Lucene search
K

1334 matches found

OSV
OSV
added 2 days ago3 views

UBUNTU-CVE-2026-14164

A double free issue has been identified in libarchive's RAR5 reader. During parsing of a specially crafted RAR5 archive, the filteredbuf pointer may remain stale after being freed during unpacking state reinitialization. Subsequent processing of another archive entry can trigger a second free of...

7.5CVSS5.7AI score0.0035EPSS
Exploits0References6
CVE
CVE
added 2 days ago12 views

CVE-2026-14164

CVE-2026-14164 concerns libarchive’s RAR5 reader. A double-free arises when a filtered_buf pointer remains stale after being freed during unpack state reinitialization, allowing a second free on processing a subsequent archive entry. The issue is triggered by parsing a specially crafted RAR5 arch...

7.5CVSS5.7AI score0.0035EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 3 days ago5 views

CVE-2026-57436

A flaw was found in Nokogiri, an open-source library used for processing XML and HTML documents. This vulnerability occurs due to insufficient validation when setting the document's root element, allowing a malicious document to trigger a memory error. This can lead to a heap use-after-free,...

6.3CVSS5.9AI score0.00312EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 5 days ago7 views

CVE-2026-10643

Zephyr's IP socket recvmsg implementation subsys/net/lib/sockets/socketsinet.c, insertpktinfo validated the user-supplied ancillary msgcontrol buffer using only the payload length msg-msgcontrollen pktinfolen before writing a full control message consisting of an aligned cmsg header plus the...

8.7CVSS6AI score0.00117EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/25 8:39 a.m.5 views

EUVD-2026-39206

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: validate advertising TLV before type checks tlvdataisvalid reads each advertising data field length from datai, then inspects datai + 1 for managed EIR types before checking that the current field still fits insi...

6AI score0.00172EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/06/22 10:59 a.m.26 views

kernel: wifi: mac80211: use safe list iteration in radar detect work

A flaw was found in the Linux kernel's mac80211 wireless subsystem. This vulnerability arises from unsafe list iteration during radar detection work, where a channel context can be freed while still being processed. This can lead to a use-after-free memory error. A successful exploit could result...

8.8CVSS5.8AI score0.00203EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/19 2:50 p.m.7 views

CVE-2026-45696

A flaw was found in the OpenEXR image library. If an application opens a maliciously crafted EXR image file, it triggers a memory error. An attacker can use this to crash the application—causing a denial of service DoS—and potentially view sensitive information from the application's memory. Any...

8.3CVSS5.8AI score0.00263EPSS
Exploits1References5
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Firefox and Thunderbird

When calling JS::CheckRegExpSyntax, a syntax error may be set, resulting in the call to convertToRuntimeErrorAndClear. A path within the function might attempt to allocate memory when no memory is available, causing a newly created Out of Memory exception to be misinterpreted as a syntax error...

6.5CVSS6.6AI score0.00528EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mmc: mmctest: Fixed the issue of NULL dereferencing upon allocation failure. If the allocation of test-highmem = allocpages fails, calling freepagestest-highmem will result in a NULL dereferencing. Additionally, the error code ha...

5.5CVSS6.2AI score0.00246EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Chromium

In V8 of Google Chrome, out-of-bounds memory access prior to version 123.0.6312.105 allowed a remote attacker to perform arbitrary read/write operations through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.01599EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm: Prevent poison consumption when splitting THP When performing memory error injection on a THP Transparent Huge Page mapped to user space on an x86 server, the kernel panics with the following trace. The expected behavior woul...

6AI score0.00179EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: pinctrl: freescale: Fixed a memory out-of-bounds issue when numconfigs is 1. The configuration passed in by padwakeup is set to 1 when numconfigs is 1. In this case, Configuration 1 should not be retrieved, which will be detected...

5.7AI score0.00155EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9k: Fixed a potential stack-out-of-bounds write in ath9kwmirspcallback. This bug involves a write operation that occurs in a WMI response callback function, which is called after a timeout occurs in ath9kwmicmd. The writ...

5.7AI score0.00191EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: ath12k – Fix for out-of-bound access errors The Selfgen statistics are stored in a buffer using the printarraytobufindex function. The array length parameter passed to this function is too large, which may lead to an...

7.1CVSS6.3AI score0.00165EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: EDAC/mc: Fixed the error path ordering in edacmcalloc. When the mci-pvtinfo allocation in edacmcalloc fails, the error path will call putdevice, which will ultimately call the device’s release function. However, the initializatio...

5.5CVSS5.8AI score0.00115EPSS
Exploits0References1
NVD
NVD
added 2026/06/18 5:16 p.m.10 views

CVE-2025-53114

CometD is a scalable comet implementation for web messaging. In versions 5.0.0 through 5.0.22, 6.0.0 through 6.0.18, 7.0.0 through 7.0.18, and 8.0.0 through 8.0.8, bad clients that always send a fixed batch value when the server is using the acknowledgement extension may cause the unacknowledged...

7.5CVSS0.00384EPSS
Exploits0References6
OSV
OSV
added 2026/06/18 3:54 p.m.4 views

SUSE-SU-2026:2458-1 Security update for dnsmasq

This update for dnsmasq fixes the following issues - CVE-2026-2291: VU471747: dnsmasq can be abused to record false cached data enabling DoS or attacker redirect bsc1258251. - CVE-2026-4890: DoS vulnerability in the DNSSEC validation bsc1265001. - CVE-2026-4891: heap-based out-of-bounds read...

8.8CVSS6.2AI score0.06662EPSS
Exploits4References15
RedHat Linux
RedHat Linux
added 2026/06/16 7:53 a.m.6 views

python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

A flaw was found in Python's decompression modules, including lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile. This vulnerability, a use-after-free, can occur if a program attempts to re-use a decompression object after a memory allocation error, especially when the system is...

9.1CVSS6.3AI score0.00579EPSS
Exploits0References10
OSV
OSV
added 2026/06/16 12:0 a.m.6 views

ALSA-2026:26181 Important: postgresql:15 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison CVE-2026-6478 postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write...

8.8CVSS5.5AI score0.00668EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/06/11 1:24 p.m.9 views

openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption

A flaw was found in OpenSSL. When processing attacker-supplied Cryptographic Message Syntax CMS data using password-based decryption, an attacker can choose a stream-mode Key Encryption Key KEK cipher. This can trigger a heap out-of-bounds read, potentially causing an application crash and leadin...

7.5CVSS5.4AI score0.00297EPSS
Exploits0References4
Rows per page
Query Builder