VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
1740 advisories across 32 monitored vendors.
Arbitrary code execution via pickle deserialization bypass. Red Hat rates this important (CVSS 8.8). Weakness: CWE-693.
Arbitrary code execution due to incomplete denylist in deserialization. Red Hat rates this important (CVSS 8.8). Weakness: CWE-184.
Arbitrary Code Execution via Untrusted JAR File Loading. Red Hat rates this important (CVSS 7.8). Weakness: CWE-347.
In the Linux kernel, the following vulnerability has been resolved: ipv6: account for fraggap on the paged allocation path In __ip6_append_data(), when the paged-allocation branch is taken (MSG_MORE / NETIF_F_SG / large fraglen), alloclen and pagedlen are computed as alloclen = fragheaderlen + transhdrlen; pagedlen = datalen - transhdrlen; datalen already includes fraggap (datalen = length + fraggap). When fraggap is non-zero, this is not the first skb and transhdrlen is zero. The fraggap bytes carried over from the previous skb are copied just past the fragment headers in the new skb's linear area. The linear area is therefore undersized by fraggap bytes while pagedlen is overstated by the same amount, and the copy writes past skb->end into the trailing skb_shared_info. An unprivileged user can trigger this via a UDPv6 socket using MSG_MORE together with MSG_SPLICE_PAGES. The bad accounting was introduced by commit 773ba4fe9104 ("ipv6: avoid partial copy for zc"). Before commit ce650a166335 ("udp6: Fix __ip6_append_data()'s handling of MSG_SPLICE_PAGES"), the negative copy value caused -EINVAL to be returned. That later commit allowed MSG_SPLICE_PAGES to proceed in this case, making the corruption triggerable. After this adjustment, copy no longer collapses to -fraggap on the paged path, so remove the stale comment describing that old arithmetic.
Require in-GHCB scratch area if GHCB v2+ is in use. Red Hat rates this important (CVSS 7). Weakness: CWE-787.
Fix shadow paging use-after-free due to unexpected role. Red Hat rates this important (CVSS 7.8). Weakness: CWE-825. Red Hat lists fixing advisory RHSA-2026:36957 with package kernel-0:5.14.0-570.127.1.el9_6, kernel-0:6.12.0-211.32.1.el10_2, kernel-0:5.14.0-427.137.1.el9_4, kernel-0:5.14.0-687.24.1.el9_8. Affected products named by the advisory: Red Hat Enterprise Linux 9; Red Hat Enterprise Linux 1.
Set gc_in_progress to true in unix_gc(). Red Hat rates this moderate (CVSS 7). Weakness: CWE-366.
Arbitrary code execution via deserialization vulnerability. Red Hat rates this important (CVSS 8.8). Weakness: CWE-502.
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache Lucene. Net (Lucene. Net.Replicator library). This issue affects Apache Lucene. Net.Replicator: from 4.8.0-beta00005 through 4.8.0-beta00017. Users are recommended to upgrade to version 4.8.0-beta00018, which fixes the issue.
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache Lucene. Net (Lucene. Net.Replicator library). This issue affects Apache Lucene. Net.Replicator: from 4.8.0-beta00005 before 4.8.0-beta00018. Users are recommended to upgrade to version 4.8.0-beta00018, which fixes the issue.
Man-in-the-middle attack via SSH host key bypass. Red Hat rates this important (CVSS 7.4). Weakness: CWE-347. Red Hat lists fixing advisory RHSA-2026:34975 with package rust-main-1.96.1-1.hum1.
Information disclosure due to persistent Referer header. Red Hat rates this important (CVSS 7.5). Weakness: CWE-201. Red Hat lists fixing advisory RHSA-2026:34975 with package rust-main-1.96.1-1.hum1.
Information disclosure via cached SSL session and early data. Red Hat rates this important (CVSS 7.5). Weakness: CWE-295.
Use-after-free via curl_easy_pause() in CURLMOPT_SOCKETFUNCTION callback. Red Hat rates this important (CVSS 7.3). Weakness: CWE-825. Red Hat lists fixing advisory RHSA-2026:34975 with package rust-main-1.96.1-1.hum1.
Information disclosure due to failure to clear proxy authentication credentials. Red Hat rates this important (CVSS 7.5). Weakness: CWE-212. Red Hat lists fixing advisory RHSA-2026:34975 with package rust-main-1.96.1-1.hum1.
Security feature bypass due to improper mTLS connection reuse. Red Hat rates this important (CVSS 7.5). Weakness: CWE-1025. Red Hat lists fixing advisory RHSA-2026:34975 with package rust-main-1.96.1-1.hum1.
Information disclosure due to uncleared proxy authentication state. Red Hat rates this important (CVSS 7.5). Weakness: CWE-201. Red Hat lists fixing advisory RHSA-2026:34975 with package rust-main-1.96.1-1.hum1.
Double-free vulnerability in SASL authentication. Red Hat rates this important (CVSS 8.1). Weakness: CWE-1341. Red Hat lists fixing advisory RHSA-2026:34975 with package rust-main-1.96.1-1.hum1.
Insecure connection establishment due to TLS configuration mismatch. Red Hat rates this important (CVSS 8.1). Weakness: CWE-295. Red Hat lists fixing advisory RHSA-2026:34975 with package rust-main-1.96.1-1.hum1.
SSH host verification bypass when using schemeless URLs with SFTP/SCP. Red Hat rates this important (CVSS 7.5). Weakness: CWE-358. Red Hat lists fixing advisory RHSA-2026:34975 with package rust-main-1.96.1-1.hum1.