CVE-2025-36428
- EPSS 0.3%
- Veröffentlicht 30.01.2026 21:27:26
- Zuletzt bearbeitet 05.02.2026 19:39:41
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic when the RPSCA...
CVE-2025-36442
- EPSS 0.39%
- Veröffentlicht 30.01.2026 21:18:24
- Zuletzt bearbeitet 05.02.2026 19:39:37
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query with XML columns.
CVE-2026-23011
- EPSS 0.19%
- Veröffentlicht 25.01.2026 14:36:24
- Zuletzt bearbeitet 25.03.2026 19:51:11
In the Linux kernel, the following vulnerability has been resolved: ipv4: ip_gre: make ipgre_header() robust Analog to commit db5b4e39c4e6 ("ip6_gre: make ip6gre_header() robust") Over the years, syzbot found many ways to crash the kernel in ipgre...
CVE-2026-23004
- EPSS 0.12%
- Veröffentlicht 25.01.2026 14:36:18
- Zuletzt bearbeitet 27.04.2026 14:16:29
In the Linux kernel, the following vulnerability has been resolved: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() syzbot was able to crash the kernel in rt6_uncached_list_flush_dev() in an interesting way [1] Crash happens i...
CVE-2026-23003
- EPSS 0.47%
- Veröffentlicht 25.01.2026 14:36:17
- Zuletzt bearbeitet 27.04.2026 14:16:29
In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: use skb_vlan_inet_prepare() in __ip6_tnl_rcv() Blamed commit did not take care of VLAN encapsulations as spotted by syzbot [1]. Use skb_vlan_inet_prepare() instead of ...
CVE-2026-23001
- EPSS 0.19%
- Veröffentlicht 25.01.2026 14:36:15
- Zuletzt bearbeitet 27.04.2026 14:16:28
In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in macvlan_forward_source() Add RCU protection on (struct macvlan_source_entry)->vlan. Whenever macvlan_hash_del_source() is called, we must clear entry-...
CVE-2026-23000
- EPSS 0.15%
- Veröffentlicht 25.01.2026 14:36:14
- Zuletzt bearbeitet 24.02.2026 21:01:41
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix crash on profile change rollback failure mlx5e_netdev_change_profile can fail to attach a new profile and can fail to rollback to old profile, in such case, we could...
CVE-2026-22999
- EPSS 0.2%
- Veröffentlicht 25.01.2026 14:36:13
- Zuletzt bearbeitet 27.04.2026 14:16:28
In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: do not free existing class in qfq_change_class() Fixes qfq_change_class() error case. cl->qdisc and cl should only be freed if a new class and qdisc were alloc...
CVE-2026-22997
- EPSS 0.42%
- Veröffentlicht 25.01.2026 14:36:12
- Zuletzt bearbeitet 27.04.2026 14:16:28
In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939_xtp_rx_rts_session_active(): deactivate session upon receiving the second rts Since j1939_session_deactivate_activate_next() in j1939_tp_rxtimer() is called ...
CVE-2026-22998
- EPSS 0.71%
- Veröffentlicht 25.01.2026 14:36:12
- Zuletzt bearbeitet 27.04.2026 14:16:28
In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec Commit efa56305908b ("nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length") added ttag boun...