Lucene search
K

1746 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: i2c: mlxbf: prevents stack overflow in mlxbfi2csmbusstartTransaction The memcpy function is called in a loop, without checking the upper bound of 'operation-length', and 'dataidx' is also incremented...

7.8CVSS6.2AI score0.00253EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ARM: Tegra – Use I/O memcpy to write to IRAM The Kasan vulnerability causes the kernel to crash when attempting to check boundaries using the normal memcpy...

5.5CVSS6.7AI score0.00148EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validated the box size for the snooped cursor. Invalid user-space DMA surface copies could potentially cause an overflow when copying data from the surface to the snooped image, leading to crashes. To address this...

5.5CVSS6.1AI score0.00149EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in TIF format

A null source pointer passed as an argument to the memcopy function within TIFFReadDirectory in tifdirread.c in libtiff versions from 4.0 to 4.3.0 could lead to a Denial of Service attack through a crafted TIFF file. For users who compile libtiff from source code, a fix is available in the commit...

5.5CVSS6.6AI score0.0125EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in TIF format

A null source pointer passed as an argument to the memcopy function within TIFFFetchStripThing in tifdirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to a Denial of Service attack through a crafted TIFF file. For users who compile libtiff from source code, this fix is available in the...

5.5CVSS6.5AI score0.0125EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: media: ngene: Fixed a out-of-bounds bug in ngenuecommandconfigfreebuf. Fixed a 11-year-old bug in ngenuecommandconfigfreebuf by addressing the following warnings encountered during compilation with -Warray-bounds:...

7.1CVSS6.3AI score0.00234EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: scsi: mpi3mr: Issues in mpi3mrgetalltgtinfo have been fixed. The function mpi3mrgetalltgtinfo has four issues: 1. It calculates the valid entry length in alltgtinfo assuming that the header part of the struct mpi3mrdevicemapin...

7.8CVSS6AI score0.00141EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in libheif

There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call...

7.8CVSS7.5AI score0.00307EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in glibc

There exists an exploitable signed comparison vulnerability in the ARMv7 memcpy implementation of GNU glibc 2.30.9000. Calling memcpy on ARMv7 targets that utilize the GNU glibc implementation with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attack...

8.1CVSS7.2AI score0.05223EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in pillow

A issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size...

7.5CVSS6.8AI score0.02372EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux - уязвимость в u-boot

A issue was discovered in Das U-Boot during the period from 2019.07. There is an unbounded memcpy operation with a failed length check at nfslookupreply...

9.8CVSS7AI score0.02196EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/12 3:30 a.m.14 views

SUSE CVE-2026-43330

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - fix overflow on long hmac keys When a key longer than block size is supplied, it is copied and then hashed into the real key. The memory allocated for the copy needs to be rounded to DMA cache alignment, as otherwi...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References15
CNVD
CNVD
added 2026/05/11 12:0 a.m.8 views

Linux kernel fuse_add_dirent_to_cache function buffer overflow vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A buffer overflow vulnerability exists in the Linux kernel. The vulnerability stems from the fuseadddirenttocache function not checking if the dirent size exceeds PAGESIZE, whi...

7.8CVSS6AI score0.00127EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.6 views

Unity Linux 20.1070e Security Update: hdf5 (UTSA-2026-017692)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017692 advisory. An issue was discovered in the HDF HDF5 1.8.20 library. There is a memcpy parameter overlap in the function H5Olinkdecode in H5Olink.c. Tenable has extracted the...

9.8CVSS6.8AI score0.01997EPSS
Exploits1References4
CVE
CVE
added 2026/05/08 1:31 p.m.20 views

CVE-2026-43330

CVE-2026-43330 relates to the Linux kernel crypto/caam path, where an overflow occurs when a long HMAC key (longer than the block size) is copied for hashing. The vulnerability arises because the copy’s allocated memory is aligned for DMA, and the original kmemdup path could read beyond the key b...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References5Affected Software1
SUSE CVE
SUSE CVE
added 2026/05/08 2:35 a.m.11 views

SUSE CVE-2016-8817

All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgDdiEscape where a value passed from a user to the driver is used without validation as the size input to memcpy, causing a buffer overflow, leading to denial of service o...

7.8CVSS7.3AI score0.004EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/05/07 7:41 p.m.10 views

kernel: out-of-bound read in memcpy_fromiovecend()

A flaw was found in the Linux kernel that allows the userspace to call memcpyfromiovecend and similar functions with a zero offset and buffer length. This can cause a read beyond the buffer boundaries flaw and, in certain cases, cause a memory access fault and a system halt by accessing invalid...

5.5CVSS6.7AI score0.00427EPSS
Exploits0References4
OSV
OSV
added 2026/05/06 2:44 p.m.5 views

BIT-JAVA-MIN-2024-47545 GHSL-2024-242: GStreamer has an integer underflow in FOURCC_strf parsing leading to OOB-read

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in qtdemuxparsetrak function within qtdemux.c. During the strf parsing case, the subtraction size -= 40 can lead to a negative integer overflow if it is less than 40. If this happen...

7.5CVSS6.8AI score0.01072EPSS
Exploits0References5
OSV
OSV
added 2026/05/04 7:16 a.m.18 views

UBUNTU-CVE-2026-43859

mutt before 2.3.2 sometimes uses strfcpy instead of memcpy for the IMAP authcram MD5 digest...

3.7CVSS5.8AI score0.00162EPSS
Exploits0References2
CVE
CVE
added 2026/05/04 5:41 a.m.36 views

CVE-2026-43859

Mutt vulnerability CVE-2026-43859 affects mutt before 2.3.2, where IMAP auth_cram MD5 digest computation may use strfcpy instead of memcpy. Root cause is choosing the wrong string copy function in the digest pathway. Impact (per CVSS 3.1) is Confidentiality: None, Integrity: Low, Availability: No...

3.7CVSS5.8AI score0.00162EPSS
Exploits0References1
Rows per page
Query Builder