attackers to overwrite critical internal files, potentially leading to arbitrary code execution or exposure of sensitive information.

CVE-2025-69620
Medium

A path traversal vulnerability in Moo Chan Song v4.5.7 allows attackers to write files to internal storage, potentially causing a Denial of Service (DoS).

CVE-2026-1312
MediumEPSS 52%

A SQL injection vulnerability was discovered in Django's `.QuerySet.order_by()` method. The issue occurs when a column alias containing a period is used with `FilteredRelation` and dictionary expansion. Affected versions include 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28; older unsupported series may also be vulnerable.

CVE-2026-1287
MediumEPSS 51%

An SQL injection vulnerability was discovered in Django 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28 in `FilteredRelation` column aliases via control characters. A crafted dictionary with dictionary expansion passed as `**kwargs` to `annotate()`, `aggregate()`, `extra()`, `values()`, `values_list()`, and `alias()` methods can be exploited.

CVE-2026-1207
MediumEPSS 95%

In Django 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28, a vulnerability was found in raster lookups on RasterField (PostGIS only). Remote attackers can inject SQL via the band index parameter.

CVE-2026-23026
Medium

In the Linux kernel, a memory leak was found in the gpi_peripheral_config() function of the QCOM GPI DMA driver. The issue occurs when krealloc() returns NULL, causing loss of reference to previously allocated memory.

CVE-2026-23019
Medium

In the Linux kernel, a NULL pointer dereference vulnerability was found in the Marvell Prestera network driver. The devlink_alloc() function may return NULL on allocation failure, but the code unconditionally calls devlink_priv() on the returned pointer, causing a system crash.

CVE-2025-71191
Medium

In the Linux kernel, the at_hdmac driver has a device reference leak in of_dma_xlate(). The reference taken when looking up the DMA platform device is not dropped after successful channel allocation, causing a memory leak.

CVE-2025-71190
Medium

A vulnerability in the Linux kernel's BCM-SBA-RAID DMA driver causes a device reference leak during probe. The driver fails to drop the reference taken when looking up the mailbox device on probe failures or driver unbind.

CVE-2025-71189
Medium

In the Linux kernel, a vulnerability in the dw_dmamux DMA driver causes an OF node reference leak on late DMA route allocation failure. The reference taken to the DMA master OF node is not released when route allocation fails after the initial setup.

CVE-2025-71188
Medium

W jądrze Linuxa naprawiono podatność związaną z wyciekiem urządzenia podczas alokacji trasy w module dmaengine dla lpc18xx-dmamux. Problem polegał na tym, że utrzymywanie referencji do urządzenia nie zapobiegało usunięciu danych sterownika.

CVE-2025-71186
Medium

In the Linux kernel, a device reference leak was found in the STM32 DMA MUX driver during route allocation. The allocation function failed to drop the reference taken when looking up the DMA mux platform device.

CVE-2025-71185
Medium

In the Linux kernel, a device reference leak was found in the DMA crossbar driver for TI AM335x. The reference to the crossbar platform device was not dropped during route allocation, causing a memory leak.

PreviousPage 305 of 612Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS