Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2026/06/26 6:44 p.m.11 views

CVE-2026-52957

A flaw was found in the Linux kernel's libceph component. When processing a CEPHMSGOSDMAP message containing a specially crafted CRUSH map, a remote attacker could potentially trigger a null pointer dereference. This issue arises during the decoding of crushchooseargmap if a bucketindex refers to...

7.5CVSS5.8AI score0.0053EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 6:44 p.m.7 views

CVE-2026-52955

A flaw was found in the libceph component of the Linux kernel. A remote attacker could send a specially crafted CEPHMSGOSDMAP message where two internal fields, alg and b-alg, contain differing bucket algorithm values. This discrepancy can lead to an out-of-bounds memory access during processing ...

9.8CVSS5.8AI score0.00377EPSS
Exploits0References4
CVE
CVE
added 2026/06/24 4:28 p.m.35 views

CVE-2026-52955

The CVE-2026-52955 vulnerability affects the Linux kernel’s libceph crush_decode(). A CEPH_MSG_OSD_MAP containing a crush map with at least one bucket could have two bucket algorithm fields (alg and b->alg) that differ, leading to potential out-of-bounds access during allocation or destruction...

9.8CVSS5.8AI score0.00377EPSS
Exploits0References11
Snyk
Snyk
added 2026/04/27 10:14 a.m.8 views

Deserialization of Untrusted Data

Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the JmsBinding.extractBodyFromJms function in camel-jms and it's equivalents in camel-sjms that does not apply any ObjectInputFilter. An attacker can execute arbitrary code by sending a crafted JMS...

9.8CVSS6.2AI score0.00881EPSS
Exploits2References2
EUVD
EUVD
added 2026/04/10 6:31 p.m.13 views

EUVD-2026-21412

Apache Log4j's JsonTemplateLayout https://logging.apache.org/log4j/2.x/manual/json-template-layout.html , in versions up to and including 2.25.3, produces invalid JSON output when log events contain non-finite floating-point values NaN, Infinity, or -Infinity, which are prohibited by RFC 8259. Th...

6.3CVSS5.8AI score0.00555EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2026/04/10 6:31 p.m.8 views

Apache Log4j JSON Template Layout: Improper serialization of non-finite floating-point values in JsonTemplateLayout

Apache Log4j's JsonTemplateLayout, in versions up to and including 2.25.3, produces invalid JSON output when log events contain non-finite floating-point values NaN, Infinity, or -Infinity, which are prohibited by RFC 8259. This may cause downstream log processing systems to reject or fail to ind...

7.5CVSS5.8AI score0.00555EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2026/04/10 3:43 p.m.2 views

CVE-2026-34481 Apache Log4j JSON Template Layout: Improper serialization of non-finite floating-point values in JsonTemplateLayout

Apache Log4j's JsonTemplateLayout https://logging.apache.org/log4j/2.x/manual/json-template-layout.html , in versions up to and including 2.25.3, produces invalid JSON output when log events contain non-finite floating-point values NaN, Infinity, or -Infinity, which are prohibited by RFC 8259. Th...

6.3CVSS6.1AI score0.00555EPSS
Exploits0References9
OSV
OSV
added 2025/07/10 8:15 a.m.5 views

CVE-2025-38341 eth: fbnic: avoid double free when failing to DMA-map FW msg

In the Linux kernel, the following vulnerability has been resolved: eth: fbnic: avoid double free when failing to DMA-map FW msg The semantics are that caller of fbnicmbxmapmsg retains the ownership of the message on error. All existing callers dutifully free the page...

7.8CVSS6.2AI score0.00151EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:0 a.m.3 views

SUSE CVE-2020-9430

In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. This was addressed in plugins/epan/wimax/msgdlmap.c by validating a length field...

7.5CVSS7.5AI score0.0281EPSS
Exploits1References5
Rows per page
Query Builder