Lucene search
K

1563 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.7 views

Azure Linux 3.0 Security Update: syslinux (CVE-2011-3045)

The version of syslinux installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2011-3045 advisory. - Integer signedness error in the pnginflate function in pngrutil.c in libpng before 1.4.10beta01, as used in...

8.8CVSS6.3AI score0.73164EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.2 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002514)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002514 advisory. Integer signedness error in the ozhcdgetdesccnf function in drivers/staging/ozwpan/ozhcd.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote...

9CVSS8.4AI score0.07123EPSS
Exploits0References10
OSV
OSV
added 2026/01/14 6:16 p.m.2 views

UBUNTU-CVE-2026-22858

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = ...

9.1CVSS5.8AI score0.00599EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/01/14 5:56 p.m.5 views

CVE-2026-22858

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = ...

9.1CVSS5.6AI score0.00599EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/01/14 5:56 p.m.24 views

CVE-2026-22858 FreeRDP has a global-buffer-overflow in crypto_base64_decode

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = ...

6.1CVSS0.00599EPSS
Exploits1References2
CVE
CVE
added 2026/01/14 5:56 p.m.46 views

CVE-2026-22858

CVE-2026-22858 affects FreeRDP prior to 3.20.1, where a global-buffer-overflow can occur in the Base64 decoding path due to implementation‑defined char signedness causing out‑of‑bounds access. The vulnerability is fixed in 3.20.1; multiple advisories (SUSE/SLES/OpenSUSE/Fedora) reference updating...

9.1CVSS6.5AI score0.00599EPSS
Exploits1References19Affected Software1
OSV
OSV
added 2026/01/14 5:56 p.m.12 views

CVE-2026-22858 FreeRDP has a global-buffer-overflow in crypto_base64_decode

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = ...

6.1CVSS5.9AI score0.00599EPSS
Exploits1References21
Debian CVE
Debian CVE
added 2026/01/14 5:56 p.m.2 views

CVE-2026-22858

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = ...

9.1CVSS5.3AI score0.00599EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.3 views

MiracleLinux 3 : libpng-1.2.10-16.0.1.AXS3 (AXSA:2012-447:02)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-447:02 advisory. The libpng package contains a library of functions for creating and manipulating PNG Portable Network Graphics image format files. PNG is a bit-mapped graphic...

8.8CVSS8.2AI score0.73164EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/01/09 10:6 a.m.5 views

CVE-2019-20561

An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 Exynos chipsets software. The bootloader has an integer signedness error. The Samsung ID is SVE-2019-15230 October 2019...

9.8CVSS7.2AI score0.00535EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:49 a.m.10 views

CVE-2022-27882

slaacd in OpenBSD 6.9 and 7.0 before 2022-03-22 has an integer signedness error and resultant heap-based buffer overflow triggerable by a crafted IPv6 router advertisement. NOTE: privilege separation and pledge can prevent exploitation...

7.5CVSS7.5AI score0.01877EPSS
Exploits1References1
EUVD
EUVD
added 2025/11/24 3:30 p.m.4 views

EUVD-2025-198714

Integer signedness error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted TLS certificate that causes i2dX509 to return -1 and be misused as a malloc size parameter...

7.5CVSS6.2AI score0.00219EPSS
Exploits0References3
NVD
NVD
added 2025/11/24 2:15 p.m.6 views

CVE-2025-65495

Integer signedness error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted TLS certificate that causes i2dX509 to return -1 and be misused as a malloc size parameter...

7.5CVSS0.00219EPSS
Exploits0References2
OSV
OSV
added 2025/11/24 2:15 p.m.3 views

DEBIAN-CVE-2025-65495

Integer signedness error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted TLS certificate that causes i2dX509 to return -1 and be misused as a malloc size parameter...

7.5CVSS5.3AI score0.00219EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/24 12:0 a.m.7 views

CVE-2025-65495

Integer signedness error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted TLS certificate that causes i2dX509 to return -1 and be misused as a malloc size parameter...

0.00219EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/11/24 12:0 a.m.5 views

CVE-2025-65495

Integer signedness error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted TLS certificate that causes i2dX509 to return -1 and be misused as a malloc size parameter...

7.5CVSS6.3AI score0.00219EPSS
Exploits0References2
CVE
CVE
added 2025/11/24 12:0 a.m.23 views

CVE-2025-65495

CVE-2025-65495 affects libcoap 4.3.5. The issue is a signedness error in tls_verify_call_back() inside src/coap_openssl.c that can allow a remote attacker to trigger a denial of service by sending a crafted TLS certificate, causing i2d_X509() to return -1 and be misused as a malloc() size. Public...

7.5CVSS6.3AI score0.00219EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2025/11/24 12:0 a.m.6 views

CVE-2025-65495

Integer signedness error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted TLS certificate that causes i2dX509 to return -1 and be misused as a malloc size parameter...

7.5CVSS5.3AI score0.00219EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.2 views

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-41022)

drm/amdgpu: vulnerability involves a signedness problem in sdmav40processtrapirq, which can lead to incorrect handling of values and potential errors. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...

5.5CVSS6.9AI score0.00238EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.9 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989431)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989431 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix signedness bug in sdmav40processtrapirq The instance variable needs to be signed...

5.5CVSS6.1AI score0.00238EPSS
Exploits0References4
Rows per page
Query Builder