Lucene search
K

192 matches found

NVD
NVD
added 4 days ago11 views

CVE-2026-7831

UltraVNC viewer through 1.8.2.2 contains an off-by-one stack buffer overflow in the RFB ServerInit message handler. In vncviewer/ClientConnection.cpp, when the server-supplied nameLength equals exactly 2024 the code declares a 2024-byte stack buffer dn2024 and calls ReadStringdn, 2024. ReadString...

7.6CVSS0.00416EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-53023

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/ntfs3: terminate the cached volume label after UTF-8 conversion ntfsfillsuper loads the on-disk volume label with utf16stoutf8s and stores the result in...

6AI score0.00172EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Buffer validation was corrected by including the size of the null-terminating character in the EA length. The smb2setea function, which handles Extended Attributes EA, conducted buffer validation checks that incorrectly...

5.8AI score0.00168EPSS
Exploits0References2
CVE
CVE
added 2026/06/23 3:37 a.m.79 views

CVE-2026-55654

CVE-2026-55654 describes a heap out-of-bounds read in OpenSSH during GSSAPI indicator cleanup when a trailing NULL termination is missing in the auth-indicators array. A remote attacker in configurations using GSSAPI authentication with Kerberos could trigger a crash/abort in the SSH authenticati...

3.7CVSS5.8AI score0.00308EPSS
Exploits1References2Affected Software3
Cvelist
Cvelist
added 2026/06/20 12:46 a.m.28 views

CVE-2026-9265 Crypt::OpenSSL::PKCS12 versions before 1.96 for Perl permits a heap OOB read in print_attribute UTF8STRING path

Crypt::OpenSSL::PKCS12 versions before 1.96 for Perl permits a heap OOB read in printattribute UTF8STRING path. printattribute copies a UTF8STRING ASN.1 attribute value into a heap buffer sized exactly to its declared length via strncpy, leaving no NUL terminator. Downstream callers run strlen on...

0.00354EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/20 12:46 a.m.9 views

EUVD-2026-38103

Crypt::OpenSSL::PKCS12 versions before 1.96 for Perl permits a heap OOB read in printattribute UTF8STRING path. printattribute copies a UTF8STRING ASN.1 attribute value into a heap buffer sized exactly to its declared length via strncpy, leaving no NUL terminator. Downstream callers run strlen on...

6.1AI score0.00354EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in netcdf

A issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmldecode, when parsing a crafted XML file, performs incorrect memory handling. This results in an overflow of the heap-based buffer when strchr is called, starting with a pointer after a '\0' character where the processing of th...

6.5CVSS6.6AI score0.01169EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iio: fixed the potential out-of-bound write issue. The buffer is set to 20 characters. If a caller writes more characters, the count is truncated to the maximum available space in simplewritetobuffer. To prevent access by OoB...

7.8CVSS5.5AI score0.00133EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Tracing: Consider the NULL character when validating the event length. strlen returns the length of a string excluding the null byte. If the string length equals the maximum buffer length, there will be no space left in the buffe...

7.8CVSS6.3AI score0.00249EPSS
Exploits0References2
OSV
OSV
added 2026/06/11 7:16 p.m.4 views

UBUNTU-CVE-2026-52859

Vim is an open source, command line text editor. Prior to version 9.2.0565, the updatesnapshot function in src/terminal.c copies the visible terminal screen into the scrollback buffer when a snapshot is taken. For each screen cell it walks the cell's chars array with no upper bound, stopping only...

8.2CVSS5.5AI score0.00303EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed to avoid out-of-boundary access in devs.path - touch /mnt/f2fs/012345678901234567890123456789012345678901234567890123 - truncate -s $102410241024 \ /mnt/f2fs/012345678901234567890123456789012345678901234567890123 -...

7.1CVSS6.3AI score0.00164EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: txgbe: Space is now reserved for null terminators in propertyEntry. The lists of struct propertyEntry are supposed to be terminated with an empty property. Currently, this driver seems to allocating exactly the amount of spa...

5.5CVSS5.6AI score0.00122EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in NTP

In the mstolfp.c file within NTP 4.2.8p15, there is a buffer overflow vulnerability when a \0' character is added. An adversary may be able to attack a client ntpq process, but they cannot attack the ntpd process...

5.6CVSS7.1AI score0.00645EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/07 2:18 a.m.15 views

SUSE CVE-2026-43082

In the Linux kernel, the following vulnerability has been resolved: net: txgbe: leave space for null terminators on propertyentry Lists of struct propertyentry are supposed to be terminated with an empty property, this driver currently seems to be allocating exactly the amount of entry used. Chan...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References7
NVD
NVD
added 2026/05/06 10:16 a.m.8 views

CVE-2026-43082

In the Linux kernel, the following vulnerability has been resolved: net: txgbe: leave space for null terminators on propertyentry Lists of struct propertyentry are supposed to be terminated with an empty property, this driver currently seems to be allocating exactly the amount of entry used. Chan...

5.5CVSS0.00122EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/06 7:40 a.m.7 views

CVE-2026-43082

In the Linux kernel, the following vulnerability has been resolved: net: txgbe: leave space for null terminators on propertyentry Lists of struct propertyentry are supposed to be terminated with an empty property, this driver currently seems to be allocating exactly the amount of entry used. Chan...

5.7AI score0.00122EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2026/05/06 7:40 a.m.6 views

CVE-2026-43082

In the Linux kernel, the following vulnerability has been resolved: net: txgbe: leave space for null terminators on propertyentry Lists of struct propertyentry are supposed to be terminated with an empty property, this driver currently seems to be allocating exactly the amount of entry used. Chan...

5.5CVSS5.7AI score0.00122EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.11 views

PT-2026-37392

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The txgbe driver in the Linux kernel fails to allocate sufficient space for null terminators in lists of struct property entry. These lists are required to be terminated with an empty...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References15
NVD
NVD
added 2026/05/01 3:16 p.m.7 views

CVE-2026-31778

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: fix stack out-of-bounds read in initcard The loop creates a whitespace-stripped copy of the card shortname where len id is used for the bounds check. Since sizeofcard-id is 16 and the local id buffer is also 16 bytes...

7.1CVSS0.00126EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/01 2:15 p.m.5 views

EUVD-2026-26627

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: ensure names are nul-terminated Reject names that lack a \0 character before feeding them to functions that expect c-strings. Fixes tag is the most recent commit that needs this change...

5.8AI score0.00126EPSS
Exploits0References8
Rows per page
Query Builder