Lucene search
K

409 matches found

Tenable Nessus
Tenable Nessus
added 5 days ago5 views

Linux Distros Unpatched Vulnerability : CVE-2026-8720

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wcBlake2bHmacFinal and wcBlake2sHmacFinal discard the message when the key length exceeds the block size, producing a MAC that is independent of the input. When...

7.5CVSS6AI score0.00111EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/26 12:32 a.m.5 views

EUVD-2026-39579

wcBlake2bHmacFinal and wcBlake2sHmacFinal discard the message when the key length exceeds the block size, producing a MAC that is independent of the input. When the supplied key is longer than the BLAKE2 block size the key-hashing branch reinitialized the running hash state, discarding the...

5.9CVSS5.9AI score0.00111EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 10:17 p.m.3 views

DEBIAN-CVE-2026-8720

wcBlake2bHmacFinal and wcBlake2sHmacFinal discard the message when the key length exceeds the block size, producing a MAC that is independent of the input. When the supplied key is longer than the BLAKE2 block size the key-hashing branch reinitialized the running hash state, discarding the...

7.5CVSS5.8AI score0.00111EPSS
Exploits0References1
NVD
NVD
added 2026/06/25 10:17 p.m.9 views

CVE-2026-8720

wcBlake2bHmacFinal and wcBlake2sHmacFinal discard the message when the key length exceeds the block size, producing a MAC that is independent of the input. When the supplied key is longer than the BLAKE2 block size the key-hashing branch reinitialized the running hash state, discarding the...

7.5CVSS0.00111EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/25 9:18 p.m.23 views

CVE-2026-8720 HMAC-BLAKE2 final discards message when key length exceeds block size

wcBlake2bHmacFinal and wcBlake2sHmacFinal discard the message when the key length exceeds the block size, producing a MAC that is independent of the input. When the supplied key is longer than the BLAKE2 block size the key-hashing branch reinitialized the running hash state, discarding the...

5.9CVSS0.00111EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 9:18 p.m.14 views

CVE-2026-8720

CVE-2026-8720 affects wolfSSL’s HMAC-BLAKE2 APIs (wc_Blake2bHmacFinal, wc_Blake2sHmacFinal). When the supplied key length exceeds the BLAKE2 block size, the key-hashing branch reinitializes the running hash state and discards accumulated message data, causing the MAC to depend only on the key and...

7.5CVSS5.9AI score0.00111EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/06/25 9:16 a.m.6 views

CVE-2026-53149

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Bound root directory content to block size tbpropertyparsedir does not check that contentoffset + contentlen fits within blocklen for the root directory case. When rootdir-length equals or exceeds blocklen - 2, the...

0.00176EPSS
Exploits0References8
OSV
OSV
added 2026/06/25 9:16 a.m.2 views

UBUNTU-CVE-2026-53149

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Bound root directory content to block size tbpropertyparsedir does not check that contentoffset + contentlen fits within blocklen for the root directory case. When rootdir-length equals or exceeds blocklen - 2, the...

5.1CVSS5.7AI score0.00176EPSS
Exploits0References11
Debian CVE
Debian CVE
added 2026/06/25 8:38 a.m.4 views

CVE-2026-53149

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Bound root directory content to block size tbpropertyparsedir does not check that contentoffset + contentlen fits within blocklen for the root directory case. When rootdir-length equals or exceeds blocklen - 2, the...

5.6AI score0.00176EPSS
Exploits0
EUVD
EUVD
added 2026/06/25 8:38 a.m.3 views

EUVD-2026-39240

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Bound root directory content to block size tbpropertyparsedir does not check that contentoffset + contentlen fits within blocklen for the root directory case. When rootdir-length equals or exceeds blocklen - 2, the...

5.7AI score0.00176EPSS
Exploits0References8
CVE
CVE
added 2026/06/25 8:38 a.m.9 views

CVE-2026-53149

CVE-2026-53149 affects the Linux kernel thunderbolt subsystem. The root cause is a missing bounds check in __tb_property_parse_dir(): content_offset + content_len is not verified to fit within block_len for the root directory case. If rootdir->length is at least block_len - 2, the entry loop m...

5.7AI score0.00176EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/06/25 8:38 a.m.4 views

CVE-2026-53133

In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fix truncation for block sizes = 4G When the iommu is used the linearization of the mapping can give a single block that is very large split across multiple SG entries. When rdmablockiternext reassembles the split SG...

7.8CVSS5.7AI score0.00129EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.7 views

PT-2026-52605

Name of the Vulnerable Software and Affected Versions wolfSSL version 5.9.0 Description The functions wc Blake2bHmacFinal and wc Blake2sHmacFinal discard the message when the key length exceeds the block size. This occurs because the key-hashing branch reinitializes the running hash state, which...

7.5CVSS5.9AI score0.00111EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/06/20 2:28 a.m.10 views

SUSE CVE-2026-55392

NILFS utilities through 2.3.0, fixed in commit 26efb5d, nilfssbisvalid function fails to validate slogblocksize field in NILFS2 superblock before bit-shift operations. Attackers supplying crafted NILFS2 images trigger undefined behavior through oversized shifts or out-of-memory conditions, crashi...

6.7CVSS5.8AI score0.00105EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nilfs2: A shift-out-of-bounds condition has been fixed due to an overly large exponent of the block size. If the slogblocksize field in the superblock data is corrupted and too large, initnilfs and loadnilfs may still trigger a...

5.7AI score0.00168EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ext2: Check block size validity during mount It is necessary to ensure that the value of the block size recorded in the superblock is valid. Otherwise, the shift operation used to calculate the block size may overflow, resulting ...

7.8CVSS5.3AI score0.00143EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Block: A check was added to ensure that the partition size must be aligned with the block size. Before calling the add partition or resize partition functions, there was no check to verify whether the partition size was aligned...

5.5CVSS5.2AI score0.00231EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Qemu

A “off-by-one” read/write issue was identified in the SDHCI device of QEMU. This issue occurs when reading/writing the Buffer Data Port Register using the sdhcireaddataport and sdhciwritedataport functions, specifically when datacount == blocksize. A malicious guest could exploit this flaw to cra...

8.6CVSS6.9AI score0.00802EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: When performing a btrfs mount, the block device is not set correctly. The user sets the block size of the block device to 0x4000 by executing the BLKBSZSET command. Since changing the block size also affects the...

6AI score0.00156EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Qemu

In QEMU versions up to 8.0.0, a division by zero can occur in the scsidiskreset function in hw/scsi/scsi-disk.c. This occurs because scsidiskemulatemodeselect does not prevent the s-qdev blocksize from being 256. This causes QEMU and the guest to stop functioning immediately...

5.5CVSS6.2AI score0.00376EPSS
Exploits1References2
Rows per page
Query Builder