Lucene search
K

347 matches found

ATTACKERKB
ATTACKERKB
added 2 days ago5 views

CVE-2026-14178

openGauss 在处理带 NLS 参数的 totimestamp 调用时,totimestampwithfmtnls 会将 nlsfmtstr 保存到 usess-parsercxt.nlsfmtstr。在 seqscan + sort 执行路径下,该字符串原本被分配在 SeqScan 的表达式上下文中;当 SeqScan 完成后,该内存上下文会被 reset,但后续结果输出阶段 timestampout 仍会通过 CheckNlsFormat 访问 usess-parsercxt.nlsfmtstr,导致访问已释放内存。攻击者在具备数据库 SQL 执行权限的情况下,可构造特定...

5.9CVSS5.8AI score0.00351EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 6 days ago7 views

CVE-2026-53052

A flaw was found in the Linux kernel. The Advanced Linux Sound Architecture on Chip ASoC subsystem, specifically within the Qualcomm qdsp6 topology component, fails to verify the type of a virtual widget before accessing its private data. This oversight could allow an attacker to cause incorrect...

5.5CVSS5.8AI score0.00172EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: soundwire: bus: Fix unbalanced pmruntimeput causing usage count underflow This issue is addressed by the commit 443a98e649b4 “soundwire: bus: use pmruntimeresumeandget”. The calls to pmruntimeresumeandget are changed back to...

5.3AI score0.00166EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: LoongArch: BPF: Prevent out-of-bounds memory access The testtag test triggers an unhandled page fault: ./testtag 130.640218 CPU 0 Unable to handle kernel paging request at virtual address ffff80001b898004, era ==...

7.8CVSS6.4AI score0.00238EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.11 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fixed the missing initialization of the mrioc-evtackcmds array. The commit c1af985d27da “scsi: mpi3mr: Add Event acknowledgment logic” introduced an array mrioc-evtackcmds, but the initialization of its elements was...

5.3AI score0.00166EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in opensc

A vulnerability was discovered in the pkcs15-init tool in OpenSC. An attacker could use a specially crafted USB Device or Smart Card, which would send a specially crafted response to APDUs to the system. When buffers are partially filled with data, the initialized parts of the buffer can be...

3.9CVSS6.7AI score0.00293EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/lbr: Fixed an unchecked MSR access error related to HSW. The fuzzer triggers the following trace: 7763.384369 Unchecked MSR access error: WRMSR to 0x689 attempted to write 0x1fffffff8101349e at rIP:...

5.5CVSS5.5AI score0.00204EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in xorg-server

A flaw was discovered in xorg-server. Changing the actions of XKB buttons, such as moving between the touchpad and the mouse, can lead to out-of-bounds memory reads and writes. This may allow for local privilege escalation or potential remote code execution, especially in cases where X11 forwardi...

7.8CVSS6.9AI score0.01587EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in binutils

A issue was discovered in the Binary File Descriptor BFD library also known as libbfd, as distributed in GNU Binutils 2.31. An invalid memory access exists in bfdzalloc in opncls.c. Attackers could exploit this vulnerability to cause a denial of service application crash through a crafted ELF fil...

5.5CVSS6.2AI score0.01239EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: misc: pciendpointtest: Free IRQs before removing the device. In the pciendpointtestremove function, freeing the IRQs after removing the device creates a small race window during the test process. This allows IRQs to be received b...

5.2AI score0.00176EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.16 views

PT-2026-50828

Name of the Vulnerable Software and Affected Versions Mitsubishi Electric MELSEC iQ-F Series FX5-EIP EtherNet/IP module versions 1.000 and prior Description An integer overflow or wraparound in the EtherNet/IP function allows a remote attacker to cause a denial-of-service DoS condition. By rapidl...

8.7CVSS6AI score0.00379EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-46278

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/imagination: Fix segfault when updating ftrace mask Fix invalid data access by passing right data for debugfs entry. 171.549793 Unable to handle kernel NULL...

5.9AI score0.00155EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/08 8:59 p.m.11 views

CVE-2026-42500

Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...

5.3CVSS5.4AI score0.00384EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/03 3:49 p.m.37 views

CVE-2026-46254 AppArmor: Allow apparmor to handle unaligned dfa tables

In the Linux kernel, the following vulnerability has been resolved: AppArmor: Allow apparmor to handle unaligned dfa tables The dfa tables can originate from kernel or userspace and 8-byte alignment isn't always guaranteed and as such may trigger unaligned memory accesses on various architectures...

0.00114EPSS
Exploits0References4
OSV
OSV
added 2026/05/28 2:52 p.m.5 views

SUSE-SU-2026:21912-1 Security update for qemu

This update for qemu fixes the following issues - CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto bsc1255400. - CVE-2026-0665: out-of-bounds heap access can lead to a denial of service or potential memory corruption bsc1256484. - CVE-2026-2243: incorrect bounds check leads to heap...

7.4CVSS6.9AI score0.00143EPSS
Exploits1References13
RedHat Linux
RedHat Linux
added 2026/05/26 2:0 a.m.17 views

xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access

A flaw was found in the X.Org X server's XKB key types request validation. A local attacker could send a specially crafted request to the X server, leading to an out-of-bounds memory access vulnerability. This could result in the disclosure of sensitive information or cause the server to crash,...

7.8CVSS5.7AI score0.0025EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/05/26 12:0 a.m.11 views

CVE-2026-48685

FastNetMon Community Edition through 1.2.9 has out-of-bounds memory access because it incorrectly parses BGP path attributes with the extended length flag set. In src/bgpprotocol.hpp, the parserawbgpattribute function correctly identifies when extendedlengthbit is set and sets lengthoflengthfield...

6.5CVSS5.8AI score0.00295EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/05/14 7:8 p.m.10 views

CVE-2026-43996

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, the bounds check in TGAInput::decodepixel computes k + palbytespp as unsigned 32-bit arithmetic. When k = 0xFFFFFFFC and palbytespp = 4...

5.5CVSS5.9AI score0.00177EPSS
Exploits1
OSV
OSV
added 2026/05/13 8:16 p.m.5 views

UBUNTU-CVE-2026-28379

A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map access error. This results in complete service unavailability requiring restart of the Grafana server...

6.5CVSS5.8AI score0.00262EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/05/13 7:28 p.m.9 views

CVE-2026-28379

A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map access error. This results in complete service unavailability requiring restart of the Grafana server...

6.5CVSS5.8AI score0.00262EPSS
Exploits0References1
Rows per page
Query Builder