Lucene search
K

212 matches found

NVD
NVD
added 6 days ago5 views

CVE-2026-53203

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add buffer overflow check in MS getinfoioctl Add validation that the info size returned from the metric stream info query is not exceeded when checked against the allocated buffer size. If the firmware returns a size...

7.1CVSS0.00146EPSS
Exploits0References7
Cvelist
Cvelist
added 6 days ago25 views

CVE-2026-53203 accel/ivpu: Add buffer overflow check in MS get_info_ioctl

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add buffer overflow check in MS getinfoioctl Add validation that the info size returned from the metric stream info query is not exceeded when checked against the allocated buffer size. If the firmware returns a size...

7.1CVSS0.00146EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/23 9:0 p.m.28 views

CVE-2026-50193 jackson-databind: Deeply nested JsonNode throws StackOverflowError for toString()

jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.13.0 until 2.14.0, a potential Denial-of-Service exists when attacker sends deeply nested JSON if and only if the service reads deeply nested 1000s of levels JSON as JsonNode...

6.3CVSS0.00616EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.11 views

Astra Linux – Vulnerability in libjettison-java

An infinite recursion occurs in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This results in a StackOverflowError exception being thrown...

7.5CVSS6.7AI score0.01009EPSS
Exploits1References2
NVD
NVD
added 2026/06/16 8:16 p.m.11 views

CVE-2026-0131

In RtpPacket::decodePacket, there is a possible out of bounds access due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

7.3CVSS0.00072EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 6:51 p.m.18 views

CVE-2026-0140

CVE-2026-0140 describes a potential out-of-bounds read in RtpPacket::decodePacket caused by an integer overflow that could lead to remote information disclosure. Exploitation requires user interaction; no remote code execution is stated. Connected sources (NVD, ENISA EUVD, OSV, PT-OSSecurity, And...

4.3CVSS5.7AI score0.00178EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of flow-allowed pointer operations in the ASoC SOF, potentially leading to a zero overflow err...

5.9AI score0.00122EPSS
Exploits0References5
NVD
NVD
added 2026/05/14 12:16 p.m.44 views

CVE-2026-45205

Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...

5.3CVSS0.00487EPSS
Exploits0References3
OSV
OSV
added 2026/05/14 12:16 p.m.5 views

UBUNTU-CVE-2026-45205

Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...

5.3CVSS5.8AI score0.00487EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/05/14 11:22 a.m.8 views

CVE-2026-45205 Apache Commons Configuration: StackOverflowError for YAML input with cycles

Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...

5.8AI score0.00487EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.14 views

PT-2026-40906

Name of the Vulnerable Software and Affected Versions Apache Commons versions 2.2 through 2.14.x Description An uncontrolled recursion issue exists when processing untrusted configuration files. Specifically, the software throws a StackOverflowError—a runtime error that occurs when the call stack...

5.3CVSS5.8AI score0.00487EPSS
Exploits0References25
RedHat Linux
RedHat Linux
added 2026/05/12 11:31 p.m.12 views

freerdp: FreeRDP has a heap-buffer-overflow in bitmap_cache_put via OOB cacheId

A heap based buffer overflow flaw has been discovered in FreeRDP. This client-side heap out-of-bounds read/write occurs in FreeRDP's bitmap cache subsystem due to an off-by-one boundary check in bitmapcacheput. A malicious server can send a CACHEBITMAPORDER Rev1 with cacheId equal to maxCells,...

8.2CVSS6.3AI score0.00309EPSS
Exploits1References6
CVE
CVE
added 2026/04/24 2:45 p.m.22 views

CVE-2026-31648

Summary of CVE-2026-31648 (Linux kernel) • Affects the kernel vulnerability in filemap handling: nr_pages overflow in filemap_map_pages() can cause set_pte_range() to map beyond the size of a large folio, potentially corrupting page metadata. • Root cause (as documented): race condition between f...

7.8CVSS5.5AI score0.0012EPSS
Exploits0References5Affected Software1
Amazon
Amazon
added 2026/03/27 12:0 a.m.8 views

Medium: freetype

Issue Overview: An integer overflow in the ttvarloaditemvariationstore function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2. CVE-2026-23865...

5.3CVSS5.9AI score0.00141EPSS
Exploits0
CVE
CVE
added 2026/03/26 4:30 p.m.16 views

CVE-2026-27815

CVE-2026-27815 affects EVerest EV charging stack. Prior to 2026.02.0, the function ISO15118_chargerImpl::handle_session_setup copies a variable-length payment_options list into a fixed-size array of length 2 without bounds checking. With default schema validation disabled, oversized MQTT Cmd payl...

9.1CVSS5.8AI score0.00272EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/03/25 12:30 p.m.6 views

EUVD-2026-15336

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stack-out-of-bounds write in devmap getupperifindexes iterates over all upper devices and writes their indices into an array without checking bounds. Also the callers assume that the max number of upper devices is...

5.7AI score0.00129EPSS
Exploits0References7
NVD
NVD
added 2026/03/25 11:16 a.m.4 views

CVE-2026-23359

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stack-out-of-bounds write in devmap getupperifindexes iterates over all upper devices and writes their indices into an array without checking bounds. Also the callers assume that the max number of upper devices is...

7.8CVSS0.00129EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2026/03/25 11:16 a.m.10 views

CVE-2026-23359

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stack-out-of-bounds write in devmap getupperifindexes iterates over all upper devices and writes their indices into an array without checking bounds. Also the callers assume that the max number of upper devices is...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References8
OSV
OSV
added 2026/03/25 11:16 a.m.3 views

UBUNTU-CVE-2026-23359

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stack-out-of-bounds write in devmap getupperifindexes iterates over all upper devices and writes their indices into an array without checking bounds. Also the callers assume that the max number of upper devices is...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2026/03/25 10:27 a.m.2 views

CVE-2026-23359

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stack-out-of-bounds write in devmap getupperifindexes iterates over all upper devices and writes their indices into an array without checking bounds. Also the callers assume that the max number of upper devices is...

5.7AI score0.00129EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder