Lucene search
K

312 matches found

OSV
OSV
added 2026/06/26 8:17 p.m.3 views

DEBIAN-CVE-2026-53283

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Bounds-check devid in rlookupamdiommu iommudeviceregister walks every device on the PCI bus via busforeachdev and calls amdiommuprobedevice for each. The inlined checkdevice path computes the device's sbdf, calls...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 8:17 p.m.9 views

CVE-2026-53283

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Bounds-check devid in rlookupamdiommu iommudeviceregister walks every device on the PCI bus via busforeachdev and calls amdiommuprobedevice for each. The inlined checkdevice path computes the device's sbdf, calls...

5.5CVSS0.00121EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 9:16 a.m.5 views

CVE-2026-53182

In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject oversized EMA RNR lists nl80211parsernrelems stores the parsed element count in a u8-backed cfg80211rnrelems::cnt field and uses that count to size the flexible array allocation. Reject nested...

7.8CVSS0.00138EPSS
Exploits0References6
OSV
OSV
added 2026/06/25 9:16 a.m.5 views

UBUNTU-CVE-2026-53182

In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject oversized EMA RNR lists nl80211parsernrelems stores the parsed element count in a u8-backed cfg80211rnrelems::cnt field and uses that count to size the flexible array allocation. Reject nested...

8.5CVSS5.7AI score0.00138EPSS
Exploits0References9
CVE
CVE
added 2026/06/25 8:38 a.m.20 views

CVE-2026-53186

CVE-2026-53186 affects the Linux kernel SRP path in RDMA: the SRP_RSP data length (resp_data_len) is not bounded by the actual received bytes, risking an out-of-bounds read when processing sense data. The copy is capped to 96 bytes, but the source offset can point far past the received data, pote...

9.1CVSS6AI score0.00544EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/06/25 8:38 a.m.23 views

CVE-2026-53182

CVE-2026-53182 affects the Linux kernel nl80211: rejects oversized EMA RNR lists in nl80211_parse_rnr_elems, using a u8 counter and capping at 255 to align with the underlying data structure. Several advisories (Red Hat, Debian family, Ubuntu OSV entries, and Root) confirm patches are released in...

7.8CVSS5.7AI score0.00138EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/06/25 8:38 a.m.2 views

CVE-2026-53182 wifi: nl80211: reject oversized EMA RNR lists

In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject oversized EMA RNR lists nl80211parsernrelems stores the parsed element count in a u8-backed cfg80211rnrelems::cnt field and uses that count to size the flexible array allocation. Reject nested...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/06/25 8:38 a.m.32 views

CVE-2026-53182 wifi: nl80211: reject oversized EMA RNR lists

In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject oversized EMA RNR lists nl80211parsernrelems stores the parsed element count in a u8-backed cfg80211rnrelems::cnt field and uses that count to size the flexible array allocation. Reject nested...

7.8CVSS0.00138EPSS
Exploits0References6
OSV
OSV
added 2026/06/24 9:37 p.m.2 views

SUSE-SU-2026:22270-1 Security update for libgcrypt

This update for libgcrypt fixes the following issue - CVE-2026-41990: lack of bound check can lead to mishandling of Dilithium signing bsc1262693...

4CVSS5.8AI score0.00176EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 9:37 p.m.2 views

SUSE-SU-2026:22355-1 Security update for libgcrypt

This update for libgcrypt fixes the following issue - CVE-2026-41990: lack of bound check can lead to mishandling of Dilithium signing bsc1262693...

4CVSS5.8AI score0.00176EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 9:36 p.m.2 views

OPENSUSE-SU-2026:21047-1 Security update for libgcrypt

This update for libgcrypt fixes the following issue - CVE-2026-41990: lack of bound check can lead to mishandling of Dilithium signing bsc1262693...

4CVSS5.8AI score0.00176EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.2 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: - svcrdma: The bound check of rqpages index in the inline path. - svcrdmacopyInlineRange: Indexing rqstp-rqpagesrccurpage without verifying that rccurpage remains within the allocated page array. Add guards before the first us...

7.8CVSS6AI score0.00129EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.0, a client-side heap buffer overflow occurred in the FreeRDP client’s AVC420/AVC444 YUV-to-RGB conversion process. This issue arose due to a lack of validation of the horizontal bounds of the H.264 metablock...

8.2CVSS6AI score0.00323EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: validate numifs to prevent out-of-bounds write The driver obtains swattr.numifs from the firmware via dpswgetattributes, but never validates it against DPSWMAXIF 64. This value controls the iteration in...

7.8CVSS5.8AI score0.00139EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/19 8:9 p.m.6 views

CVE-2026-49295

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.20, a crafted H.265 bitstream can cause an out-of-bounds array write in decodercontext::processreferencepictureset libde265/decctx.cc:1376. The root cause is a missing aggregate bound check on predicted...

7.1CVSS5.9AI score0.00227EPSS
Exploits1
OSV
OSV
added 2026/06/04 7:16 p.m.12 views

UBUNTU-CVE-2026-36499

A missing upper-bound check in the udpifsetthreads function of Open vSwitch v3.6.90 allows an attacker with OVSDB write access to request an excessive number of handler or revalidation threads. This can cause a denial of service DoS via resource exhaustion...

6.5CVSS5.3AI score0.00328EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/04 12:0 a.m.7 views

CVE-2026-36499

A missing upper-bound check in the udpifsetthreads function of Open vSwitch v3.6.90 allows an attacker with OVSDB write access to request an excessive number of handler or revalidation threads. This can cause a denial of service DoS via resource exhaustion...

5.8AI score0.00328EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/04 12:0 a.m.11 views

EUVD-2026-34317

A missing upper-bound check in the udpifsetthreads function of Open vSwitch v3.6.90 allows an attacker with OVSDB write access to request an excessive number of handler or revalidation threads. This can cause a denial of service DoS via resource exhaustion...

6.5CVSS5.8AI score0.00328EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/04 12:0 a.m.32 views

CVE-2026-36499

A missing upper-bound check in the udpifsetthreads function of Open vSwitch v3.6.90 allows an attacker with OVSDB write access to request an excessive number of handler or revalidation threads. This can cause a denial of service DoS via resource exhaustion...

0.00328EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 12:0 a.m.23 views

CVE-2026-36499

Open vSwitch v3.6.90 contains a missing upper-bound check in udpif_set_threads(); with OVSDB write access, an attacker can request excessive handler/revalidation threads, causing DoS via resource exhaustion. Documented across NVD entries and vuln lists; exploitation status is not detailed in the ...

6.5CVSS5.8AI score0.00328EPSS
Exploits0References1
Rows per page
Query Builder