Lucene search
K

605 matches found

Cvelist
Cvelist
added 6 days ago75 views

CVE-2026-14355 ext/openssl: Memory corruption in openssl_encrypt with AES-WRAP-PAD

In PHP versions 8.2. before 8.2.32, 8.3. before 8.3.32, 8.4. before 8.4.23, 8.5. before 8.5.8, the AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw. The output buffer for the AES key-wrap-with-padding operation is sized from the plaintext length without...

5.6CVSS0.00276EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/26 8:45 a.m.5 views

CVE-2026-53227

A flaw was found in the Linux kernel's Open vSwitch OVS component. This issue occurs due to incorrect error handling during the allocation of a 'reply' skb socket buffer after locking the ovsmutex. If the allocation fails, an invalid pointer may be passed to kfreeskb, leading to a system crash an...

5.5CVSS5.7AI score0.00136EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.7 views

PT-2026-52461

Name of the Vulnerable Software and Affected Versions List::SomeUtils::XS versions prior to 0.59 Description A heap buffer overflow exists in the pairwise function. The function collects values returned by a block into a heap buffer sized according to the longer input array. When the buffer needs...

7.5CVSS6AI score0.00419EPSS
Exploits0References10
NVD
NVD
added 2026/06/22 10:16 p.m.9 views

CVE-2026-48510

MessagePack for C is a MessagePack serializer for C. Prior to 2.5.301 and 3.1.7, when MessagePack-CSharp decompresses Lz4Block or Lz4BlockArray payloads, it reads declared uncompressed lengths from the wire and allocates output buffers based on those lengths before validating that the compressed...

7.5CVSS0.00236EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/22 9:16 p.m.6 views

CVE-2026-48510

MessagePack for C is a MessagePack serializer for C. Prior to 2.5.301 and 3.1.7, when MessagePack-CSharp decompresses Lz4Block or Lz4BlockArray payloads, it reads declared uncompressed lengths from the wire and allocates output buffers based on those lengths before validating that the compressed...

7.5CVSS5.9AI score0.00236EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.13 views

PT-2026-51394

Name of the Vulnerable Software and Affected Versions MessagePack for C versions prior to 2.5.301 MessagePack for C versions prior to 3.1.7 Description When decompressing Lz4Block or Lz4BlockArray payloads, the software reads declared uncompressed lengths from the wire and allocates output buffer...

7.5CVSS5.9AI score0.00236EPSS
Exploits0References7
OSV
OSV
added 2026/06/18 9:16 p.m.6 views

DEBIAN-CVE-2026-45696

OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, the HTJ2K High-Throughput JPEG 2000 decoder, htundoimpl in OpenEXRCore is vulnerable to a heap-buffer-overflow READ. The htundoimp...

6.5CVSS6AI score0.00263EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2026/06/17 11:5 p.m.8 views

netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake

A flaw was found in Netty, a network application framework. A remote attacker can exploit this vulnerability by sending a crafted TLS Transport Layer Security ClientHello message. This can lead to an eager allocation of a large memory buffer, causing a Denial of Service DoS due to excessive memor...

7.5CVSS5.4AI score0.00461EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/17 4:18 p.m.12 views

netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake

A flaw was found in Netty, a network application framework. A remote attacker can exploit this vulnerability by sending a crafted TLS Transport Layer Security ClientHello message. This can lead to an eager allocation of a large memory buffer, causing a Denial of Service DoS due to excessive memor...

7.5CVSS5.4AI score0.00461EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/17 3:45 p.m.6 views

netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake

A flaw was found in Netty, a network application framework. A remote attacker can exploit this vulnerability by sending a crafted TLS Transport Layer Security ClientHello message. This can lead to an eager allocation of a large memory buffer, causing a Denial of Service DoS due to excessive memor...

7.5CVSS5.4AI score0.00461EPSS
Exploits0References7
Redos
Redos
added 2026/06/15 12:0 a.m.7 views

ROS-20260615-73-0041

The vulnerability of the yuvensurebuffer function in the RDP client FreeRDP is related to incorrect calculations of the size of the buffer allocated. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending specially crafted NAL packets...

7.5CVSS5.7AI score0.00265EPSS
Exploits0
OSV
OSV
added 2026/06/12 3:16 p.m.4 views

UBUNTU-CVE-2026-45416

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, SslClientHelloHandler.decode reads the 24-bit TLS handshake length and, when the ClientHello does not fit in the first record, eagerly allocates...

7.5CVSS5.5AI score0.00461EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/12 2:10 p.m.11 views

EUVD-2026-36436

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, SslClientHelloHandler.decode reads the 24-bit TLS handshake length and, when the ClientHello does not fit in the first record, eagerly allocates...

7.5CVSS5.4AI score0.00461EPSS
Exploits0References3
CVE
CVE
added 2026/06/12 2:10 p.m.264 views

CVE-2026-45416

Netty CVE-2026-45416 affects pre-4.1.135.Final and pre-4.2.15.Final versions. In SslClientHelloHandler.decode(), the 24-bit TLS handshake length is read and, if a ClientHello does not fit in the first record, Netty eagerly allocates ctx.alloc().buffer(handshakeLength). If maxClientHelloLength is ...

7.5CVSS5.4AI score0.00461EPSS
Exploits0References11Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2026/06/09 12:0 a.m.20 views

QEMU calc_image_hostmem Integer Overflow Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of QEMU. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the virtio-gpu driver. Th...

8.8CVSS7.7AI score
Exploits0References1
OSV
OSV
added 2026/06/08 5:16 p.m.6 views

UBUNTU-CVE-2026-46305

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: osdep: avoid NULL pointer dereference in rtwcbufalloc The return value of kzallocflex is used without ensuring that the allocation succeeded, and the pointer is dereferenced unconditionally. Guard the access t...

5.3AI score0.00145EPSS
Exploits0References5
CVE
CVE
added 2026/06/08 3:46 p.m.28 views

CVE-2026-46305

CVE-2026-46305 affects the Linux kernel, specifically the staging/rtl8723bs path. The issue arises when kzalloc_flex()’s return value is used without checking for allocation failure, leading to a potential NULL pointer dereference when accessing the allocated structure. The fix guards access to t...

5.5CVSS5.4AI score0.00145EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:11 p.m.8 views

CVE-2026-44004

A flaw was found in vm2 before 3.11.0. Sandboxed code can call Buffer.alloc with arbitrary size to allocate on the host heap synchronously; vm2 timeout cannot interrupt the native C++ call, allowing a single request to exhaust host memory and crash the process. Fixed in 3.11.0...

8.6CVSS6AI score0.00424EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/06/03 3:50 p.m.7 views

CVE-2026-46272

In the Linux kernel, the following vulnerability has been resolved: coresight: tmc-etr: Fix race condition between sysfs and perf mode When trying to run perf and sysfs mode simultaneously, the WARNON in tmcetrenablehw is triggered sometimes: WARNING: CPU: 42 PID: 3911571 at...

5.8AI score0.00088EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/06/03 3:50 p.m.27 views

CVE-2026-46272

The CVE-2026-46272 issue is a race in the Linux kernel CoreSight TMC ETR driver that occurs when sysfs and perf modes are enabled concurrently. A WARN_ON in tmc_etr_enable_hw() can trigger due to a race between the two critical regions (sysfs buffer allocation vs. hardware enablement). The fix ad...

4.7CVSS5.9AI score0.00088EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder