Lucene search
K

5063 matches found

RedhatCVE
RedhatCVE
added 2026/06/06 6:43 p.m.8 views

CVE-2026-23679

A flaw was found in libusb. An attacker can provide a specially crafted Universal Serial Bus USB configuration descriptor to applications using libusb. This malformed descriptor can lead to a null pointer dereference, causing the application to crash and resulting in a denial of service. This...

6.9CVSS5.1AI score0.00184EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.11 views

CVE-2026-45251

A file descriptor can be closed while a thread is blocked in a poll2 or select2 call waiting for that descriptor. Because the blocked thread does not hold a reference to the underlying object, this closure may result in the object being freed while the thread remains blocked. In this situation, t...

7.8CVSS5.4AI score0.0017EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:12 p.m.12 views

CVE-2026-39959

Tmds.DBus provides .NET libraries for working with D-Bus from .NET. Tmds.DBus and Tmds.DBus.Protocol are vulnerable to malicious D-Bus peers. A peer on the same bus can spoof signals by impersonating the owner of a well-known name, exhaust system resources or cause file descriptor spillover by...

7.1CVSS5.5AI score0.00124EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 4:16 p.m.27 views

ALPINE-CVE-2026-48102

7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler's File Identifier Descriptor parser. In CFileId::Parse CPP/7zip/Archive/Udf/UdfIn.cpp, after validating size 38 + idLen + impLen and...

4.3CVSS5.3AI score0.00189EPSS
Exploits1References1
CVE
CVE
added 2026/06/05 3:48 p.m.30 views

CVE-2026-48103

7-Zip versions 9.34–26.00 contain an off-by-one heap out-of-bounds read in the WIM archive handler (WIM security descriptor lookup). In WimHandler.GetSecurity, the per-image SecurOffsets table holds numEntries+1 offsets, and securityId == numEntries is allowed, causing reads at SecurOffsets[secur...

7.1CVSS5.5AI score0.00225EPSS
Exploits1References1Affected Software1
AlpineLinux
AlpineLinux
added 2026/06/05 3:48 p.m.6 views

CVE-2026-48103

7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain an off-by-one heap out-of-bounds read in the WIM Windows Imaging archive handler's security descriptor lookup. In CHandler::GetSecurity CPP/7zip/Archive/Wim/WimHandler.cpp, the per-image SecurOffsets table...

7.1CVSS5.3AI score0.00225EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/06/05 3:48 p.m.12 views

CVE-2026-48103 GHSL-2026-119 7-Zip WIM SecurityId OOB read

7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain an off-by-one heap out-of-bounds read in the WIM Windows Imaging archive handler's security descriptor lookup. In CHandler::GetSecurity CPP/7zip/Archive/Wim/WimHandler.cpp, the per-image SecurOffsets table...

4.3CVSS5.4AI score0.00225EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/05 3:48 p.m.41 views

CVE-2026-48103 GHSL-2026-119 7-Zip WIM SecurityId OOB read

7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain an off-by-one heap out-of-bounds read in the WIM Windows Imaging archive handler's security descriptor lookup. In CHandler::GetSecurity CPP/7zip/Archive/Wim/WimHandler.cpp, the per-image SecurOffsets table...

4.3CVSS0.00225EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/06/05 3:48 p.m.6 views

CVE-2026-48103

7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain an off-by-one heap out-of-bounds read in the WIM Windows Imaging archive handler's security descriptor lookup. In CHandler::GetSecurity CPP/7zip/Archive/Wim/WimHandler.cpp, the per-image SecurOffsets table...

4.3CVSS5.5AI score0.00225EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/05 3:19 p.m.12 views

CVE-2026-48102 GHSL-2026-118: 7-Zip UDF Field OOB Read

7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler's File Identifier Descriptor parser. In CFileId::Parse CPP/7zip/Archive/Udf/UdfIn.cpp, after validating size 38 + idLen + impLen and...

3.1CVSS5.6AI score0.00189EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/05 3:19 p.m.60 views

CVE-2026-48102 GHSL-2026-118: 7-Zip UDF Field OOB Read

7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler's File Identifier Descriptor parser. In CFileId::Parse CPP/7zip/Archive/Udf/UdfIn.cpp, after validating size 38 + idLen + impLen and...

3.1CVSS0.00189EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-45287

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenTelemetry-Go is the Go implementation of OpenTelemetry. Prior to version 0.0.17, go.opentelemetry.io/otel/schema/v1.0 and go.opentelemetry.io/otel/schema/v1...

5.5CVSS5.9AI score0.00168EPSS
Exploits1References4
OSV
OSV
added 2026/06/04 4:16 p.m.9 views

DEBIAN-CVE-2026-45287

OpenTelemetry-Go is the Go implementation of OpenTelemetry. Prior to version 0.0.17, go.opentelemetry.io/otel/schema/v1.0 and go.opentelemetry.io/otel/schema/v1.1 leaks one file descriptor on each successful ParseFile call. ParseFile opens the schema file and passes it to Parse without closing it...

5.5CVSS5.5AI score0.00168EPSS
Exploits1References1
NVD
NVD
added 2026/06/04 4:16 p.m.17 views

CVE-2026-45287

OpenTelemetry-Go is the Go implementation of OpenTelemetry. Prior to version 0.0.17, go.opentelemetry.io/otel/schema/v1.0 and go.opentelemetry.io/otel/schema/v1.1 leaks one file descriptor on each successful ParseFile call. ParseFile opens the schema file and passes it to Parse without closing it...

5.5CVSS0.00168EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2026/06/04 2:45 p.m.7 views

CVE-2026-45287

OpenTelemetry-Go is the Go implementation of OpenTelemetry. Prior to version 0.0.17, go.opentelemetry.io/otel/schema/v1.0 and go.opentelemetry.io/otel/schema/v1.1 leaks one file descriptor on each successful ParseFile call. ParseFile opens the schema file and passes it to Parse without closing it...

5.5CVSS5.4AI score0.00168EPSS
Exploits1
Cvelist
Cvelist
added 2026/06/04 2:45 p.m.38 views

CVE-2026-45287 OpenTelemetry-Go's Schema ParseFile leaks file descriptors on each parse

OpenTelemetry-Go is the Go implementation of OpenTelemetry. Prior to version 0.0.17, go.opentelemetry.io/otel/schema/v1.0 and go.opentelemetry.io/otel/schema/v1.1 leaks one file descriptor on each successful ParseFile call. ParseFile opens the schema file and passes it to Parse without closing it...

2.1CVSS0.00168EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/06/04 2:45 p.m.7 views

CVE-2026-45287 OpenTelemetry-Go's Schema ParseFile leaks file descriptors on each parse

OpenTelemetry-Go is the Go implementation of OpenTelemetry. Prior to version 0.0.17, go.opentelemetry.io/otel/schema/v1.0 and go.opentelemetry.io/otel/schema/v1.1 leaks one file descriptor on each successful ParseFile call. ParseFile opens the schema file and passes it to Parse without closing it...

2.1CVSS5.4AI score0.00168EPSS
Exploits1References3
EUVD
EUVD
added 2026/06/04 2:45 p.m.12 views

EUVD-2026-34291

OpenTelemetry-Go is the Go implementation of OpenTelemetry. Prior to version 0.0.17, go.opentelemetry.io/otel/schema/v1.0 and go.opentelemetry.io/otel/schema/v1.1 leaks one file descriptor on each successful ParseFile call. ParseFile opens the schema file and passes it to Parse without closing it...

2.1CVSS5.8AI score0.00168EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/06/04 2:45 p.m.8 views

CVE-2026-45287

OpenTelemetry-Go is the Go implementation of OpenTelemetry. Prior to version 0.0.17, go.opentelemetry.io/otel/schema/v1.0 and go.opentelemetry.io/otel/schema/v1.1 leaks one file descriptor on each successful ParseFile call. ParseFile opens the schema file and passes it to Parse without closing it...

2.1CVSS5.8AI score0.00168EPSS
Exploits1References4Affected Software2
CVE
CVE
added 2026/06/04 2:45 p.m.34 views

CVE-2026-45287

OpenTelemetry-Go (Go implementation) prior to version 0.0.17 leaks one file descriptor per successful ParseFile call when parsing go.opentelemetry.io/otel/schema/v1.0 and v1.1. In long-running processes, repeated schema parsing without proper file closure can exhaust the process file descriptor l...

5.5CVSS5.8AI score0.00168EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder