Lucene search
K

249 matches found

OSV
OSV
added 2026/06/24 8:16 a.m.3 views

UBUNTU-CVE-2026-52927

In the Linux kernel, the following vulnerability has been resolved: netfilter: ebtables: fix OOB read in compatmtwfromuser Luxiao Xu says: The function compatmtwfromuser converts ebtables extensions from 32-bit user structures to kernel native structures. However, it lacks proper validation of th...

7.8CVSS5.6AI score0.0012EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-52915

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: ip6thbh: reject oversized option lists struct ip6topts stores at most IP6TOPTSOPTSNR option descriptors, but hbhmt6check does not reject larger optsn...

7.1CVSS6AI score0.00126EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/29 7:40 p.m.14 views

EUVD-2026-33433

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs. The bug is in gdiCacheToSurface: it validates a destination rectangle that is clamped to UINT16MA...

8.8CVSS5.9AI score0.0042EPSS
Exploits1References1
OSV
OSV
added 2026/05/26 7:31 p.m.19 views

JLSEC-2026-541

A flaw was found in openjpeg's src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as...

8.3CVSS6.9AI score0.01329EPSS
Exploits0References10
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.16 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: Atacade: Ahci: Matching EMMAXSLOTS with SATAPMPMAXPORTS UBSAN reports an array-index-out-of-bounds issue: 1.980703 Kernel: UBSAN: Array-index out of bounds in /build/linux-9H675w/linux-5.15.0/drivers/ata/libahci.c:968:41 1.980709...

7.8CVSS6.2AI score0.00153EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: perf: Make sure to use pmuctx-pmu for groups. Oliver reported that x86pmudel actually performs an out-of-bound memory access when groupschedin fails and requires a rollback. This issue should be handled through transaction...

7.8CVSS4.5AI score0.00129EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/05/06 11:27 a.m.7 views

CVE-2026-43141

In the Linux kernel, the following vulnerability has been resolved: ntb: ntbhwswitchtec: Fix shift-out-of-bounds for 0 mw lut Number of MW LUTs depends on NTB configuration and can be set to zero, in such scenario rounddownpowoftwo will cause undefined behaviour and should not be performed. This...

7.1CVSS5.7AI score0.00131EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.15 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from array out-of-bounds access during the 22000 series SMEM parsing in iwlwifi...

8.8CVSS5.8AI score0.00256EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.21 views

RHEL 8 : kernel (RHSA-2026:13577)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13577 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nvme: avoid double free speci...

9.8CVSS6.7AI score0.96267EPSS
Exploits230References14
Tenable Nessus
Tenable Nessus
added 2026/04/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-31614

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: fix off-by-8 bounds check in checkwsleas The bounds check uses u8 ea + nlen + 1 + vlen as the end of the EA name and value, but eadata sits at offs...

7.1CVSS6.7AI score0.00126EPSS
Exploits0References3
NVD
NVD
added 2026/04/24 3:16 p.m.8 views

CVE-2026-31607

In the Linux kernel, the following vulnerability has been resolved: usbip: validate numberofpackets in usbippackretsubmit When a USB/IP client receives a RETSUBMIT response, usbippackretsubmit unconditionally overwrites urb-numberofpackets from the network PDU. This value is subsequently used as...

9.8CVSS0.00311EPSS
Exploits0References17
OSV
OSV
added 2026/04/16 6:9 p.m.8 views

CLSA-2026-1776362968 Fix CVE(s): CVE-2026-0968

SECURITY UPDATE: heap read past bounds in sftpparselongname from malicious SFTP longname field - debian/patches/CVE-2026-0968.patch: validate longname pointer and longnamefield; bound string walks at NUL; fail if field not found - CVE-2026-0968...

3.1CVSS5.8AI score0.00442EPSS
Exploits0References1
OSV
OSV
added 2026/04/16 5:49 p.m.15 views

CLSA-2026-1776361748 Fix CVE(s): CVE-2026-0968

SECURITY UPDATE: heap read past bounds in sftpparselongname from malicious SFTP longname field - debian/patches/CVE-2026-0968.patch: validate longname pointer and longnamefield; bound string walks at NUL; fail if field not found - CVE-2026-0968...

3.1CVSS5.8AI score0.00442EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.4 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006813)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006813 advisory. In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the inode number is not the invalid value of zero Syskiller has produced an out o...

7.1CVSS6.4AI score0.0028EPSS
Exploits0References3
OSV
OSV
added 2026/03/30 9:43 p.m.6 views

CVE-2026-33987 FreeRDP: Persistent Cache bmpSize Desync - Heap OOB Write

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in persistentcachereadentryv3 in libfreerdp/cache/persistent.c, persistent-bmpSize is updated before winpralignedrecalloc. If realloc fails, bmpSize is inflated while bmpData points to the old buffer. This...

7.1CVSS5.8AI score0.001EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/25 10:27 a.m.30 views

CVE-2026-23378 net/sched: act_ife: Fix metalist update behavior

In the Linux kernel, the following vulnerability has been resolved: net/sched: actife: Fix metalist update behavior Whenever an ife action replace changes the metalist, instead of replacing the old data on the metalist, the current ife code is appending the new metadata. Aside from being...

7.8CVSS0.00129EPSS
Exploits0References6
NVD
NVD
added 2026/03/10 7:43 a.m.9 views

CVE-2026-28493

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16, an integer overflow vulnerability exists in the SIXEL decoer. The vulnerability allows an attacker to perform an out of bounds via a specially crafted image. This vulnerabili...

6.5CVSS0.00194EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/03 1:37 p.m.7 views

CVE-2026-20426

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5538...

6.7CVSS5.9AI score0.00077EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/02/24 12:0 a.m.8 views

MiracleLinux 8 : kernel-4.18.0-553.105.1.el8_10 (AXSA:2026-216:13)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-216:13 advisory. kernel: smc: Use skdstget and dstdevrcu in smcclcprfxmatch CVE-2025-40168 kernel: Linux kernel Bluetooth: Denial of Service due to use-after-free in...

5.7AI score0.00171EPSS
Exploits0References4
NVD
NVD
added 2026/02/13 5:16 p.m.8 views

CVE-2025-70121

An array index out of bounds vulnerability in the AMF component of free5GC v4.0.1 allows remote attackers to cause a denial of service via a crafted 5GS Mobile Identity in a NAS Registration Request message. The issue occurs in the GetSUCI method NASMobileIdentity5GS.go when accessing index 5 of ...

7.5CVSS0.0034EPSS
Exploits1References1
Rows per page
Query Builder