CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/05/27 2:17 p.m.•6 views

CVE-2026-46006

7.8CVSS0.00013EPSS

Cvelist•added 2026/05/27 12:56 p.m.•40 views

CVE-2026-46006 drm/nouveau: fix u32 overflow in pushbuf reloc bounds check

7.8CVSS0.00013EPSS

CVE•added 2026/05/27 12:56 p.m.•10 views

CVE-2026-46006

The CVE-2026-46006 entry concerns the Linux kernel’s drm/nouveau driver. A 32‑bit overflow in nouveau_gem_pushbuf_reloc_apply() could cause incorrect relocation bounds checks: r->reloc_bo_offset + 4 is computed in 32‑bit space, wrapping before comparing to nvbo->bo.base.size. The fix casts ...

7.8CVSS5.8AI score0.00013EPSS

Tenable Nessus•added 2026/01/22 12:0 a.m.•1 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-37858)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37858 advisory. - In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Prevent integer overflow in AG...

5.5CVSS6.9AI score0.00032EPSS

Exploits0References2

Tenable Nessus•added 2025/12/31 12:0 a.m.•1 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992780)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992780 advisory. In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Prevent integer overflow in AG size calculation The JFS filesystem calculates allocation...

5.5CVSS6.3AI score0.00032EPSS

Exploits0References4

Tenable Nessus•added 2025/10/21 12:0 a.m.•1 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987690)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987690 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: designware: use casting of u64 in clock multiplication to avoid overflow In functions...

5.5CVSS5.9AI score0.00014EPSS

Exploits0References4

Tenable Nessus•added 2025/08/11 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2025-37858

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/jfs: Prevent integer overflow in AG size calculation The JFS filesystem calculates allocation group AG size using 1 2TB aggregates on 32-bit systems, this...

5.5CVSS6.9AI score0.00032EPSS

Exploits0References2

Tenable Nessus•added 2025/08/09 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2022-49749

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - i2c: designware: use casting of u64 in clock multiplication to avoid overflow In functions i2cdwscllcnt and i2cdwsclhcnt may have overflow by depending on the...

5.5CVSS6.2AI score0.00014EPSS

AstraLinux•added 2025/06/16 11:28 a.m.•3 views

Astra Linux – Vulnerability in SQLite3

In SQLite 3.49.0 before 3.49.1, certain argument values passed to sqlite3dbconfig in the C-language API can cause a denial of service application crash. A sznBig multiplication is not cast to a 64-bit integer, which can lead to incorrect memory allocations...

5.6CVSS6.6AI score0.00039EPSS

SUSE CVE•added 2025/05/10 2:52 a.m.•1 views

SUSE CVE-2025-37858

In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Prevent integer overflow in AG size calculation The JFS filesystem calculates allocation group AG size using 1 2TB aggregates on 32-bit systems, this 32-bit shift operation causes undefined behavior and improper AG sizing...

5.3CVSS8.1AI score0.00032EPSS

Exploits0References16

OSV•added 2025/04/10 2:15 p.m.•2 views

ALPINE-CVE-2025-29088

In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3dbconfig in the C-language API can cause a denial of service application crash. An sznBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect...

5.5CVSS6.8AI score0.00039EPSS

OSV•added 2025/04/10 2:15 p.m.•0 views

DEBIAN-CVE-2025-29088

5.6CVSS5.5AI score0.00039EPSS

FreeBSD•added 2025/04/10 12:0 a.m.•7 views

SQLite -- application crash

[email protected] reports: In SQLite 3.49.0 before 3.49.1, certain argument values to sqlite3dbconfig in the C-language API can cause a denial of service application crash. An sznBig multiplication is not cast to a 64-bit integer, and consequently some memory allocations may be incorrect...

5.6CVSS6.3AI score0.00039EPSS

OSV•added 2025/03/27 5:15 p.m.•1 views

DEBIAN-CVE-2022-49749

In the Linux kernel, the following vulnerability has been resolved: i2c: designware: use casting of u64 in clock multiplication to avoid overflow In functions i2cdwscllcnt and i2cdwsclhcnt may have overflow by depending on the values of the given parameters including the icclk. For example in our...

5.5CVSS5.3AI score0.00014EPSS

OSV•added 2025/03/27 5:15 p.m.•1 views

UBUNTU-CVE-2022-49749

5.5CVSS6AI score0.00014EPSS

SUSE CVE•added 2023/02/15 5:24 a.m.•2 views

SUSE CVE-2014-9627

The MP4ReadBoxString function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large bo...

7.8CVSS7AI score0.00338EPSS