Lucene search
K

382184 matches found

OSV
OSV
added 2026/06/25 9:16 a.m.2 views

UBUNTU-CVE-2026-53194

In the Linux kernel, the following vulnerability has been resolved: USB: serial: kl5kusb105: fix bulk-out buffer overflow klsi105preparewritebuffer is called by the generic write path with the bulk-out buffer and its size bulkoutsize, 64 bytes. It stores a two-byte length header at the start of t...

7.8CVSS6AI score0.00146EPSS
Exploits0References11
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/25 9:10 a.m.3 views

Security Bulletin: Multiple Vulnerabilities in cryptography bundled with IBM Fusion, IBM Fusion HCI, IBM Fusion Data Cataloging, and IBM Fusion Content-Aware Storage

Summary IBM Fusion, IBM Fusion HCI, IBM Fusion Data Cataloging, and IBM Fusion Content-Aware Storage include the cryptography library, which is vulnerable to a critical buffer overflow and an improper certificate validation flaw. A classic buffer overflow vulnerability exists when non-contiguous...

9.8CVSS6.6AI score0.00652EPSS
Exploits0Affected Software2
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:39 a.m.5 views

CVE-2026-53267

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: bail out on template ct in get eval I noticed this issue while looking at a historic syzbot report 1. A rule like the one below is enough to trigger the bug: table ip t chain pre type filter hook prerouting...

5.7AI score0.00128EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/06/25 8:39 a.m.16 views

CVE-2026-53267

The CVE-2026-53267 entry concerns a Linux kernel netfilter nft_ct use-after-free style issue where a per-CPU template conntrack entry can be treated as a real ct, causing a 16-byte memcpy path to overflow the kernel stack when using NFT_REG32_15. The root cause is that a template ct is not reject...

7.8CVSS5.8AI score0.00128EPSS
Exploits0References5
CVE
CVE
added 2026/06/25 8:39 a.m.15 views

CVE-2026-53209

The CVE-2026-53209 issue affects the Linux kernel Bluetooth subsystem (hci_sync). When hci_adv_bcast_annoucement() tries to prepend the Broadcast Announcement service data to an already-full extended advertising payload, the combined data could exceed the temporary buffer used to rebuild advertis...

7.8CVSS6AI score0.00138EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.27 views

CVE-2026-53202 accel/ivpu: Fix signed integer truncation in IPC receive

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix signed integer truncation in IPC receive Fix potential buffer overflow where firmware-supplied datasize is cast to signed int before being used in mint. Large unsigned values = 0x80000000 become negative, causing...

7.8CVSS0.00153EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/25 8:39 a.m.4 views

EUVD-2026-39293

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix signed integer truncation in IPC receive Fix potential buffer overflow where firmware-supplied datasize is cast to signed int before being used in mint. Large unsigned values = 0x80000000 become negative, causing...

6AI score0.00153EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.4 views

CVE-2026-53203

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add buffer overflow check in MS getinfoioctl Add validation that the info size returned from the metric stream info query is not exceeded when checked against the allocated buffer size. If the firmware returns a size...

7.1CVSS5.9AI score0.00153EPSS
Exploits0
EUVD
EUVD
added 2026/06/25 8:39 a.m.3 views

EUVD-2026-39294

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add buffer overflow check in MS getinfoioctl Add validation that the info size returned from the metric stream info query is not exceeded when checked against the allocated buffer size. If the firmware returns a size...

6AI score0.00153EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:39 a.m.5 views

CVE-2026-53203

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add buffer overflow check in MS getinfoioctl Add validation that the info size returned from the metric stream info query is not exceeded when checked against the allocated buffer size. If the firmware returns a size...

6AI score0.00153EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.27 views

CVE-2026-53203 accel/ivpu: Add buffer overflow check in MS get_info_ioctl

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add buffer overflow check in MS getinfoioctl Add validation that the info size returned from the metric stream info query is not exceeded when checked against the allocated buffer size. If the firmware returns a size...

7.1CVSS0.00153EPSS
Exploits0References4
CVE
CVE
added 2026/06/25 8:39 a.m.9 views

CVE-2026-53203

CVE-2026-53203 affects the Linux kernel’s accel/ivpu component. A buffer overflow can occur when the firmware returns a metric-stream info size larger than the allocated buffer during get_info_ioctl; if this happens, the operation could copy beyond the buffer. Remediation implemented in the publi...

7.1CVSS6AI score0.00153EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2026/06/25 8:39 a.m.20 views

CVE-2026-53202

The CVE-2026-53202 issue affects the Linux kernel component accel/ivpu in IPC receive handling. It describes a signed integer truncation when data_size from firmware is cast to a signed int, leading to a potential unsigned wraparound with large values (≥ 0x80000000). This could enable oversized m...

7.8CVSS6AI score0.00153EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.3 views

CVE-2026-53196

In the Linux kernel, the following vulnerability has been resolved: USB: serial: ioti: fix heap overflow in getmanufinfo getmanufinfo reads le16tocpuromdesc-Size bytes from the device I2C EEPROM into a buffer allocated with kmallocobj, which is sizeofstruct edgetimanufdescriptor = 10 bytes. The...

6.8CVSS5.9AI score0.00282EPSS
Exploits0
EUVD
EUVD
added 2026/06/25 8:39 a.m.5 views

EUVD-2026-39287

In the Linux kernel, the following vulnerability has been resolved: USB: serial: ioti: fix heap overflow in getmanufinfo getmanufinfo reads le16tocpuromdesc-Size bytes from the device I2C EEPROM into a buffer allocated with kmallocobj, which is sizeofstruct edgetimanufdescriptor = 10 bytes. The...

6AI score0.00282EPSS
Exploits0References8
CVE
CVE
added 2026/06/25 8:39 a.m.12 views

CVE-2026-53196

In the Linux kernel USB: serial: io_ti driver, CVE-2026-53196 describes a heap overflow in get_manuf_info() caused by reading rom_desc->Size bytes from an I2C EEPROM into a 10-byte buffer (kmalloc_obj()). Size is only checked against TI_MAX_I2C_SIZE (16384), allowing a malicious device to set ...

6.8CVSS6AI score0.00282EPSS
Exploits0References11Affected Software1
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.26 views

CVE-2026-53196 USB: serial: io_ti: fix heap overflow in get_manuf_info()

In the Linux kernel, the following vulnerability has been resolved: USB: serial: ioti: fix heap overflow in getmanufinfo getmanufinfo reads le16tocpuromdesc-Size bytes from the device I2C EEPROM into a buffer allocated with kmallocobj, which is sizeofstruct edgetimanufdescriptor = 10 bytes. The...

0.00282EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.5 views

CVE-2026-53194

In the Linux kernel, the following vulnerability has been resolved: USB: serial: kl5kusb105: fix bulk-out buffer overflow klsi105preparewritebuffer is called by the generic write path with the bulk-out buffer and its size bulkoutsize, 64 bytes. It stores a two-byte length header at the start of t...

7.8CVSS6AI score0.00146EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.3 views

CVE-2026-53195

In the Linux kernel, the following vulnerability has been resolved: USB: serial: ioti: fix heap overflow in buildi2cfwhdr buildi2cfwhdr allocates a fixed-size buffer of 161024 - 512 + sizeofstruct tii2cfirmwarerec bytes, then copies le16tocpuimgheader-Length bytes into it without validating that...

7.8CVSS5.9AI score0.00203EPSS
Exploits0
CVE
CVE
added 2026/06/25 8:39 a.m.13 views

CVE-2026-53194

The CVE-2026-53194 entry covers a defect in the Linux kernel USB serial driver kl5kusb105 (klsi_105_prepare_write_buffer). The bug occurs when the generic write path uses the bulk-out buffer (size 64) and copies the payload from the write_fifo without reserving space for the 2-byte header, result...

7.8CVSS6AI score0.00146EPSS
Exploits0References11Affected Software1
Rows per page
Query Builder