Lucene search
K

64 matches found

Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.7 views

PT-2026-53090

Name of the Vulnerable Software and Affected Versions Nmap versions 7.0.0 through 7.99 Description An issue exists in the ipv6 get data primitive function libnetutil/netutil.cc where the IPv6 extension-header walk is not kept within the captured packet. This causes the pointer to advance past the...

6.9CVSS6.6AI score0.00278EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.16 views

PT-2026-50877

Name of the Vulnerable Software and Affected Versions Microsoft HEIF Image Extensions version 1.2.22.0 Description An out-of-bounds read occurs because the CHEIFItemInfoEntry GetDataSize function can return a success status while leaving the reported data size at 0. This leads a caller to perform...

9.1CVSS6AI score0.00823EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2026/05/28 3:56 a.m.11 views

SUSE CVE-2026-45922

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix memory leak in GETDATADIRECTSYSFSPATH handler The UVERBSHANDLERMLX5IBMETHODGETDATADIRECTSYSFSPATH function allocates memory for the device path using kobjectgetpath. If the length of the device path exceeds the...

5.5CVSS5.9AI score0.00155EPSS
Exploits0References3
NVD
NVD
added 2026/05/27 2:17 p.m.12 views

CVE-2026-45922

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix memory leak in GETDATADIRECTSYSFSPATH handler The UVERBSHANDLERMLX5IBMETHODGETDATADIRECTSYSFSPATH function allocates memory for the device path using kobjectgetpath. If the length of the device path exceeds the...

5.5CVSS0.00155EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.9 views

CVE-2026-45922

RDMA/mlx5: Fix memory leak in GETDATADIRECTSYSFSPATH handler...

5.8AI score0.00155EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in binutils

A memory consumption issue in the getdata function in binutils/nm.c in GNU nm before version 2.34 allows attackers to cause a denial of service through crafted commands...

5.5CVSS5AI score0.00275EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.5 views

SUSE SLES15: libpython2_7-1_0 / python / python-base / python-curses / etc (SUSE-SU-2026:1365-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:1365-1 advisory. - CVE-2026-3479: improper resource argument validation in pkgutil.getdata can allow path traversal bsc1259989. Tenable has extracted the preceding...

5.8AI score0.00238EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2026/04/15 2:30 p.m.5 views

Security update for python

This update for python fixes the following issues: CVE-2026-3479: improper resource argument validation in pkgutil.getdata can allow path traversal bsc1259989. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

3.3CVSS5.8AI score0.00238EPSS
Exploits0References4
OSV
OSV
added 2026/04/15 2:30 p.m.4 views

SUSE-SU-2026:1365-1 Security update for python

This update for python fixes the following issues: - CVE-2026-3479: improper resource argument validation in pkgutil.getdata can allow path traversal bsc1259989...

5.8AI score0.00238EPSS
Exploits0References3
OSV
OSV
added 2026/04/13 9:41 a.m.3 views

OPENSUSE-SU-2026:20517-1 Security update for python313

This update for python313 fixes the following issues: Update to version 3.13.13. - CVE-2025-13462: incorrect parsing of TarInfo when GNU long name and type AREGTYPE are combined can lead to misinterpretation of tar archives bsc1259611. - CVE-2026-2297: incorrectly handled hook in FileLoader can...

7.5CVSS5.8AI score0.00621EPSS
Exploits0References14
OSV
OSV
added 2026/04/11 2:5 p.m.8 views

OESA-2026-1902 python3 security update

Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...

7.5CVSS5.7AI score0.00621EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/02 6:15 p.m.4 views

CVE-2026-5417

A vulnerability was determined in Dataease SQLbot up to 1.6.0. This issue affects the function getesdatabyhttp of the file backend/apps/db/esengine.py of the component Elasticsearch Handler. This manipulation of the argument address causes server-side request forgery. The attack may be initiated...

5.8CVSS5.5AI score0.00218EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/03/23 9:44 a.m.4 views

OPENSUSE-SU-2026:20410-1 Security update for exiv2

This update for exiv2 fixes the following issues: Update to exiv2 0.28.8: - CVE-2024-24826: out-of-bounds read in QuickTimeVideo: NikonTagsDecoder bsc1219870. - CVE-2024-25112: denial of service due to unbounded recursion in QuickTimeVideo: multipleEntriesDecoder bsc1219871. - CVE-2024-39695:...

9.8CVSS6.1AI score0.00816EPSS
Exploits3References18
SUSE CVE
SUSE CVE
added 2026/03/22 12:26 a.m.11 views

SUSE CVE-2026-3479

DISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.getdata has the same security model as open. The documentation has been updated to clarify this point. There is no vulnerability in the function if following the intended security model. pkgutil.getdata did...

3.3CVSS5.7AI score0.00238EPSS
Exploits0References17
OSV
OSV
added 2026/03/20 9:21 a.m.5 views

BIT-PYTHON-2026-3479 pkgutil.get_data() does not enforce documented restrictions

pkgutil.getdata did not validate the resource argument as documented, allowing path traversals...

5.8AI score0.00238EPSS
Exploits0References5
OSV
OSV
added 2026/03/20 9:20 a.m.9 views

BIT-PYTHON-MIN-2026-3479 pkgutil.get_data() does not enforce documented restrictions

pkgutil.getdata did not validate the resource argument as documented, allowing path traversals...

5.8AI score0.00238EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/03/19 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-3479

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.getdata has the same security model as open. The documentation has be...

5.8AI score0.00238EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/18 9:32 p.m.5 views

EUVD-2026-12940

pkgutil.getdata did not validate the resource argument as documented, allowing path traversals...

2.1CVSS5.8AI score0.00238EPSS
Exploits0References4
OSV
OSV
added 2026/03/18 7:16 p.m.3 views

DEBIAN-CVE-2026-3479

DISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.getdata has the same security model as open. The documentation has been updated to clarify this point. There is no vulnerability in the function if following the intended security model. pkgutil.getdata did...

4.6AI score0.00238EPSS
Exploits0References1
OSV
OSV
added 2026/03/18 6:13 p.m.11 views

PSF-2026-13

DISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.getdata has the same security model as open. The documentation has been updated to clarify this point. There is no vulnerability in the function if following the intended security model. pkgutil.getdata did...

5.7AI score0.00238EPSS
Exploits0References7
Rows per page
Query Builder