CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

516 matches found

Positive Technologies•added 2026/01/05 12:0 a.m.•2 views

PT-2026-1241

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description A flaw exists in the handling of DSP events within the ALSA firewire-motu module. A missing bounds check in a put user loop could allow overwriting beyond the user buffer boundary when t...

4.6CVSS6.7AI score0.00161EPSS

Exploits0

Tenable Nessus•added 2026/01/05 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2025-68753

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: firewire-motu: add bounds check in putuser loop for DSP events In the DSP event handling code, a putuser loop copies event data. When the user buffer size...

5.6AI score0.00161EPSS

Exploits0References3

RedhatCVE•added 2025/12/25 3:54 p.m.•3 views

CVE-2025-68347

In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events The DSP event handling code in hwdepread could write more bytes to the user buffer than requested, when a user provides a buffer smaller than the event header...

5.5CVSS6.4AI score0.00195EPSS

Exploits0References4

Microsoft CVE•added 2025/12/25 9:4 a.m.•1 views

ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events

...

5.5CVSS5.4AI score0.00195EPSS

Exploits0

SUSE CVE•added 2025/12/25 12:56 a.m.•5 views

SUSE CVE-2023-54084

In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-digi00x: prevent potential use after free This code was supposed to return an error code if initstream failed, but it instead freed dg00x-rxstream and returned success. This potentially leads to a use after free...

6.6CVSS6.7AI score0.0018EPSS

Exploits0References8

SUSE CVE•added 2025/12/25 12:24 a.m.•2 views

SUSE CVE-2025-68346

In the Linux kernel, the following vulnerability has been resolved: ALSA: dice: fix buffer overflow in detectstreamformats The function detectstreamformats reads the streamcount value directly from a FireWire device without validating it. This can lead to out-of-bounds writes when a malicious...

5.5CVSS6.9AI score0.00196EPSS

Exploits0References21

SUSE CVE•added 2025/12/25 12:24 a.m.•1 views

SUSE CVE-2025-68347

6.1CVSS7AI score0.00195EPSS

Exploits0References22

Tenable Nessus•added 2025/12/25 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2023-54084

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: firewire-digi00x: prevent potential use after free This code was supposed to return an error code if initstream failed, but it instead freed dg00x-rxstrea...

6.2AI score0.0018EPSS

Exploits0References3

EUVD•added 2025/12/24 3:30 p.m.•6 views

EUVD-2023-60361

6.2AI score0.0018EPSS

Exploits0References7

NVD•added 2025/12/24 1:16 p.m.•11 views

CVE-2023-54084

0.0018EPSS

Exploits0References6

UbuntuCve•added 2025/12/24 1:16 p.m.•5 views

CVE-2023-54084

5.9AI score0.0018EPSS

Exploits0References7

OSV•added 2025/12/24 1:16 p.m.•3 views

UBUNTU-CVE-2023-54084

5.7AI score0.0018EPSS

Exploits0References8

CVE•added 2025/12/24 1:6 p.m.•8 views

CVE-2023-54084

CVE-2023-54084 concerns the Linux kernel where ALSA: firewire-digi00x could suffer a use-after-free. The issue occurs when init_stream() fails: instead of returning an error, the code frees dg00x->rx_stream and returns success, potentially leading to a use-after-free. The Connected documents p...

6.3AI score0.0018EPSS

Exploits0References6