Export limit exceeded: 35344 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (35344 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-43092 | 1 Linux | 1 Linux Kernel | 2026-05-19 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: xsk: validate MTU against usable frame size on bind AF_XDP bind currently accepts zero-copy pool configurations without verifying that the device MTU fits into the usable frame space provided by the UMEM chunk. This becomes a problem since we started to respect tailroom which is subtracted from chunk_size (among with headroom). 2k chunk size might not provide enough space for standard 1500 MTU, so let us catch such settings at bind time. Furthermore, validate whether underlying HW will be able to satisfy configured MTU wrt XSK's frame size multiplied by supported Rx buffer chain length (that is exposed via net_device::xdp_zc_max_segs). | ||||
| CVE-2026-43093 | 1 Linux | 1 Linux Kernel | 2026-05-19 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: xsk: tighten UMEM headroom validation to account for tailroom and min frame The current headroom validation in xdp_umem_reg() could leave us with insufficient space dedicated to even receive minimum-sized ethernet frame. Furthermore if multi-buffer would come to play then skb_shared_info stored at the end of XSK frame would be corrupted. HW typically works with 128-aligned sizes so let us provide this value as bare minimum. Multi-buffer setting is known later in the configuration process so besides accounting for 128 bytes, let us also take care of tailroom space upfront. | ||||
| CVE-2026-43095 | 1 Linux | 1 Linux Kernel | 2026-05-19 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: Fix errors in IRQ cleanup IRQs are enabled through sdca_irq_populate() from component probe using devm_request_threaded_irq(), this however means the IRQs can persist if the sound card is torn down. Some of the IRQ handlers store references to the card and the kcontrols which can then fail. Some detail of the crash was explained in [1]. Generally it is not advised to use devm outside of bus probe, so the code is updated to not use devm. The IRQ requests are not moved to bus probe time as it makes passing the snd_soc_component into the IRQs very awkward and would the require a second step once the component is available, so it is simpler to just register the IRQs at this point, even though that necessitates some manual cleanup. | ||||
| CVE-2026-31378 | 1 Apache | 1 Ofbiz | 2026-05-19 | 6.5 Medium |
| Improper Input Validation vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue. | ||||
| CVE-2021-42295 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2026-05-19 | 5.5 Medium |
| Visual Basic for Applications Information Disclosure Vulnerability | ||||
| CVE-2022-24461 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2026-05-19 | 7.8 High |
| Microsoft Office Visio Remote Code Execution Vulnerability | ||||
| CVE-2024-20673 | 1 Microsoft | 8 Excel, Office, Office Long Term Servicing Channel and 5 more | 2026-05-19 | 7.8 High |
| Microsoft Office Remote Code Execution Vulnerability | ||||
| CVE-2022-24511 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2026-05-19 | 5.5 Medium |
| Microsoft Office Word Tampering Vulnerability | ||||
| CVE-2022-41063 | 1 Microsoft | 6 365 Apps, Excel, Office and 3 more | 2026-05-19 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2023-36897 | 1 Microsoft | 8 365 Apps, Office, Office Long Term Servicing Channel and 5 more | 2026-05-19 | 8.1 High |
| Visual Studio Tools for Office Runtime Spoofing Vulnerability | ||||
| CVE-2024-26257 | 1 Microsoft | 2 365 Apps, Office Long Term Servicing Channel | 2026-05-19 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2022-24509 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2026-05-19 | 7.8 High |
| Microsoft Office Visio Remote Code Execution Vulnerability | ||||
| CVE-2021-43875 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2026-05-19 | 7.8 High |
| Microsoft Office Graphics Remote Code Execution Vulnerability | ||||
| CVE-2022-21840 | 1 Microsoft | 10 365 Apps, Excel, Office and 7 more | 2026-05-19 | 8.8 High |
| Microsoft Office Remote Code Execution Vulnerability | ||||
| CVE-2022-41060 | 1 Microsoft | 8 365 Apps, Office, Office Long Term Servicing Channel and 5 more | 2026-05-19 | 5.5 Medium |
| Microsoft Word Information Disclosure Vulnerability | ||||
| CVE-2022-21841 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2026-05-19 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2022-24473 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2026-05-19 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2023-33152 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2026-05-19 | 7 High |
| Microsoft ActiveX Remote Code Execution Vulnerability | ||||
| CVE-2025-21402 | 1 Microsoft | 6 Office, Office Long Term Servicing Channel, Office Macos 2021 and 3 more | 2026-05-19 | 7.8 High |
| Microsoft Office OneNote Remote Code Execution Vulnerability | ||||
| CVE-2023-33161 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2026-05-19 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||