Lucene search
K

3151 matches found

EUVD
EUVD
added 2026/06/05 2:14 a.m.13 views

EUVD-2026-34784

Graphite before 1.3.15 has an integer underflow and resultant out-of-bounds write via Graphite actions, because slotat does not ensure that an offset is within the allowed slot-map range...

7.3CVSS5.8AI score0.00112EPSS
Exploits0References2
CVE
CVE
added 2026/06/05 2:14 a.m.49 views

CVE-2026-50593

Graphite 1.3.15 changes and the commit.

7.3CVSS5.8AI score0.00112EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/05 2:14 a.m.9 views

CVE-2026-50593

Graphite before 1.3.15 has an integer underflow and resultant out-of-bounds write via Graphite actions, because slotat does not ensure that an offset is within the allowed slot-map range...

7.3CVSS5.4AI score0.00112EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/05 2:14 a.m.10 views

CVE-2026-50593

Graphite before 1.3.15 has an integer underflow and resultant out-of-bounds write via Graphite actions, because slotat does not ensure that an offset is within the allowed slot-map range...

7.3CVSS5.8AI score0.00112EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/05 2:14 a.m.44 views

CVE-2026-50593

Graphite before 1.3.15 has an integer underflow and resultant out-of-bounds write via Graphite actions, because slotat does not ensure that an offset is within the allowed slot-map range...

7.3CVSS0.00112EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.19 views

PT-2026-46902

Name of the Vulnerable Software and Affected Versions Graphite versions prior to 1.3.15 Description An integer underflow occurs via Graphite actions because the slotat function fails to ensure that an offset remains within the allowed slot-map range, leading to an out-of-bounds write...

7.3CVSS5.4AI score0.00112EPSS
Exploits0References32
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.11 views

Graphite-Web 数字错误漏洞

Graphite-Web is a highly scalable real-time plotting system developed by the Graphite Project. Versions of Graphite-Web prior to 1.3.15 contained a numerical error vulnerability. This vulnerability stemmed from integer underflow and out-of-bounds writes, as slotat did not ensure that the offset w...

7.3CVSS5.3AI score0.00112EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/04 1:4 p.m.9 views

kernel: netfilter: ip6t_eui64: reject invalid MAC header for all packets

A flaw was found in the Linux kernel's netfilter component. This vulnerability occurs because the eui64mt6 function, which processes IPv6 packets, does not properly validate the MAC header for all packets. Specifically, packets with a zero fragment offset could bypass an existing guard, allowing...

9.4CVSS5.8AI score0.00337EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/04 8:54 a.m.10 views

unbound: Unbound DNSSEC Validator Denial of Service via Incorrect Write Offset Counter in Chase-Reply Messages

A flaw was found in Unbound's DNSSEC validator when constructing chase-reply messages for validation. The code uses the wrong counter to calculate write offsets for ADDITIONAL section resource record sets. When a DNAME chain is combined with authority filtering, an uninitialized array slot is...

8.7CVSS5.8AI score0.00779EPSS
Exploits0References4
CVE
CVE
added 2026/06/03 3:48 p.m.100 views

CVE-2026-46244

The CVE-2026-46244 issue affects the Linux kernel netfilter nft_inner path. In nft_inner_parse_l2l3(), while handling inner IPv6 packets, ipv6_find_hdr() computes the transport header offset correctly across extension headers, but the code later overwrites this value with nhoff + sizeof(_ip6h) (4...

9.1CVSS5.8AI score0.0031EPSS
Exploits0References13Affected Software1
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel. This vulnerability stems from the netfilter nftinner module, which incorrectly calculates the transmission header...

9.1CVSS5.3AI score0.0031EPSS
Exploits0References5
NVD
NVD
added 2026/06/02 4:16 p.m.15 views

CVE-2026-10047

The Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the real-mode hook handler, implemented in napoca/kernel/handler.c. The handler uses a guest-controlled SS:SP-derived offset as an index into the 1MB RealModeMemory buffer without bounds validation. With...

8.5CVSS0.00118EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/02 2:17 p.m.10 views

EUVD-2026-33944

The Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the real-mode hook handler, implemented in napoca/kernel/handler.c. The handler uses a guest-controlled SS:SP-derived offset as an index into the 1MB RealModeMemory buffer without bounds validation. With...

8.5CVSS5.9AI score0.00118EPSS
Exploits0References1
Hacker One
Hacker One
added 2026/06/02 9:6 a.m.24 views

curl: TFTP upload ignores --continue-at / CURLOPT_RESUME_FROM and leaks skipped local file prefix

Summary TFTP uploads ignore the configured resume offset. When a caller runs curl -C N -T file tftp://... or uses libcurl with CURLOPTUPLOAD and CURLOPTRESUMEFROM, curl should skip the first N bytes of the local source before uploading. Instead, the TFTP code sends the complete local file from by...

5.8AI score
Exploits0
NVD
NVD
added 2026/06/01 10:16 p.m.12 views

CVE-2018-25432

Arm Whois 3.11 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting the structured exception handler. Attackers can craft a malicious input file with a 672-byte offset to overwrite the nSEH and SEH pointers, enabling code execution through...

8.6CVSS0.00162EPSS
Exploits0References4
CVE
CVE
added 2026/06/01 9:0 p.m.19 views

CVE-2018-25432

Arm Whois 3.11 is affected by a local buffer overflow that allows code execution via exception handler hijacking. An input file crafted with a 672-byte offset can overwrite nSEH and SEH pointers, enabling arbitrary code execution when the structured exception handler is triggered. CVSS data prese...

8.6CVSS6.7AI score0.00162EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.26 views

PT-2026-45623

Arm Whois 3.11 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting the structured exception handler. Attackers can craft a malicious input file with a 672-byte offset to overwrite the nSEH and SEH pointers, enabling code execution through...

8.6CVSS6.7AI score0.00162EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2026/05/29 8:3 a.m.9 views

smb: client: validate dacloffset before building DACL pointers

...

9.8CVSS5.4AI score0.00675EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2026-46195

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: smb: client: validate dacloffset before building DACL pointers parsesecdesc, buildsecdesc, a...

9.8CVSS6.5AI score0.00675EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/28 2:3 p.m.14 views

CVE-2026-46195

A flaw was found in the Linux kernel's Server Message Block SMB client. A malicious server can exploit this vulnerability on 32-bit systems by providing a crafted dacloffset value. This can cause a pointer wrap, leading to the dereferencing of invalid Discretionary Access Control List DACL fields...

9.8CVSS5.5AI score0.00675EPSS
Exploits0References4
Rows per page
Query Builder