Lucene search
+L

761 matches found

Snyk
Snyk
added 2026/02/25 7:12 p.m.6 views

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free in the PDB decoder when a memory allocation fails, leading to the use of a stale pointer. An attacker can cause a crash or trigger a single zero byte write by providing specially crafted input files. Remediation A fix was...

6.3CVSS5.9AI score0.0023EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/25 7:12 p.m.5 views

Use After Free

Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.3CVSS6AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/02/25 3:20 p.m.8 views

kernel: ext4: fix use-after-free in ext4_orphan_cleanup

A use-after-free vulnerability was found in the ext4 filesystem's orphan inode cleanup routine in the Linux kernel. When ext4inodeattachjinode fails with -ENOMEM during orphan cleanup at mount time, the error is not properly propagated. The inode is freed via iput, but the orphan list still...

5.8AI score0.0022EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/02/25 4:10 a.m.7 views

kernel: ext4: fix use-after-free in ext4_orphan_cleanup

A use-after-free vulnerability was found in the ext4 filesystem's orphan inode cleanup routine in the Linux kernel. When ext4inodeattachjinode fails with -ENOMEM during orphan cleanup at mount time, the error is not properly propagated. The inode is freed via iput, but the orphan list still...

5.8AI score0.0022EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/02/25 12:0 a.m.7 views

PT-2026-57177

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-15 Description A use-after-free issue exists in the PDB decoder. This occurs when the system uses a stale pointer following a memory allocation failure. An attacker can exploit this by processing specially...

6.3CVSS6.1AI score0.0023EPSS
Exploits0References20
RedHat Linux
RedHat Linux
added 2026/02/11 12:25 a.m.4 views

kernel: ext4: fix use-after-free in ext4_orphan_cleanup

A use-after-free vulnerability was found in the ext4 filesystem's orphan inode cleanup routine in the Linux kernel. When ext4inodeattachjinode fails with -ENOMEM during orphan cleanup at mount time, the error is not properly propagated. The inode is freed via iput, but the orphan list still...

5.8AI score0.0022EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/01/31 12:0 a.m.6 views

Linux Kernel Security Vulnerabilities

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to release allocated resources when memory allocation fails, potentially leading to...

5.8AI score0.00245EPSS
Exploits0References5
OSV
OSV
added 2026/01/30 11:17 a.m.5 views

SUSE-SU-2026:0348-1 Security update for bind

This update for bind fixes the following issues: Upgrade to release 9.20.18: - CVE-2025-13878: Fixed incorrect length checks for BRID and HHIT records bsc1256997 Feature Changes: Add more information to the rndc recursing output about fetches. Reduce the number of outgoing queries. Provide more...

7.5CVSS6.1AI score0.08219EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/01/27 5:52 p.m.5 views

CVE-2026-0918

The Tapo C220 v1 and C520WS v2 cameras’ HTTP service does not safely handle POST requests containing an excessively large Content-Length header. The resulting failed memory allocation triggers a NULL pointer dereference, causing the main service process to crash. An unauthenticated attacker can...

7.1CVSS5.9AI score0.00682EPSS
Exploits0References7
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: clk: bcm: rpi: A NULL check has been added in raspberrypiclkregister. devmkasprintf returns NULL when memory allocation fails. Currently, raspberrypiclkregister does not check for this case, which results in a NULL pointer being...

5.5CVSS6.5AI score0.00147EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: backlight: pm8941: Add a NULL check in wledconfigure. The devmkasprintf function returns NULL when memory allocation fails. Currently, wledconfigure does not check for this case, which results in a NULL pointer being dereferenced...

5.5CVSS6.3AI score0.00166EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.6 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: fbdev: The issue was fixed by correcting fbsetvar to prevent a null-ptr dereference in fbvideomodetovar. If fbaddvideomode in fbsetvar fails to allocate memory for fbvideomode, it may lead to a null-ptr dereference in...

5.5CVSS6.3AI score0.00153EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: fbdev: imxfb: Check fbaddvideomode to prevent nullptrderef. The fbaddvideomode function may fail with -ENOMEM if its internal kmalloc function cannot allocate a struct fbmodelist. In such cases, the modelist remains empty, but th...

5.5CVSS6.1AI score0.00153EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.2 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: nfs: Handling of failures in nfsgetlockcontext during unlock path When memory is insufficient, the allocation of nfslockcontext in nfsgetlockcontext fails and returns -ENOMEM. If we mistakenly treat an nfs4unlockdata structure...

5.5CVSS6.5AI score0.00176EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.8 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ASoC: imx-card: Added a NULL check in imxcardprobe The devmkasprintf function returns NULL when memory allocation fails. Currently, imxcardprobe does not check for this case, which results in a NULL pointer being dereferenced. A...

5.5CVSS6.3AI score0.00189EPSS
Exploits0References3
OSV
OSV
added 2026/01/23 12:23 p.m.5 views

OESA-2026-1204 harfbuzz security update

HarfBuzz is a text-shaping engine. If you give HarfBuzz a font and a string containing a sequence of Unicode codepoints, HarfBuzz selects and positions the corresponding glyphs from the font, applying all of the necessary layout rules and font features. HarfBuzz then returns the string to you in...

5.3CVSS5.6AI score0.00377EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.6 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-38145)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38145 advisory. - In the Linux kernel, the following vulnerability has been resolved: soc: aspeed: Add NULL check in...

5.5CVSS5.3AI score0.0017EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.4 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-38160)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38160 advisory. - In the Linux kernel, the following vulnerability has been resolved: clk: bcm: rpi: Add NULL check in...

5.5CVSS5.3AI score0.00147EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.5 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-38214)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38214 advisory. - In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix fbsetvar to prevent null-...

5.5CVSS5.3AI score0.00153EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/01/20 1:15 a.m.4 views

CVE-2026-22770

ImageMagick is free and open-source software used for editing and manipulating digital images. The BilateralBlurImage method will allocate a set of double buffers inside AcquireBilateralTLS. But, in versions prior to 7.1.2-13, the last element in the set is not properly initialized. This will...

9.8CVSS5.8AI score0.00336EPSS
Exploits0References3
Rows per page
Query Builder