Lucene search
K

1422 matches found

RedhatCVE
RedhatCVE
added yesterday4 views

CVE-2026-58207

A flaw was found in NATS Server. A client with the ability to send account-scoped connection monitoring requests could crash the server. This is achieved by providing pagination offset and limit values that cause an arithmetic overflow, leading to a Denial of Service DoS. Mitigation Upstream...

7.7CVSS6AI score0.0056EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added yesterday5 views

CVE-2026-38076

A flaw was found in jbig2dec. An integer overflow vulnerability in the jbig2arithiaidctxnew function allows a remote attacker to cause a Denial of Service DoS by providing a specially crafted input. This can lead to the affected system becoming unresponsive or crashing, disrupting its normal...

7.5CVSS6.1AI score0.00166EPSS
Exploits0References6
EUVD
EUVD
added yesterday4 views

EUVD-2026-42767

An integer overflow in the jbig2arithiaidctxnew function of Artifex commit cc37d0 allows attackers to cause a Denial of Service DoS via a crafted input...

7.5CVSS6AI score0.00166EPSS
Exploits0References4
CVE
CVE
added 2 days ago11 views

CVE-2026-38076

CVE-2026-38076 concerns an integer overflow in the Artifex jbig2dec code, specifically the function jbig2_arith_iaid_ctx_new() introduced in commit cc37d0. This overflow can be triggered by a crafted input to cause a Denial of Service (DoS) by making the affected system unresponsive or crash. The...

7.5CVSS6AI score0.00166EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/26 8:4 p.m.8 views

CVE-2026-52972

A flaw was found in the Linux kernel's afalg cryptography module. This vulnerability involves an arithmetic overflow when processing associated data lengths during the transmit buffer size check. A remote attacker could exploit this flaw by providing a specially crafted associated data length,...

7CVSS6AI score0.0014EPSS
Exploits0References4
OSV
OSV
added 2026/06/26 8:29 a.m.2 views

SUSE-SU-2026:22376-1 Security update for google-guest-agent

This update for google-guest-agent fixes the following issues - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2 :path pseudo- header bsc1260264. - CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allo...

10CVSS6.7AI score0.01557EPSS
Exploits1References21
NVD
NVD
added 2026/06/25 9:16 a.m.6 views

CVE-2026-53171

In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: fix arithmetic issues in dmalength dmalength derives DMA region usage from command stream values and updates regionsize: len = len + stride0 size0 + stride1 size1 regionsizeregion = max..., len + dma-offset Several...

8.8CVSS0.00137EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/25 8:38 a.m.29 views

CVE-2026-53171 accel/ethosu: fix arithmetic issues in dma_length()

In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: fix arithmetic issues in dmalength dmalength derives DMA region usage from command stream values and updates regionsize: len = len + stride0 size0 + stride1 size1 regionsizeregion = max..., len + dma-offset Several...

8.8CVSS0.00137EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/06/25 12:0 a.m.3 views

The vulnerability of the `snd_usb_create_streams()` function in Linux operating system USB audio drivers allows a hacker to cause a service failure.

The vulnerability of the sndusbcreatestreams function in the Linux operating system’s USB audio driver is related to pointer arithmetic errors. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS5.8AI score0.00171EPSS
Exploits0References15Affected Software4
NVD
NVD
added 2026/06/24 5:17 p.m.8 views

CVE-2026-52968

In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pci: fix GAIT table indexing due to double-scaling pointer arithmetic kvms390pciaifenable, kvms390pciaifdisable, and aenhostforward index the GAIT by manually multiplying the index with sizeofstruct zpcigaite. Since...

0.0018EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:28 p.m.6 views

CVE-2026-52968

In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pci: fix GAIT table indexing due to double-scaling pointer arithmetic kvms390pciaifenable, kvms390pciaifdisable, and aenhostforward index the GAIT by manually multiplying the index with sizeofstruct zpcigaite. Since...

5.7AI score0.0018EPSS
Exploits0References7Affected Software1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in openexr

OpenEXR provides the specification and reference implementation of the EXR file format, a image storage format for the motion picture industry. From version 3.2.0 up to versions 3.2.7, 3.3.9, and 3.4.9, the DWA lossy decoder used signed 32-bit arithmetic to construct temporary per-component block...

8.8CVSS5.7AI score0.00419EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.6 views

PT-2026-51862

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the KVM s390 PCI implementation where the GAIT table is indexed using double-scaling pointer arithmetic. The functions kvm s390 pci aif enable, kvm s390 pci aif disabl...

6AI score0.0018EPSS
Exploits0References15
OSV
OSV
added 2026/06/20 6:52 a.m.2 views

SUSE-SU-2026:22193-1 Security update for mcphost

This update for mcphost fixes the following issues - CVE-2026-25680,CVE-2026-25681,CVE-2026-27136,CVE-2026-42502,CVE-2026-42506: golang.org/x/net/html: multiple issues when parsing HTML files bsc1267109. - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad...

10CVSS5.9AI score0.00781EPSS
Exploits0References25
Cvelist
Cvelist
added 2026/06/19 6:14 p.m.22 views

CVE-2026-49293 CPU exhaustion via O(n^2) BigInt construction on radix-prefixed integer literals

js-toml is a TOML parser for JavaScript, fully compliant with the TOML 1.0.0 Spec. Versions up to and including 1.1.0 parse hexadecimal / octal / binary integer literals via a hand-written parseBigInt loop that multiplies a BigInt accumulator by the radix once per input digit. Each iteration...

7.5CVSS0.00415EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in protobuf-c

It was discovered that Protobuf-c v1.4.0 contains an invalid arithmetic shift through the parsetagandwiretype function in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Service DoS attack through unspecified vectors...

5.5CVSS6.3AI score0.01065EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1, Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi: mvm – Fixed a memory corruption issue A few lines above, space is allocated using kzalloc for: sizeofstruct iwlnvmdata + sizeofstruct ieee80211channel + sizeofstruct ieee80211rate mvm-nvmdata is a struct iwlnvmdata...

7.8CVSS6.2AI score0.00237EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: bnxt: Avoid overflow in bnxtgetnvramdirectory. The value of an arithmetic expression may be subject to overflow due to a failure to cast the operands to a larger data type before performing arithmetic operations. A macro was used...

5.5CVSS6.1AI score0.00145EPSS
Exploits0References2
OSV
OSV
added 2026/06/11 12:0 p.m.18 views

RUSTSEC-2026-0176 Out-of-bounds read in `nth` / `nth_back` for `PyList` and `PyTuple` iterators

PyO3 0.24.0 added optimized implementations of Iterator::nth and DoubleEndedIterator::nthback for the BoundListIterator and BoundTupleIterator types. These implementations computed the target index using unchecked usize addition index + n before bounds-checking against the sequence length, then...

5.8AI score
Exploits0References3
RustSec
RustSec
added 2026/06/11 12:0 p.m.12 views

Out-of-bounds read in `nth` / `nth_back` for `PyList` and `PyTuple` iterators

PyO3 0.24.0 added optimized implementations of Iterator::nth and DoubleEndedIterator::nthback for the BoundListIterator and BoundTupleIterator types. These implementations computed the target index using unchecked usize addition index + n before bounds-checking against the sequence length, then...

5.8AI score
Exploits0Affected Software1
Rows per page
Query Builder