Lucene search
+L

768 matches found

AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.2 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: nfs: Handling of failures in nfsgetlockcontext during unlock path When memory is insufficient, the allocation of nfslockcontext in nfsgetlockcontext fails and returns -ENOMEM. If we mistakenly treat an nfs4unlockdata structure...

5.5CVSS6.5AI score0.00176EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.8 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ASoC: imx-card: Added a NULL check in imxcardprobe The devmkasprintf function returns NULL when memory allocation fails. Currently, imxcardprobe does not check for this case, which results in a NULL pointer being dereferenced. A...

5.5CVSS6.3AI score0.00189EPSS
Exploits0References3
OSV
OSV
added 2026/01/23 12:23 p.m.5 views

OESA-2026-1204 harfbuzz security update

HarfBuzz is a text-shaping engine. If you give HarfBuzz a font and a string containing a sequence of Unicode codepoints, HarfBuzz selects and positions the corresponding glyphs from the font, applying all of the necessary layout rules and font features. HarfBuzz then returns the string to you in...

5.3CVSS5.6AI score0.00377EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.4 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-38160)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38160 advisory. - In the Linux kernel, the following vulnerability has been resolved: clk: bcm: rpi: Add NULL check in...

5.5CVSS5.3AI score0.00147EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.6 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-38145)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38145 advisory. - In the Linux kernel, the following vulnerability has been resolved: soc: aspeed: Add NULL check in...

5.5CVSS5.3AI score0.0017EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.5 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-38214)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38214 advisory. - In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix fbsetvar to prevent null-...

5.5CVSS5.3AI score0.00153EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/01/20 1:15 a.m.4 views

CVE-2026-22770

ImageMagick is free and open-source software used for editing and manipulating digital images. The BilateralBlurImage method will allocate a set of double buffers inside AcquireBilateralTLS. But, in versions prior to 7.1.2-13, the last element in the set is not properly initialized. This will...

9.8CVSS5.8AI score0.00336EPSS
Exploits0References3
OSV
OSV
added 2026/01/20 1:15 a.m.5 views

UBUNTU-CVE-2026-22770

ImageMagick is free and open-source software used for editing and manipulating digital images. The BilateralBlurImage method will allocate a set of double buffers inside AcquireBilateralTLS. But, in versions prior to 7.1.2-13, the last element in the set is not properly initialized. This will...

9.8CVSS5.8AI score0.00336EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/01/20 12:48 a.m.2 views

CVE-2026-22770

ImageMagick is free and open-source software used for editing and manipulating digital images. The BilateralBlurImage method will allocate a set of double buffers inside AcquireBilateralTLS. But, in versions prior to 7.1.2-13, the last element in the set is not properly initialized. This will...

9.8CVSS5.4AI score0.00336EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/01/20 12:48 a.m.43 views

CVE-2026-22770

CVE-2026-22770 affects ImageMagick: in BilateralBlurImage, the last element of a double-buffer set isn’t properly initialized inside AcquireBilateralTLS, leading to an invalid pointer being freed in DestroyBilateralTLS when memory allocation fails. The issue is fixed in version 7.1.2-13. Connecte...

9.8CVSS5.5AI score0.00336EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2026/01/20 12:48 a.m.4 views

CVE-2026-22770

ImageMagick is free and open-source software used for editing and manipulating digital images. The BilateralBlurImage method will allocate a set of double buffers inside AcquireBilateralTLS. But, in versions prior to 7.1.2-13, the last element in the set is not properly initialized. This will...

9.8CVSS5.5AI score0.00336EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.16 views

MiracleLinux 8 : glibc-2.28-251.el8.2 (AXSA:2024-8156:07)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8156:07 advisory. glibc: Out of bounds write in iconv may lead to remote code execution CVE-2024-2961 The glibc packages provide the standard C libraries libc, POSIX...

8.1CVSS8.5AI score0.8833EPSS
Exploits16References6
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.12 views

MiracleLinux 9 : glibc-2.34-100.el9_4.2 (AXSA:2024-8145:06)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8145:06 advisory. glibc: Out of bounds write in iconv conversion to ISO-2022-CN-EXT CVE-2024-2961 glibc: stack-based buffer overflow in netgroup cache CVE-2024-33599...

8.1CVSS7.9AI score0.8833EPSS
Exploits16References6
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.11 views

MiracleLinux 7 : glibc-2.17-326.el7.3 (AXSA:2024-8129:05)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8129:05 advisory. glibc: Out of bounds write in iconv may lead to remote code execution CVE-2024-2961 glibc: stack-based buffer overflow in netgroup cache...

8.1CVSS8.2AI score0.8833EPSS
Exploits16References6
RedhatCVE
RedhatCVE
added 2026/01/13 10:55 p.m.6 views

CVE-2026-22693

A null pointer dereference vector has been discovered in the harfbuzz package. A null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh:1672-1673. The function fails to check if hbmalloc returns NULL before using placement ne...

5.3CVSS5.1AI score0.00377EPSS
Exploits1References5
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ASoC: amd/sdwutils: avoid NULL deref when devmkasprintf fails devmkasprintf may return NULL when memory allocation fails. However, the debug message prints cpus-dainame before checking it. Move the devdbg call after the NULL chec...

5.8AI score0.0018EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.6 views

Astra Linux – Vulnerability in ffmpeg

A flaw was discovered in FFmpeg’s ALS audio decoder, where it does not properly check for memory allocation failures. This can cause the application to crash when processing certain malformed audio files. While it does not lead to data theft or system control, it can be used to disrupt services a...

5.3CVSS6.5AI score0.00342EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.4 views

Astra Linux – Vulnerability in mbedtls

In Mbed TLS versions prior to 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uninitialized stack memory was used to construct the TLS Finished message. This could potentially lead to authentication bypasses, such as replay attacks...

5.4CVSS5.9AI score0.00274EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/atom: Check kcalloc for the WS buffer in amdgpuatomexecutetablelocked. kcalloc may fail. When WS is non-zero and allocation fails, ectx.ws remains NULL while ectx.wssize is set. This can lead to a potential NULL pointe...

5.8AI score0.00172EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/01/13 12:24 a.m.6 views

SUSE CVE-2026-22693

HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh. The function fails to check if hbmalloc returns NULL before using placement new to construct an object at t...

5.3CVSS7.1AI score0.00377EPSS
Exploits1References6
Rows per page
Query Builder