Lucene search
K

616 matches found

Positive Technologies
Positive Technologies
added 5 days ago9 views

PT-2026-57215

Name of the Vulnerable Software and Affected Versions adm-zip versions prior to 0.5.18 Description A denial-of-service issue exists when parsing crafted ZIP files with a manipulated uncompressed size header field. The library allocates memory based on the declared uncompressed size from the ZIP...

7.5CVSS6.1AI score0.00432EPSS
Exploits0References5
OSV
OSV
added 2026/07/08 11:35 a.m.6 views

BIT-PHP-MIN-2026-14355 ext/openssl: Memory corruption in openssl_encrypt with AES-WRAP-PAD

In PHP versions 8.2. before 8.2.32, 8.3. before 8.3.32, 8.4. before 8.4.23, 8.5. before 8.5.8, the AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw. The output buffer for the AES key-wrap-with-padding operation is sized from the plaintext length without...

5.6CVSS6.1AI score0.00306EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/03 8:57 p.m.86 views

CVE-2026-14355 ext/openssl: Memory corruption in openssl_encrypt with AES-WRAP-PAD

In PHP versions 8.2. before 8.2.32, 8.3. before 8.3.32, 8.4. before 8.4.23, 8.5. before 8.5.8, the AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw. The output buffer for the AES key-wrap-with-padding operation is sized from the plaintext length without...

5.6CVSS0.00306EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/26 8:45 a.m.5 views

CVE-2026-53227

A flaw was found in the Linux kernel's Open vSwitch OVS component. This issue occurs due to incorrect error handling during the allocation of a 'reply' skb socket buffer after locking the ovsmutex. If the allocation fails, an invalid pointer may be passed to kfreeskb, leading to a system crash an...

5.5CVSS5.7AI score0.00136EPSS
Exploits0References4
OSV
OSV
added 2026/06/25 8:38 a.m.3 views

CVE-2026-53132 vsock/virtio: fix potential unbounded skb queue

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix potential unbounded skb queue virtiotransportincrxpkt checks vvs-rxbytes + len vvs-bufalloc. virtiotransportrecvenqueue skips coalescing for packets with VIRTIOVSOCKSEQEOM. If fed with packets with len == 0 and...

7.1CVSS5.8AI score0.0014EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.8 views

PT-2026-52461

Name of the Vulnerable Software and Affected Versions List::SomeUtils::XS versions prior to 0.59 Description A heap buffer overflow exists in the pairwise function. The function collects values returned by a block into a heap buffer sized according to the longer input array. When the buffer needs...

7.5CVSS6AI score0.00419EPSS
Exploits0References22
CVE
CVE
added 2026/06/24 4:30 p.m.9 views

CVE-2026-53102

Summary of CVE-2026-53102 (Linux kernel / wifi: mt76): The vulnerability concerns a memory leak in the mt76 driver for the mt76 wireless stack. Specifically, in mt76_connac_mcu_alloc_sta_req(), an skb allocated for MCU messaging is expected to be freed by mt76_mcu_skb_send_msg(), but if intermedi...

5.8AI score0.00156EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Input: pegasus-notetaker – fixed potential out-of-bounds access issues. In the pegasusnotetaker driver, the pegasusprobe function allocates the URB transfer buffer using the wMaxPacketSize value from the endpoint descriptor. An...

5.9AI score0.00184EPSS
Exploits0References3
NVD
NVD
added 2026/06/22 10:16 p.m.10 views

CVE-2026-48510

MessagePack for C is a MessagePack serializer for C. Prior to 2.5.301 and 3.1.7, when MessagePack-CSharp decompresses Lz4Block or Lz4BlockArray payloads, it reads declared uncompressed lengths from the wire and allocates output buffers based on those lengths before validating that the compressed...

7.5CVSS0.00236EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/22 9:16 p.m.6 views

CVE-2026-48510

MessagePack for C is a MessagePack serializer for C. Prior to 2.5.301 and 3.1.7, when MessagePack-CSharp decompresses Lz4Block or Lz4BlockArray payloads, it reads declared uncompressed lengths from the wire and allocates output buffers based on those lengths before validating that the compressed...

7.5CVSS5.9AI score0.00236EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.16 views

PT-2026-51394

Name of the Vulnerable Software and Affected Versions MessagePack for C versions prior to 2.5.301 MessagePack for C versions prior to 3.1.7 Description When decompressing Lz4Block or Lz4BlockArray payloads, the software reads declared uncompressed lengths from the wire and allocates output buffer...

7.5CVSS5.9AI score0.00236EPSS
Exploits0References7
OSV
OSV
added 2026/06/18 9:16 p.m.7 views

DEBIAN-CVE-2026-45696

OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, the HTJ2K High-Throughput JPEG 2000 decoder, htundoimpl in OpenEXRCore is vulnerable to a heap-buffer-overflow READ. The htundoimp...

6.5CVSS6AI score0.00263EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2026/06/17 11:5 p.m.13 views

netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake

A flaw was found in Netty, a network application framework. A remote attacker can exploit this vulnerability by sending a crafted TLS Transport Layer Security ClientHello message. This can lead to an eager allocation of a large memory buffer, causing a Denial of Service DoS due to excessive memor...

7.5CVSS5.4AI score0.00461EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/17 4:18 p.m.15 views

netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake

A flaw was found in Netty, a network application framework. A remote attacker can exploit this vulnerability by sending a crafted TLS Transport Layer Security ClientHello message. This can lead to an eager allocation of a large memory buffer, causing a Denial of Service DoS due to excessive memor...

7.5CVSS5.4AI score0.00461EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/17 3:45 p.m.10 views

netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake

A flaw was found in Netty, a network application framework. A remote attacker can exploit this vulnerability by sending a crafted TLS Transport Layer Security ClientHello message. This can lead to an eager allocation of a large memory buffer, causing a Denial of Service DoS due to excessive memor...

7.5CVSS5.4AI score0.00461EPSS
Exploits0References7
Redos
Redos
added 2026/06/15 12:0 a.m.9 views

ROS-20260615-73-0041

The vulnerability of the yuvensurebuffer function in the RDP client FreeRDP is related to incorrect calculations of the size of the buffer allocated. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending specially crafted NAL packets...

7.5CVSS5.7AI score0.00265EPSS
Exploits0
OSV
OSV
added 2026/06/12 3:16 p.m.7 views

UBUNTU-CVE-2026-45416

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, SslClientHelloHandler.decode reads the 24-bit TLS handshake length and, when the ClientHello does not fit in the first record, eagerly allocates...

7.5CVSS5.5AI score0.00461EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/12 2:10 p.m.12 views

EUVD-2026-36436

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, SslClientHelloHandler.decode reads the 24-bit TLS handshake length and, when the ClientHello does not fit in the first record, eagerly allocates...

7.5CVSS5.4AI score0.00461EPSS
Exploits0References3
OSV
OSV
added 2026/06/12 2:10 p.m.2 views

CVE-2026-45416 Netty: SNI handler pre-allocates up to 16 MiB from nine attacker bytes

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, SslClientHelloHandler.decode reads the 24-bit TLS handshake length and, when the ClientHello does not fit in the first record, eagerly allocates...

7.5CVSS6.1AI score0.00461EPSS
Exploits0References14
CVE
CVE
added 2026/06/12 2:10 p.m.315 views

CVE-2026-45416

Netty CVE-2026-45416 affects pre-4.1.135.Final and pre-4.2.15.Final versions. In SslClientHelloHandler.decode(), the 24-bit TLS handshake length is read and, if a ClientHello does not fit in the first record, Netty eagerly allocates ctx.alloc().buffer(handshakeLength). If maxClientHelloLength is ...

7.5CVSS5.4AI score0.00461EPSS
Exploits0References12Affected Software1
Rows per page
Query Builder