Lucene search
K

5415 matches found

OSV
OSV
added 2026/06/09 5:17 p.m.8 views

ALPINE-CVE-2026-34180

Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive element whose content exceeds 2 gigabytes in length may cause a heap buffer over-read on 64-bit Unix and Unix-like platforms. Impact summary: The heap buffer over-read may crash the application Denial of Service or to...

7.5CVSS5.8AI score0.00513EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/09 5:5 p.m.8 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. An attacker can exhaust system resources by sending specially crafted requests over the network, resulting in service unavailability for legitimate users. Remediation Upgrade...

8.7CVSS5.3AI score0.0243EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/09 5:5 p.m.10 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. An attacker can exhaust system resources by sending specially crafted requests over the network, resulting in service unavailability for legitimate users. Remediation Upgrade...

8.7CVSS5.3AI score0.0243EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/09 4:3 p.m.41 views

CVE-2026-34180 Heap Buffer Over-read in ASN.1 Content Parsing

Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive element whose content exceeds 2 gigabytes in length may cause a heap buffer over-read on 64-bit Unix and Unix-like platforms. Impact summary: The heap buffer over-read may crash the application Denial of Service or to...

0.00513EPSS
Exploits0References6
CVE
CVE
added 2026/06/09 4:3 p.m.200 views

CVE-2026-34180

CVE-2026-34180 describes a heap buffer over-read in OpenSSL’s DER/ASN.1 content parsing. On 64-bit Unix-like systems, a crafted ASN.1 primitive whose content exceeds 2 GB can cause the decoder to miscalculate content length, potentially leading to a read past the end of the input buffer or a cras...

7.5CVSS5.8AI score0.00513EPSS
Exploits0References6Affected Software1
Xen Project
Xen Project
added 2026/06/09 12:0 p.m.15 views

x86: mismatched mapcache metadata

ISSUE DESCRIPTION Some shadow paging errors paths will switch the page-tables without updating the currently running vCPU reference. This causes a mismatch between the loaded page-tables and the mapcache metadata which can lead to corruption of the mapcache. IMPACT Privilege escalation, Denial of...

8.1CVSS5.5AI score0.00353EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Microsoft Office Word 缓冲区错误漏洞

Microsoft Office Word is a word processing software developed by Microsoft and open sourced. There are security vulnerabilities in Microsoft Office Word. Attackers can exploit these vulnerabilities to obtain sensitive information. The following products and versions are affected: Microsoft 365 Ap...

3.3CVSS5.8AI score0.00371EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.18 views

Microsoft Windows Universal Plug and Play 资源管理错误漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There are security vulnerabilities in Microsoft Windows. The following products and versions are affected: Windows 10 Version 1809 for 32-bit Systems, Windows 10 Version 1809 for x64-based Systems...

8.1CVSS5.8AI score0.0052EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/08 8:59 p.m.13 views

CVE-2026-46384

An integer overflow flaw was found in Go Avro in decoding logic. Multiple decoder paths performs unsafe integer conversions and overflow-prone arithmetic operations on attacker-controlled values from Avro payloads. A remote attacker during Avro decoder operations could exploit this issue using...

8.7CVSS5.3AI score0.00397EPSS
Exploits0References4
NVD
NVD
added 2026/05/29 8:16 p.m.20 views

CVE-2026-46384

iskorotkov/avro is a fast Go Avro codec. Prior to 2.33.0, several Avro decoder paths read attacker-controlled 64-bit values from the wire format and either narrowed them to platform-sized int before bounds-checking, or summed them with overflow-prone signed-int arithmetic. On 32-bit targets...

8.7CVSS0.00397EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/28 9:36 a.m.34 views

CVE-2026-46147 KVM: arm64: Fix pin leak and publication ordering in __pkvm_init_vcpu()

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix pin leak and publication ordering in pkvminitvcpu Two bugs exist in the vCPU initialisation path: 1. If a check fails after hyppinsharedmem succeeds, the cleanup path jumps to 'unlock' without calling unpinhostvcp...

0.00126EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:54 a.m.15 views

SUSE CVE-2026-46006

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check nouveaugempushbufrelocapply validates each relocation with if r-relocbooffset + 4 nvbo-bo.base.size but relocbooffset is u32 uapi/drm/nouveaudrm.h and the integer litera...

5.5CVSS5.8AI score0.00143EPSS
Exploits0References3
NVD
NVD
added 2026/05/27 2:17 p.m.10 views

CVE-2026-46006

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check nouveaugempushbufrelocapply validates each relocation with if r-relocbooffset + 4 nvbo-bo.base.size but relocbooffset is u32 uapi/drm/nouveaudrm.h and the integer litera...

7.8CVSS0.00143EPSS
Exploits0References8
OSV
OSV
added 2026/05/27 2:17 p.m.7 views

UBUNTU-CVE-2026-46026

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Limit the maximum number of lookups Current code does no bound checking on the number of lookups a client can perform. Though the code restricts the lookups to local clients, there is still a possibility of a...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References7
OSV
OSV
added 2026/05/27 2:16 p.m.8 views

UBUNTU-CVE-2026-45860

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount: increase the connection clean up limit to 64 After the optimization to only perform one GC per jiffy, a new problem was introduced. If more than 8 new connections are tracked per jiffy the list won't be...

7.5CVSS5.7AI score0.00686EPSS
Exploits0References9
CVE
CVE
added 2026/05/27 12:56 p.m.28 views

CVE-2026-46006

The CVE-2026-46006 entry concerns the Linux kernel’s drm/nouveau driver. A 32‑bit overflow in nouveau_gem_pushbuf_reloc_apply() could cause incorrect relocation bounds checks: r->reloc_bo_offset + 4 is computed in 32‑bit space, wrapping before comparing to nvbo->bo.base.size. The fix casts ...

7.8CVSS5.8AI score0.00143EPSS
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:56 p.m.3 views

CVE-2026-46006

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check nouveaugempushbufrelocapply validates each relocation with if r-relocbooffset + 4 nvbo-bo.base.size but relocbooffset is u32 uapi/drm/nouveaudrm.h and the integer litera...

7.8CVSS6.2AI score0.00143EPSS
Exploits0References9Affected Software1
EUVD
EUVD
added 2026/05/27 12:56 p.m.13 views

EUVD-2026-32303

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check nouveaugempushbufrelocapply validates each relocation with if r-relocbooffset + 4 nvbo-bo.base.size but relocbooffset is u32 uapi/drm/nouveaudrm.h and the integer litera...

5.8AI score0.00143EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/27 12:56 p.m.48 views

CVE-2026-46006 drm/nouveau: fix u32 overflow in pushbuf reloc bounds check

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check nouveaugempushbufrelocapply validates each relocation with if r-relocbooffset + 4 nvbo-bo.base.size but relocbooffset is u32 uapi/drm/nouveaudrm.h and the integer litera...

7.8CVSS0.00143EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-46003

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: qrtr: ns: Limit the total number of nodes Currently, the nameserver doesn't limit the number of nodes it handles. This can be an attack vector if a malicio...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References3
Rows per page
Query Builder