Lucene search
K

673 matches found

RedhatCVE
RedhatCVE
added 6 days ago8 views

CVE-2026-53923

A flaw was found in vLLM. Integer truncation of tensor dimensions in vLLM's GGUF dequantize kernels leads to partial tensor processing. This results in the output tensor retaining previously used GPU memory, which, in multi-tenant inference deployments, can expose sensitive tensor data from other...

7.5CVSS5.7AI score0.00281EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/25 8:13 p.m.20 views

CVE-2026-6679 DTLS 1.3 ACK serialization heap buffer overflow via integer truncation

A heap buffer overflow could occur in the DTLS 1.3 ACK serialization path before the connecting peer is authenticated. The buffer overflow was due to an integer truncation when computing the length of the ACK record-number list, causing an undersized buffer to be allocated and then overrun. This...

8.8CVSS0.00385EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 8:13 p.m.12 views

CVE-2026-6679

CVE-2026-6679 describes a heap buffer overflow in the DTLS 1.3 ACK serialization path that occurs before the peer is authenticated. The root cause is an integer truncation when computing the length of the ACK record-number list, which leads to an undersized buffer and an overrun. Impact is on wol...

8.8CVSS6.1AI score0.00385EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.12 views

PT-2026-52587

Name of the Vulnerable Software and Affected Versions wolfSSL versions prior to 5.9.1 Description A heap buffer overflow occurs in the DTLS 1.3 ACK serialization path before the connecting peer is authenticated. The issue stems from an integer truncation when calculating the length of the ACK...

8.8CVSS6AI score0.00385EPSS
Exploits0References8
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in openjdk-11, bcel

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 o...

7.5CVSS7.6AI score0.17673EPSS
Exploits2References1
Github Security Blog
Github Security Blog
added 2026/06/17 2:3 p.m.13 views

vLLM: GGUF dequantize kernel int truncation exposes uninitialized GPU memory in multi-tenant serving

Summary Integer truncation of tensor dimensions in vLLM's GGUF dequantize kernels csrc/quantization/gguf/ggufkernel.cu causes partial tensor processing. The output tensor is allocated at full size via torch::empty uninitialized memory, but the dequantize CUDA kernel processes only a truncated...

7.5CVSS5.6AI score0.00281EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/06/17 2:3 p.m.5 views

GHSA-5JV2-G5WQ-CMR4 vLLM: GGUF dequantize kernel int truncation exposes uninitialized GPU memory in multi-tenant serving

Summary Integer truncation of tensor dimensions in vLLM's GGUF dequantize kernels csrc/quantization/gguf/ggufkernel.cu causes partial tensor processing. The output tensor is allocated at full size via torch::empty uninitialized memory, but the dequantize CUDA kernel processes only a truncated...

5.3CVSS5.7AI score0.00281EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.18 views

PT-2026-50472

Name of the Vulnerable Software and Affected Versions vLLM versions 0.5.5 through 0.23.1rc0 Description Integer truncation of tensor dimensions in GGUF dequantize kernels within csrc/quantization/gguf/gguf kernel.cu leads to partial tensor processing. The output tensor is allocated at full size...

7.5CVSS5.8AI score0.00281EPSS
Exploits0References10
OSV
OSV
added 2026/06/12 3:7 p.m.7 views

GHSA-R3RC-9HPW-54V9 SwiftNIO: Out-of-bounds write via ByteBuffer index and length UInt32 overflow

Summary A program using swift-nio is vulnerable to a potential out-of-bounds write when attacker-controlled index or length values exceeding UInt32.max are passed to some ByteBuffer methods. This affects all swift-nio versions from 1.0.0 to 2.99.0. It is fixed in 2.100.0 and later releases. Detai...

8.3CVSS6AI score0.00042EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/10 1:26 p.m.8 views

CVE-2026-34180

A flaw was found in OpenSSL. An integer truncation vulnerability in the ASN.1 decoder can occur when processing a crafted DER-encoded ASN.1 structure with a primitive element exceeding 2 gigabytes. A remote attacker could exploit this to cause a heap buffer over-read. This may lead to an...

7.5CVSS5.2AI score0.00513EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.11 views

OpenSSL 缓冲区错误漏洞

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...

7.5CVSS5.7AI score0.00513EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.8 views

EulerOS Virtualization 2.10.1 : libpng (EulerOS-SA-2026-2025)

According to the versions of the libpng package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via the pngimage with...

8.3CVSS5.8AI score0.00955EPSS
Exploits8References6
RedhatCVE
RedhatCVE
added 2026/06/05 7:44 p.m.9 views

CVE-2026-44927

A flaw was found in uriparser. This vulnerability involves pointer difference truncation, where calculations involving memory addresses are incorrectly shortened. This could lead to minor data integrity issues within the application. Exploitation of this flaw requires local access to the system a...

5.3CVSS4.8AI score0.00211EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/26 12:0 a.m.7 views

CVE-2026-48691

FastNetMon Community Edition through 1.2.9 contains an integer overflow in the BGP ASPATH attribute encoder. In src/bgpprotocol.hpp, the IPv4UnicastAnnounce::getattributes function computes attributelength as 'sizeofbgpaspathsegmentelementt + this-aspathasns.size sizeofuint32t' and stores it in a...

6.2AI score0.00308EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/19 9:55 p.m.31 views

CVE-2023-7345 Ledger Live hw-app-eth EIP-712 Message Parsing Integer Truncation

Ledger Live with vulnerable versions of ledgerhq/hw-app-eth prior to 6.34.7 contains an integer parsing vulnerability that allows attackers to manipulate EIP-712 typed data messages by exploiting incorrect hexadecimal field parsing when values contain an odd number of characters. Attackers can...

6.9CVSS0.00263EPSS
Exploits0References2
OSV
OSV
added 2026/05/18 4:22 p.m.5 views

GHSA-MC57-H6J3-3HMV iskorotkov/avro: Integer Overflow in Decoder

Integer Overflow in Avro Decoder Summary Several Avro decoder paths read attacker-controlled 64-bit values from the wire format and either narrowed them to platform-sized int before bounds-checking, or summed them with overflow-prone signed-int arithmetic. On 32-bit targets GOARCH=386, arm, mips,...

8.2CVSS5.9AI score0.00397EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/08 9:31 a.m.17 views

EUVD-2026-28536

In uriparser before 1.0.2, there is pointer difference truncation to int in various places...

2.9CVSS5.8AI score0.00211EPSS
Exploits0References2
OSV
OSV
added 2026/05/08 8:16 a.m.4 views

UBUNTU-CVE-2026-44927

In uriparser before 1.0.2, there is pointer difference truncation to int in various places...

5.3CVSS5.8AI score0.00211EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/08 7:13 a.m.10 views

CVE-2026-44927

In uriparser before 1.0.2, there is pointer difference truncation to int in various places...

2.9CVSS5.8AI score0.00211EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/08 7:13 a.m.53 views

CVE-2026-44927

In uriparser before 1.0.2, there is pointer difference truncation to int in various places...

2.9CVSS0.00211EPSS
Exploits0References1
Rows per page
Query Builder