Lucene search
+L

478 matches found

NVD
NVD
added 2 days ago9 views

CVE-2026-56455

HCL DFXAnalytics is affected by a Buffer Overflow vulnerability that can lead to a Denial of Service DoS. The application fails to properly validate input sizes, allowing an attacker to pass an excessive amount of information into a memory container, which can cause the system to crash or become...

7.5CVSS0.00241EPSS
Exploits0References1
CVE
CVE
added 2 days ago10 views

CVE-2026-56455

HCL DFXAnalytics is affected by a Buffer Overflow vulnerability caused by improper input size validation. An attacker can send oversized data to a memory container, potentially crashing or rendering the system unresponsive (DoS). The documents indicate mitigation as implementing comprehensive inp...

7.5CVSS6.1AI score0.00241EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2 days ago8 views

EUVD-2026-44923

HCL DFXAnalytics is affected by a Buffer Overflow vulnerability that can lead to a Denial of Service DoS. The application fails to properly validate input sizes, allowing an attacker to pass an excessive amount of information into a memory container, which can cause the system to crash or become...

5.3CVSS6.1AI score0.00241EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 5 days ago5 views

PT-2026-60047

Impact read character string and read string in src/zeroconf/ protocol/incoming.py sliced self.dataself.offset : self.offset + length and advanced self.offset by the declared length without checking it against self. data len. Python's slice silently returns fewer bytes when the end index runs pas...

6.5CVSS6.1AI score
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/07/08 2:32 p.m.4 views

openCryptoki: openCryptoki: Information disclosure and Denial of Service via malformed BER-encoded cryptographic objects

A flaw was found in openCryptoki, a PKCS11 Cryptographic Token Interface Standard library. The BER/DER Basic Encoding Rules/Distinguished Encoding Rules decoding functions in the shared common library do not properly validate attacker-controlled length fields against actual buffer boundaries. Thi...

6.8CVSS6.1AI score0.0016EPSS
Exploits1References6
OSV
OSV
added 2026/07/06 6:27 a.m.5 views

OESA-2026-2833 python-zeroconf security update

Pure Python Multicast DNS Service Discovery Library Bonjour/Avahi compatible Security Fixes: readcharacterstring and readstring in src/zeroconf/protocol/incoming.py sliced self.dataself.offset : self.offset + length and advanced self.offset by the declared length without checking it against...

5.3CVSS6AI score
Exploits0References2
NVD
NVD
added 2026/07/02 4:17 a.m.8 views

CVE-2026-57278

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.3CVSS0.0028EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Wifi: rtl818x: rtl8187: A potential buffer underflow has been fixed in rtl8187rxcb. The rtl8187rxcb function calculates the RX descriptor header address by subtracting its size from the skbtailptr. However, it does not validate...

6.2AI score0.00177EPSS
Exploits0References3
Redos
Redos
added 2026/06/23 12:0 a.m.10 views

ROS-20260623-73-0004

The vulnerability of the JPEG Parser component in the Gstreamer multimedia framework is related to the lack of proper checks on the data length. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.8CVSS6.2AI score0.00787EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/06/22 11:58 p.m.6 views

CVE-2026-10658

btisorecv in subsys/bluetooth/host/iso.c pulled the ISO SDU header 4 bytes or, when the timestamp flag is set, the timestamped SDU header 8 bytes from the inbound HCI ISO Data buffer via netbufpullmem without first checking buf-len. The upstream hciiso handler enforces buf-len == the...

7.1CVSS6.2AI score0.00173EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/06/18 3:54 p.m.4 views

SUSE-SU-2026:2457-1 Security update for frr

This update for frr fixes the following issue: - CVE-2026-5107: Fixed an improper access controls in EVPN Type-2 Route Handler bsc1261013. - CVE-2026-28532: Harden TE/SR TLV iteration against malformed lengths bsc1263859. - CVE-2026-37457: Fix off-by-one error in FlowSpec operator array bounds...

7.5CVSS5.8AI score0.00389EPSS
Exploits0References9
CVE
CVE
added 2026/06/09 4:3 p.m.298 views

CVE-2026-34182

CVE-2026-34182 describes a vulnerability in CMS AuthEnvelopedData processing in OpenSSL where insufficient input validation on cipher and tag length can allow forged or manipulated messages. Attack scenarios include selecting non-AEAD ciphers (e.g., AES-256-OFB) that bypasses integrity checks and...

9.1CVSS5.5AI score0.00237EPSS
Exploits0References6Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.12 views

CVE-2026-6967

Missing expiration, hash, and length enforcement in delegated metadata validation in awslabs/tough before tough-v0.22.0 allows remote authenticated users with delegated signing authority to bypass TUF specification integrity checks for delegated targets metadata and poison the local metadata cach...

7.1CVSS5.5AI score0.00246EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/02 3:31 p.m.4 views

EUVD-2025-26475

A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potentially perform path traversal or access private temporary file content by creating symbolic links. This vulnerability allows a local attacker to...

3.7CVSS5.8AI score0.0037EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/30 7:15 a.m.12 views

CVE-2026-5071

The SocketCAN implementation validates the length of a user-provided buffer containing a socketcanframe object using only a NETASSERT statement in zcansendtoctx before dereferencing it in socketcantocanframe. In production builds where assertions are disabled, a userspace application that control...

6.1CVSS5.9AI score0.00167EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-46186

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: virtiobt: validate rx pkttype header length virtbtrxhandle reads the leading pkttype byte from the RX skb and forwards the remainder to hcirecvframe...

5.5CVSS6.2AI score0.00123EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/28 5:4 p.m.13 views

Memory Allocation with Excessive Size Value

Overview Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value via the Parse function. An attacker can exhaust CPU resources and generate excessive log output by sending oversized or malformed headers that are processed without length checks. Remediation...

6.9CVSS5.8AI score0.00237EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an issue with the WMT event length verification in the btmtk module. This vulnerability may lead ...

5.8AI score0.00131EPSS
Exploits0References4
OSV
OSV
added 2026/05/27 2:17 p.m.9 views

UBUNTU-CVE-2026-46039

In the Linux kernel, the following vulnerability has been resolved: rxgk: Fix potential integer overflow in length check Fix potential integer overflow in rxgkextracttoken when checking the length of the ticket. Rather than rounding up the value to be tested which might overflow, round down the...

9.8CVSS5.7AI score0.00442EPSS
Exploits0References13
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from integer overflows in the length checks within the rxgkextracttoken function. This vulnerability...

9.8CVSS5.8AI score0.00442EPSS
Exploits0References3
Rows per page
Query Builder