19 matches found
CVE-2026-47741
Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, CreateOrderFromCartAction::execute previously created the Order row before checking and incrementing the discount's totaluse counter. Under concurrent checkout pressure Black Friday, flash sale, viral coupon, the global usagelimit was...
CVE-2026-44498
ZEBRA is a Zcash node written entirely in Rust. Prior to version 4.4.0, Zebra's block validator undercounts transparent signature operations against the 20000-sigop block limit MAXBLOCKSIGOPS, allowing it to accept blocks that zcashd rejects with bad-blk-sigops. A miner who produces such a block...
DEBIAN-CVE-2026-31623
In the Linux kernel, the following vulnerability has been resolved: net: usb: cdc-phonet: fix skb frags overflow in rxcomplete A malicious USB device claiming to be a CDC Phonet modem can overflow the skbsharedinfo-frags array by sending an unbounded sequence of full-page bulk transfers. Drop the...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007238)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007238 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftlimit: reject configurations that cause integer overflow Reject bogus configs where...
kernel: udmabuf: fix a buf size overflow issue during udmabuf creation
A buffer-overflow vulnerability was found in the Linux kernel's udmabuf driver. The flaw occurs in the udmabufcreate function, which calculates the page count limit pglimit using the variable sizelimitmb. This size variable can be misinterpreted as either 32-bit or 64-bit, resulting in incorrect...
kernel: udmabuf: fix a buf size overflow issue during udmabuf creation
A buffer-overflow vulnerability was found in the Linux kernel's udmabuf driver. The flaw occurs in the udmabufcreate function, which calculates the page count limit pglimit using the variable sizelimitmb. This size variable can be misinterpreted as either 32-bit or 64-bit, resulting in incorrect...
DEBIAN-CVE-2025-37769
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm/smu11: Prevent division by zero The user can set any speed value. If speed is greater than UINTMAX/8, division by zero is possible. Found by Linux Verification Center linuxtesting.org with SVACE. cherry picked from...
SUSE SLES12: java-11-openjdk / java-11-openjdk-demo / java-11-openjdk-devel / etc (SUSE-SU-2024:2590-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2590-1 advisory. Updated to version 11.0.24+8 July 2024 CPU: - CVE-2024-21131: Fixed a potential UTF8 size overflow bsc1228046. - CVE-2024-21138:...
SUSE-SU-2024:2590-1 Security update for java-11-openjdk
This update for java-11-openjdk fixes the following issues: Updated to version 11.0.24+8 July 2024 CPU: - CVE-2024-21131: Fixed a potential UTF8 size overflow bsc1228046. - CVE-2024-21138: Fixed an infinite loop due to excessive symbol length bsc1228047. - CVE-2024-21140: Fixed a pre-loop limit...
SUSE-SU-2024:2578-1 Security update for java-21-openjdk
This update for java-21-openjdk fixes the following issues: Updated to version 21.0.4+7 July 2024 CPU: - CVE-2024-21131: Fixed a potential UTF8 size overflow bsc1228046. - CVE-2024-21138: Fixed an infinite loop due to excessive symbol length bsc1228047. - CVE-2024-21140: Fixed a pre-loop limit...
jetty: hpack header values cause denial of service in http/2
A flaw was found in Jetty http2-hpack and http3-qpack. If header values exceed the size limit and Huffman is the trueMetaDataBuilder.checkSize, the multiplication will overflow, and the length will become negative, causing a large buffer allocation on the server, leading to a Denial of Service Do...
kernel: Rate limit overflow messages in r8152 in intr_callback
A vulnerability was found in intrcallback in drivers/net/usb/r8152.c in the BPF component in the Linux Kernel. The manipulation leads to logging excessive data, where an attack can be launched remotely...
kernel: Rate limit overflow messages in r8152 in intr_callback
A vulnerability was found in intrcallback in drivers/net/usb/r8152.c in the BPF component in the Linux Kernel. The manipulation leads to logging excessive data, where an attack can be launched remotely...
Unbreakable Enterprise kernel security update
4.1.12-124.70.2 - proc: procskipspaces shouldn't think it is working on C strings Linus Torvalds Orabug: 34882781 CVE-2022-4378 - proc: avoid integer type confusion in getproclong Linus Torvalds Orabug: 34882781 CVE-2022-4378 - netfilter: nfconntrackirc: Fix forged IP logic David Leadbeater Orabu...
CVE-2022-30634
Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 32 - 1 bytes...
Debian DSA-5017-1 : xen - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5017 advisory. Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in privilege escalation, denial of service or information leaks. For the...
SUSE SLED15: xen / xen-devel / xen-libs / xen-tools / xen-tools-domU / etc (SUSE-SU-2021:3888-1)
The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3888-1 advisory. - CVE-2021-28702: Fixed PCI devices with RMRRs not deassigned correctly XSA-386 bsc1191363. - CVE-2021-28704, CVE-2021-28707,...
CVE-2021-28706
guests may exceed their designated memory limit When a guest is permitted to have close to 16TiB of memory, it may be able to issue hypercalls to increase its memory allocation beyond the administrator established limit. This is a result of a calculation done with 32-bit precision, which may...
Re: [oss-security] CVE Request: Linux kernel ALSA core control API vulnerabilities
Hi, The mail that was send by Lars-Peter to the ALSA developers. Takashi Tiwai gave approval to forward it here. Ciao, Marcus ------------------------------------------------------------------- Subject: PATCH 0/5 Use-after-free and out-of-bounds acccess vulnerabilities in the ALSA control code...