Lucene search
K

740 matches found

NVD
NVD
added 2026/05/01 3:16 p.m.6 views

CVE-2026-43037

In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: clear skb2-cb in ip4ip6err Oskar Kjos reported the following problem. ip4ip6err calls icmpsend on a cloned skb whose cb was written by the IPv6 receive path as struct inet6skbparm. icmpsend passes IPCBskb2 to...

9.8CVSS0.00563EPSS
Exploits0References43
NVD
NVD
added 2026/05/01 3:16 p.m.8 views

CVE-2026-31748

In the Linux kernel, the following vulnerability has been resolved: comedi: medaq: Fix potential overrun of firmware buffer me2600xilinxdownload loads the firmware that was requested by requestfirmware. It is possible for it to overrun the source buffer because it blindly trusts the file format. ...

7.8CVSS0.00129EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/01 2:14 p.m.30 views

CVE-2026-31748 comedi: me_daq: Fix potential overrun of firmware buffer

In the Linux kernel, the following vulnerability has been resolved: comedi: medaq: Fix potential overrun of firmware buffer me2600xilinxdownload loads the firmware that was requested by requestfirmware. It is possible for it to overrun the source buffer because it blindly trusts the file format. ...

0.00129EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/01 2:14 p.m.34 views

CVE-2026-31747 comedi: me4000: Fix potential overrun of firmware buffer

In the Linux kernel, the following vulnerability has been resolved: comedi: me4000: Fix potential overrun of firmware buffer me4000xilinxdownload loads the firmware that was requested by requestfirmware. It is possible for it to overrun the source buffer because it blindly trusts the file format...

0.00129EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/05/01 8:47 a.m.3 views

CVE-2026-35547

When processing the header of an incoming message, libnv failed to properly validate the message size. The lack of validation allows a malicious program to write outside the bounds of a heap allocation. This can trigger a crash or system panic, and it may be possible for an unprivileged user to...

8.1CVSS5.8AI score0.00316EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.15 views

PT-2026-36382

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A buffer overrun can occur in the me4000 xilinx download function when loading firmware requested by request firmware. The function reads a data stream length from the first 4 bytes into...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References18
OSV
OSV
added 2026/04/29 12:0 p.m.4 views

RUSTSEC-2026-0189 DNS rebinding vulnerability in rmcp Streamable HTTP server transport

Prior to version 1.4.0, the rmcp crate's Streamable HTTP server transport did not validate the incoming Host header. This allowed a malicious public website, via a DNS rebinding attack, to send requests to an MCP server running on the victim's loopback or private-network interface. An attacker wh...

8.8CVSS5.8AI score0.00213EPSS
Exploits0References7
OSV
OSV
added 2026/04/29 7:10 a.m.8 views

CLSA-2026-1777446601 Fix CVE(s): CVE-2020-13935

SECURITY UPDATE: denial of service via crafted WebSocket frame with a 64-bit payload length whose most significant bit is set. The extended payload length read in WsFrameBase.processRemainingHeader was assembled into a Java long without validation. With bit 63 set the value became negative, which...

7.5CVSS6.8AI score0.87553EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2026/04/27 1:54 a.m.8 views

google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation

A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 :path pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed :path that omits the mandato...

9.1CVSS7.5AI score0.01557EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2026/04/26 1:52 a.m.10 views

SUSE CVE-2026-31684

In the Linux kernel, the following vulnerability has been resolved: net: sched: actcsum: validate nested VLAN headers tcfcsumact walks nested VLAN headers directly from skb-data when an skb still carries in-payload VLAN tags. The current code reads vlan-hvlanencapsulatedproto and then pulls...

6.5CVSS5.5AI score0.00117EPSS
Exploits0References19
CVE
CVE
added 2026/04/25 8:47 a.m.26 views

CVE-2026-31684

The CVE-2026-31684 issue is in the Linux kernel’s net/sched pathology (act_csum) where tcf_csum_act() reads nested VLAN headers directly from skb->data if the payload contains VLAN tags, and may read VLAN_HLEN bytes before guaranteeing the full header is present. The root cause is that the cod...

5.5CVSS5.5AI score0.00117EPSS
Exploits0References8Affected Software1
EUVD
EUVD
added 2026/04/25 8:47 a.m.5 views

EUVD-2026-25651

In the Linux kernel, the following vulnerability has been resolved: net: sched: actcsum: validate nested VLAN headers tcfcsumact walks nested VLAN headers directly from skb-data when an skb still carries in-payload VLAN tags. The current code reads vlan-hvlanencapsulatedproto and then pulls...

5.5AI score0.00117EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/25 12:0 a.m.7 views

PT-2026-35144

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the tcf csum act function where nested VLAN headers are processed directly from skb-data when a socket buffer still contains in-payload VLAN tags. The system reads vlan-...

5.5CVSS5.9AI score0.00117EPSS
Exploits0
CNNVD
CNNVD
added 2026/04/25 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an error in the validation conditions for the MAC header in ip6teui64. This vulnerability may all...

9.4CVSS5.8AI score0.00337EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/24 2:31 a.m.4 views

EUVD-2026-25384

Open Source Social Network OSSN is open-source social networking software developed in PHP. Versions prior to 9.0 are vulnerable to resource exhaustion. An attacker can upload a specially crafted image with extreme pixel dimensions e.g., $10000 \times 10000$ pixels. While the compressed file size...

8.2CVSS5.7AI score0.00369EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2026/04/23 12:0 a.m.7 views

Security update for ignition (important)

openSUSE security update: security update for ignition ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20603-1 Rating: important References: bsc1260251 Cross-References: CVE-2026-33186 CVSS scores: CVE-2026-33186 SUSE : 8.1...

8.6CVSS7AI score0.01557EPSS
Exploits1References1
CVE
CVE
added 2026/04/22 1:54 p.m.19 views

CVE-2026-31472

CVE-2026-31472 concerns the Linux kernel, specifically the xfrm/ IPTFS path. A crafted ESP packet with an inner IPv4 header can cause an infinite loop in __input_process_payload() if the inner header has tot_len=0 or malformed ihl. The fix adds validation to reject inner packets where tot_len &lt...

5.5CVSS5.6AI score0.00121EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/04/21 9:16 p.m.6 views

CVE-2026-40925

WWBN AVideo is an open source video platform. In versions 29.0 and prior, objects/configurationUpdate.json.php also routed via /updateConfig persists dozens of global site settings from $POST but protects the endpoint only with User::isAdmin. It does not call forbidIfIsUntrustedRequest, does not...

8.3CVSS0.00173EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.7 views

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011249)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011249 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate command header size against SVGACMDMAXDATASIZE This data originates from...

6.5AI score0.00319EPSS
Exploits0References4
OSV
OSV
added 2026/04/16 10:27 a.m.7 views

SUSE-SU-2026:1395-1 Security update for azure-storage-azcopy

This update for azure-storage-azcopy fixes the following issues: - CVE-2026-33186: Authorization bypass in grpc-go due to improper validation of the HTTP/2 :path pseudo-header bsc1260307...

9.1CVSS5.8AI score0.01557EPSS
Exploits1References3
Rows per page
Query Builder