Lucene search
+L

19 matches found

redhatcve
redhatcve
added 2026/06/05 7:37 p.m.17 views

CVE-2026-47741

Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, CreateOrderFromCartAction::execute previously created the Order row before checking and incrementing the discount's totaluse counter. Under concurrent checkout pressure Black Friday, flash sale, viral coupon, the global usagelimit was...

5.9CVSS5.5AI score0.00239EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/05/08 3:9 p.m.7 views

CVE-2026-44498

ZEBRA is a Zcash node written entirely in Rust. Prior to version 4.4.0, Zebra's block validator undercounts transparent signature operations against the 20000-sigop block limit MAXBLOCKSIGOPS, allowing it to accept blocks that zcashd rejects with bad-blk-sigops. A miner who produces such a block...

9.2CVSS5.7AI score0.00283EPSS
Exploits0References3Affected Software1
osv
osv
added 2026/04/24 3:16 p.m.5 views

DEBIAN-CVE-2026-31623

In the Linux kernel, the following vulnerability has been resolved: net: usb: cdc-phonet: fix skb frags overflow in rxcomplete A malicious USB device claiming to be a CDC Phonet modem can overflow the skbsharedinfo-frags array by sending an unbounded sequence of full-page bulk transfers. Drop the...

5.5CVSS5.2AI score0.00125EPSS
Exploits0References1
nessus
nessus
added 2026/04/17 12:0 a.m.10 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007238)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007238 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftlimit: reject configurations that cause integer overflow Reject bogus configs where...

5.5CVSS6.1AI score0.00241EPSS
Exploits0References3
redhat
redhat
added 2025/09/08 12:6 p.m.5 views

kernel: udmabuf: fix a buf size overflow issue during udmabuf creation

A buffer-overflow vulnerability was found in the Linux kernel's udmabuf driver. The flaw occurs in the udmabufcreate function, which calculates the page count limit pglimit using the variable sizelimitmb. This size variable can be misinterpreted as either 32-bit or 64-bit, resulting in incorrect...

7.8CVSS7.3AI score0.00185EPSS
Exploits0References5
redhat
redhat
added 2025/07/23 12:28 a.m.12 views

kernel: udmabuf: fix a buf size overflow issue during udmabuf creation

A buffer-overflow vulnerability was found in the Linux kernel's udmabuf driver. The flaw occurs in the udmabufcreate function, which calculates the page count limit pglimit using the variable sizelimitmb. This size variable can be misinterpreted as either 32-bit or 64-bit, resulting in incorrect...

7.8CVSS7.3AI score0.00185EPSS
Exploits0References5
osv
osv
added 2025/05/01 2:15 p.m.1 views

DEBIAN-CVE-2025-37769

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm/smu11: Prevent division by zero The user can set any speed value. If speed is greater than UINTMAX/8, division by zero is possible. Found by Linux Verification Center linuxtesting.org with SVACE. cherry picked from...

5.5CVSS5.5AI score0.00166EPSS
Exploits0References1
nessus
nessus
added 2024/07/23 12:0 a.m.46 views

SUSE SLES12: java-11-openjdk / java-11-openjdk-demo / java-11-openjdk-devel / etc (SUSE-SU-2024:2590-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2590-1 advisory. Updated to version 11.0.24+8 July 2024 CPU: - CVE-2024-21131: Fixed a potential UTF8 size overflow bsc1228046. - CVE-2024-21138:...

7.4CVSS6.8AI score0.01257EPSS
Exploits0References20
osv
osv
added 2024/07/22 12:13 p.m.28 views

SUSE-SU-2024:2590-1 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Updated to version 11.0.24+8 July 2024 CPU: - CVE-2024-21131: Fixed a potential UTF8 size overflow bsc1228046. - CVE-2024-21138: Fixed an infinite loop due to excessive symbol length bsc1228047. - CVE-2024-21140: Fixed a pre-loop limit...

7.4CVSS6.7AI score0.01257EPSS
Exploits0References14
osv
osv
added 2024/07/22 10:36 a.m.42 views

SUSE-SU-2024:2578-1 Security update for java-21-openjdk

This update for java-21-openjdk fixes the following issues: Updated to version 21.0.4+7 July 2024 CPU: - CVE-2024-21131: Fixed a potential UTF8 size overflow bsc1228046. - CVE-2024-21138: Fixed an infinite loop due to excessive symbol length bsc1228047. - CVE-2024-21140: Fixed a pre-loop limit...

7.4CVSS6.7AI score0.01257EPSS
Exploits0References12
redhat
redhat
added 2024/05/23 10:45 p.m.4 views

jetty: hpack header values cause denial of service in http/2

A flaw was found in Jetty http2-hpack and http3-qpack. If header values exceed the size limit and Huffman is the trueMetaDataBuilder.checkSize, the multiplication will overflow, and the length will become negative, causing a large buffer allocation on the server, leading to a Denial of Service Do...

7.5CVSS7.3AI score0.03754EPSS
Exploits1References9
redhat
redhat
added 2023/11/14 3:46 p.m.5 views

kernel: Rate limit overflow messages in r8152 in intr_callback

A vulnerability was found in intrcallback in drivers/net/usb/r8152.c in the BPF component in the Linux Kernel. The manipulation leads to logging excessive data, where an attack can be launched remotely...

5.3CVSS6.2AI score0.02211EPSS
Exploits0References5
redhat
redhat
added 2023/11/07 9:3 a.m.6 views

kernel: Rate limit overflow messages in r8152 in intr_callback

A vulnerability was found in intrcallback in drivers/net/usb/r8152.c in the BPF component in the Linux Kernel. The manipulation leads to logging excessive data, where an attack can be launched remotely...

5.3CVSS6.2AI score0.02211EPSS
Exploits0References5
oraclelinux
oraclelinux
added 2023/01/03 12:0 a.m.58 views

Unbreakable Enterprise kernel security update

4.1.12-124.70.2 - proc: procskipspaces shouldn't think it is working on C strings Linus Torvalds Orabug: 34882781 CVE-2022-4378 - proc: avoid integer type confusion in getproclong Linus Torvalds Orabug: 34882781 CVE-2022-4378 - netfilter: nfconntrackirc: Fix forged IP logic David Leadbeater Orabu...

7.8CVSS7.3AI score0.02211EPSS
Exploits1
nvd
nvd
added 2022/07/15 8:15 p.m.23 views

CVE-2022-30634

Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 32 - 1 bytes...

7.5CVSS0.02057EPSS
Exploits1References5
nessus
nessus
added 2021/12/06 12:0 a.m.32 views

Debian DSA-5017-1 : xen - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5017 advisory. Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in privilege escalation, denial of service or information leaks. For the...

8.8CVSS7.7AI score0.0206EPSS
Exploits0References17
nessus
nessus
added 2021/12/04 12:0 a.m.40 views

SUSE SLED15: xen / xen-devel / xen-libs / xen-tools / xen-tools-domU / etc (SUSE-SU-2021:3888-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3888-1 advisory. - CVE-2021-28702: Fixed PCI devices with RMRRs not deassigned correctly XSA-386 bsc1191363. - CVE-2021-28704, CVE-2021-28707,...

8.8CVSS7AI score0.0206EPSS
Exploits0References20
nvd
nvd
added 2021/11/24 1:15 a.m.11 views

CVE-2021-28706

guests may exceed their designated memory limit When a guest is permitted to have close to 16TiB of memory, it may be able to issue hypercalls to increase its memory allocation beyond the administrator established limit. This is a result of a calculation done with 32-bit precision, which may...

8.6CVSS0.0206EPSS
Exploits0References5
securityvulns
securityvulns
added 2014/06/26 12:0 a.m.55 views

Re: [oss-security] CVE Request: Linux kernel ALSA core control API vulnerabilities

Hi, The mail that was send by Lars-Peter to the ALSA developers. Takashi Tiwai gave approval to forward it here. Ciao, Marcus ------------------------------------------------------------------- Subject: PATCH 0/5 Use-after-free and out-of-bounds acccess vulnerabilities in the ALSA control code...

7.7AI score
Exploits0
Rows per page
Query Builder