Lucene search
K

1426 matches found

OSV
OSV
added 2026/07/07 2:34 p.m.5 views

PYSEC-2026-1306 Reverb use after free vulnerability

There exists a use after free vulnerability in Reverb. Reverb supports the VARIANT datatype, which is supposed to represent an arbitrary object in C++. When a tensor proto of type VARIANT is unpacked, memory is first allocated to store the entire tensor, and a ctor is called on each instance...

6.1CVSS6.1AI score0.00123EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/07/06 4:54 a.m.5 views

kernel: kernel: ipv6 frag escape

A flaw was found in the Linux kernel's ipv6 networking subsystem. An incorrect parameter length calculation allows an attacker with permissions to create UDP sockets to trigger overwrites of kernel memory, potentially leading to privilege escalation, data corruption, or a system crash...

5.9AI score0.00176EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/07/03 6:29 p.m.6 views

CVE-2026-58379

A flaw was found in GIMP's Paint Shop Pro PSP file format parser. This heap buffer overflow vulnerability allows a remote attacker to cause arbitrary code execution or a denial of service DoS by tricking a user into opening a specially crafted PSP image file. The vulnerability occurs because the...

7.3CVSS6.7AI score0.00233EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.10 views

PT-2026-55578

Name of the Vulnerable Software and Affected Versions GIMP affected versions not specified Description A heap buffer overflow exists in the Paint Shop Pro PSP file format parser. The issue occurs when the software incorrectly calculates buffer sizes while processing low bit-depth images, which...

7.3CVSS6.6AI score0.00233EPSS
Exploits0References12
RedHat Linux
RedHat Linux
added 2026/07/02 2:52 p.m.3 views

kernel: kernel: ipv6 frag escape

A flaw was found in the Linux kernel's ipv6 networking subsystem. An incorrect parameter length calculation allows an attacker with permissions to create UDP sockets to trigger overwrites of kernel memory, potentially leading to privilege escalation, data corruption, or a system crash...

5.9AI score0.00176EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/25 3:43 p.m.5 views

EUVD-2026-39455

socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read...

9.2CVSS6.2AI score0.00308EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-53130

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/omfs: reject ssysblocksize smaller than OMFSDIRSTART omfsfillsuper rejects oversized ssysblocksize values PAGESIZE, but it does not reject values smaller tha...

7.8CVSS6AI score0.0013EPSS
Exploits0References2
OSV
OSV
added 2026/06/23 6:3 a.m.4 views

RLSA-2026:28037 Important: postgresql:15 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL: Operating system account hijack via symlink following in pgbasebackup and pgrewind CVE-2026-6475 postgresql: PostgreSQL libpq: Buffer overflow allows server superuser to overwrite...

8.8CVSS5.9AI score0.00668EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/05 7:33 p.m.10 views

CVE-2026-45684

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, OBI's log enricher mishandles writev buffers by reading only the first iovec entry but using the total ioviter.count as the copy length. When log...

5.3CVSS5.4AI score0.00172EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2026/06/04 2:23 a.m.11 views

SUSE CVE-2026-45684

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, OBI's log enricher mishandles writev buffers by reading only the first iovec entry but using the total ioviter.count as the copy length. When log...

5.3CVSS5.7AI score0.00172EPSS
Exploits1References3
NVD
NVD
added 2026/06/02 4:16 p.m.15 views

CVE-2026-45684

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, OBI's log enricher mishandles writev buffers by reading only the first iovec entry but using the total ioviter.count as the copy length. When log...

5.3CVSS0.00172EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/06/02 3:25 p.m.9 views

CVE-2026-45684

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, OBI's log enricher mishandles writev buffers by reading only the first iovec entry but using the total ioviter.count as the copy length. When log...

4.9CVSS5.8AI score0.00172EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/02 3:25 p.m.12 views

CVE-2026-45684 OpenTelemetry eBPF Instrumentation: Log enricher writev path can overread and overwrite user buffers

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, OBI's log enricher mishandles writev buffers by reading only the first iovec entry but using the total ioviter.count as the copy length. When log...

4.9CVSS5.8AI score0.00172EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/02 3:25 p.m.12 views

EUVD-2026-33957

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, OBI's log enricher mishandles writev buffers by reading only the first iovec entry but using the total ioviter.count as the copy length. When log...

4.9CVSS5.8AI score0.00172EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/02 3:25 p.m.42 views

CVE-2026-45684 OpenTelemetry eBPF Instrumentation: Log enricher writev path can overread and overwrite user buffers

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, OBI's log enricher mishandles writev buffers by reading only the first iovec entry but using the total ioviter.count as the copy length. When log...

4.9CVSS0.00172EPSS
Exploits1References2
GithubExploit
GithubExploit
added 2026/05/27 11:40 p.m.126 views

poc-ccweb-unauth-rce

CVE — pqhaz3925/ccweb Unauthenticated RCE via Claude Code Cont...

6AI score
Exploits0
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the efi module failing to correctly calculate the alignment size when retaining unvalidated memor...

5.8AI score0.00159EPSS
Exploits0References5
Exploit DB
Exploit DB
added 2026/05/26 12:0 a.m.173 views

Linux Kernel 6.8 - Local Privilege Escalation

Exploit Title: Linux Kernel 5.4 - 6.8 - Local Privilege Escalation Google Dork: N/A Date: 2026-04-30 Exploit Author: Long Fong Chan https://github.com/iss4cf0ng Vendor Homepage: https://www.kernel.org/ Software Link: https://git.kernel.org/ Version: Linux Kernel 5.4 - 6.8 unpatched Tested on:...

7.8CVSS7.3AI score0.96267EPSS
Exploits230
OSV
OSV
added 2026/05/25 1:58 p.m.11 views

SUSE-SU-2026:2050-1 Security update for nginx

This update for nginx fixes the following issues - CVE-2026-27651: denial of service via undisclosed requests when the ngxmailauthhttpmodule is enabled bsc1260415. - CVE-2026-32647: NGINX worker memory over-read or over-write via a specially crafted MP4 file bsc1260420. - CVE-2026-40701: heap...

9.2CVSS7.6AI score0.61469EPSS
Exploits40References13
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: perf/core: Fixed an issue where the perfoutputbegin parameter is incorrectly invoked in perfeventbpfoutput. syzkaller reports a issue with a stack-out-of-bounds condition. The call trace is as follows: dumpstack+0x9c/0xd3,...

7.8CVSS6.2AI score0.00174EPSS
Exploits0References2
Rows per page
Query Builder