Lucene search
K

1274 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.11 views

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-46597)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-46597 advisory. - An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM pack...

7.5CVSS5.8AI score0.00359EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/28 3:54 a.m.14 views

SUSE CVE-2026-46006

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check nouveaugempushbufrelocapply validates each relocation with if r-relocbooffset + 4 nvbo-bo.base.size but relocbooffset is u32 uapi/drm/nouveaudrm.h and the integer litera...

5.5CVSS5.8AI score0.00129EPSS
Exploits0References3
NVD
NVD
added 2026/05/27 2:17 p.m.9 views

CVE-2026-46006

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check nouveaugempushbufrelocapply validates each relocation with if r-relocbooffset + 4 nvbo-bo.base.size but relocbooffset is u32 uapi/drm/nouveaudrm.h and the integer litera...

7.8CVSS0.00129EPSS
Exploits0References8
OSV
OSV
added 2026/05/27 2:17 p.m.4 views

UBUNTU-CVE-2026-46006

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check nouveaugempushbufrelocapply validates each relocation with if r-relocbooffset + 4 nvbo-bo.base.size but relocbooffset is u32 uapi/drm/nouveaudrm.h and the integer litera...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:56 p.m.3 views

CVE-2026-46006

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check nouveaugempushbufrelocapply validates each relocation with if r-relocbooffset + 4 nvbo-bo.base.size but relocbooffset is u32 uapi/drm/nouveaudrm.h and the integer litera...

7.8CVSS6.2AI score0.00129EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2026/05/27 12:56 p.m.45 views

CVE-2026-46006 drm/nouveau: fix u32 overflow in pushbuf reloc bounds check

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check nouveaugempushbufrelocapply validates each relocation with if r-relocbooffset + 4 nvbo-bo.base.size but relocbooffset is u32 uapi/drm/nouveaudrm.h and the integer litera...

7.8CVSS0.00129EPSS
Exploits0References8
CVE
CVE
added 2026/05/27 12:56 p.m.25 views

CVE-2026-46006

The CVE-2026-46006 entry concerns the Linux kernel’s drm/nouveau driver. A 32‑bit overflow in nouveau_gem_pushbuf_reloc_apply() could cause incorrect relocation bounds checks: r->reloc_bo_offset + 4 is computed in 32‑bit space, wrapping before comparing to nvbo->bo.base.size. The fix casts ...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2026/05/22 4:16 a.m.5 views

UBUNTU-CVE-2026-46598

For certain crafted inputs, a 'ed25519.PrivateKey' was created by casting malformed wire bytes, leading to a panic when used...

5.3CVSS5.8AI score0.00313EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/05/22 2:31 a.m.9 views

CVE-2026-46598

For certain crafted inputs, a 'ed25519.PrivateKey' was created by casting malformed wire bytes, leading to a panic when used...

5.3CVSS5.8AI score0.00313EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/22 2:31 a.m.8 views

CVE-2026-46597 Invoking byte arithmetic causes underflow and panic in golang.org/x/crypto/ssh

An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs...

5.8AI score0.00359EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/22 2:31 a.m.57 views

CVE-2026-46597 Invoking byte arithmetic causes underflow and panic in golang.org/x/crypto/ssh

An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs...

0.00359EPSS
Exploits0References4
OSV
OSV
added 2026/05/22 2:8 a.m.9 views

GO-2026-5033 Invoking pathological inputs can lead to client panic in golang.org/x/crypto/ssh/agent

For certain crafted inputs, a 'ed25519.PrivateKey' was created by casting malformed wire bytes, leading to a panic when used...

5.3CVSS5.8AI score0.00313EPSS
Exploits0References3
NVD
NVD
added 2026/05/20 6:16 p.m.19 views

CVE-2026-30691

Cross-Site Scripting XSS vulnerability in @cyntler/react-doc-viewer v1.17.1 allows remote attackers to execute arbitrary JavaScript via a crafted .txt file. The TXTRenderer component fails to sanitize file content and explicitly casts raw data as a ReactNode...

6.1CVSS0.00298EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in imagemagick

In the RestoreMSCWarning function in /coders/pdf.c, there are several places where calls to GetPixelIndex may result in values that are outside the range that can be represented by the unsigned char type. The patch converts the return value of GetPixelIndex to the ssizet type to avoid this bug...

4.3CVSS6.5AI score0.01161EPSS
Exploits1References2
Packet Storm News
Packet Storm News
added 2026/05/12 12:0 a.m.12 views

Secure (Multiple) Key-Cast over Networks: Multiple Eavesdropping Nodes

We study the secure multiple key-cast problem over noiseless networks under node-based eavesdroppers, where one or more source nodes participate in the generation of distinct secret keys to be shared among designated terminal subsets, while an eavesdropper observing up to $\ell$ nodes, including...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.5 views

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017598)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017598 advisory. There are 4 places in HistogramCompare in MagickCore/histogram.c where an integer overflow is possible during simple math calculations. This occurs in the rgb values...

4.3CVSS5.9AI score0.01163EPSS
Exploits1References4
CVE
CVE
added 2026/05/08 10:47 p.m.26 views

CVE-2026-41682

CVE-2026-41682 affects pupnp (UPnP SDK); prior to 1.18.5 it is vulnerable to SRRF/port-confusion from port truncation caused by atoi() in parse_uri(). Patch available in pupnp 1.18.5. CVSS 4.0 base score 6.9 (MEDIUM).

6.9CVSS5.7AI score0.00346EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/08 10:47 p.m.46 views

CVE-2026-41682 pupnp: Port truncation via atoi() cast in parse_uri() allows SSRF port confusion

pupnp is an SDK for development of UPnP device and control point applications. Prior to version 1.18.5, pupnp is vulnerable to SRRF port confusion due to port truncation via atoi cast in parseuri. This issue has been patched in version 1.18.5...

6.9CVSS0.00346EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/08 10:39 p.m.8 views

CVE-2026-8009

An inappropriate implementation flaw was found in the Cast component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=496555077...

5CVSS5.7AI score0.0012EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/05/08 10:39 p.m.12 views

CVE-2026-8007

An insufficient validation of untrusted input flaw was found in the Cast component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=496399759...

9CVSS5.7AI score0.0019EPSS
Exploits0References5
Rows per page
Query Builder