Lucene search
K

30852 matches found

RedhatCVE
RedhatCVE
added 2026/06/26 5:44 p.m.8 views

CVE-2026-53053

A flaw was found in the Linux kernel's IOMMU Input/Output Memory Management Unit AMD driver. The clonealias function incorrectly uses the device ID devid when handling alias devices. This can lead to the propagation of wrong or stale Device Table Entry DTE entries to alias devices, potentially...

8.8CVSS5.8AI score0.00128EPSS
Exploits0References4
OSV
OSV
added 2026/06/26 12:22 p.m.4 views

SUSE-SU-2026:2653-1 Security update for util-linux

This update for util-linux fixes the following issue - CVE-2026-27456: TOCTOU in the mount program when setting up loop devices bsc1261606...

4.7CVSS5.7AI score0.00118EPSS
Exploits1References3
NVD
NVD
added 2026/06/26 8:16 a.m.7 views

CVE-2026-57880

An unauthenticated stack-based buffer overflow vulnerability exists in ssvr in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient bounds checking when parsing RTSP Digest authentication fields. A remote attacker may exploit this vulnerability by...

9.8CVSS0.0053EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 7:17 a.m.7 views

EUVD-2026-39637

An unauthenticated stack-based buffer overflow vulnerability exists in vlsvr in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient length validation when processing remote login data. A remote attacker may exploit this vulnerability by sending craft...

9.8CVSS6.2AI score0.00376EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 7:17 a.m.8 views

EUVD-2026-39634

An unauthenticated stack-based buffer overflow vulnerability exists in thttpd in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient bounds checking when processing web request parameters in a specific request path. A remote attacker may exploit this...

9.8CVSS6.4AI score0.00531EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/26 7:17 a.m.6 views

CVE-2026-57875

An unauthenticated NULL pointer dereference vulnerability exists in the HTTP request parsing logic of multiple CGI components in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by improper validation of required HTTP request metadata before it is used by the...

7.5CVSS5.9AI score0.01266EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/26 7:17 a.m.6 views

CVE-2026-57873

An unauthenticated NULL pointer dereference vulnerability exists in IEEE8021xupload.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by improper validation of multipart upload headers when processing certificate-related upload fields. A remote attacker may...

7.5CVSS5.8AI score0.00206EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/26 7:17 a.m.39 views

CVE-2026-57873 GV-LPC2011/LPC2211 - unauthorized null pointer dereference vulnerability (IEEE8021x_upload.cgi)

An unauthenticated NULL pointer dereference vulnerability exists in IEEE8021xupload.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by improper validation of multipart upload headers when processing certificate-related upload fields. A remote attacker may...

7.5CVSS0.00206EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/26 1:51 a.m.8 views

Malicious code in wellnpm (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2cce5614817c010bad6d6bd86146713b627ad235b87d9ccd341bd3d996a80119 [email protected] ships a 24MB ELF binary named launch which is the XMRig Monero miner RandomX, cn/upx2, ghostrider algorithm strings, libuv/OpenSSL...

5.8AI score
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.16 views

PT-2026-52669

Name of the Vulnerable Software and Affected Versions GeoVision GV-LPC2011 versions prior to 1.13 GeoVision GV-LPC2211 versions prior to 1.13 Description An unauthenticated directory traversal issue exists in the 'get fcont.cgi' endpoint. This occurs due to insufficient validation of user-supplie...

7.5CVSS6AI score0.00969EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.13 views

PT-2026-52945

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An off-by-one error exists in the hvc iucv tty driver. The issue occurs when the hvc iucv devices counter equals 8, which is the maximum value defined by MAX HVC IUCV LINES. Due to an...

5.8AI score0.00123EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/06/25 6:39 p.m.34 views

CVE-2026-4930 DPA Countermeasures weakening on Series 3 devices

SYMCRYPTO is the SiXG301's host side hardware engine accessed by PSA crypto library that accelerates symmetric cryptographic operations AES encryption/decryption and hashing. DPA Countermeasures on SYMCRYPTO can be weakened reduced entropy by forcing certain seed values if an attacker gains code...

7.1CVSS0.00101EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/25 6:17 p.m.4 views

CVE-2026-52968

A flaw was found in the Linux kernel's KVM Kernel-based Virtual Machine subsystem, specifically affecting s390 PCI devices. This vulnerability arises from incorrect pointer arithmetic during the indexing of the Guest Access Instruction Table GAIT, leading to out-of-bounds memory access. A local...

6.4CVSS5.8AI score0.0018EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 2:16 p.m.5 views

CVE-2026-47151

In EmberZNet v9.0.2 and earlier, malformed ClearWeekdaySchedule messages can trigger out-of-bounds writes into Door Lock schedule state. The size and location of this data is limited. These messages must come from a device that has already joined the network. Only devices supporting the Door Lock...

7.1CVSS0.00217EPSS
Exploits0References2
NVD
NVD
added 2026/06/25 2:16 p.m.4 views

CVE-2026-47145

In EmberZNet v9.0.2 and earlier, malformed Color Control messages can lead to asserts that terminate the process. These messages must come from a device that has already joined the network. Only devices supporting the Color Control cluster may be impacted...

7.1CVSS0.00249EPSS
Exploits0References2
NVD
NVD
added 2026/06/25 2:16 p.m.5 views

CVE-2026-47147

In EmberZNet v9.0.2 and earlier, malformed OTA requests can drive the OTA server parser into out-of-bounds reads. A limited amount of data from RAM is read back to the requester. The size and location of this data is limited. These requests must come from a device that has already joined the...

7.1CVSS0.00231EPSS
Exploits0References2
NVD
NVD
added 2026/06/25 2:16 p.m.4 views

CVE-2026-47146

In EmberZNet v9.0.2 and earlier, malformed Color Control messages can lead to asserts that terminate the process. These messages must come from a device that has already joined the network. Only devices supporting the Color Control cluster may be impacted...

7.1CVSS0.00249EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 1:42 p.m.22 views

CVE-2026-47153

CVE-2026-47153 affects the EmberZNet stack (v9.0.2 and earlier) where a malformed Level Control Step command can terminate the process via a divide-by-zero fault. The issue requires the sender to be a device that has already joined the network and impacts devices that support the Level Control cl...

7.1CVSS5.8AI score0.00249EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/25 1:41 p.m.5 views

EUVD-2026-39407

In EmberZNet v9.0.2 and earlier, a malformed Level Control Move command can terminate the process through a divide-by-zero fault. This command must come from a device that has already joined the network. Only devices supporting the Level Control cluster may be impacted...

7.1CVSS5.8AI score0.00249EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 1:39 p.m.4 views

EUVD-2026-39405

In EmberZNet v9.0.2 and earlier, malformed IAS Zone enrollment messages can trigger an out-of-bounds state-table write and terminate the process. The size and location of this write is limited. These messages must come from a device that has already joined the network. Only devices supporting the...

7.1CVSS5.8AI score0.00217EPSS
Exploits0References2
Rows per page
Query Builder