Lucene search
K

1011 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.16 views

Linux Distros Unpatched Vulnerability : CVE-2026-55693

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an open source, command line text editor. Prior to 9.2.0653, the treecountwords function in src/spellfile.c fills in the word-count fields of a spell-fil...

8.4CVSS6.1AI score0.00126EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/25 3:22 p.m.7 views

CVE-2026-57455

Vim is an open source, command line text editor. Prior to 9.2.0698, the single-byte branch of spellsoundfoldsofo in src/spell.c translates a word through a spell file's SOFO sound-folding byte map into a caller-owned result buffer. Its copy loop advances the output index ri with no upper bound an...

7.1CVSS6.1AI score0.0012EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/06/25 3:22 p.m.6 views

EUVD-2026-39437

Vim is an open source, command line text editor. Prior to 9.2.0698, the single-byte branch of spellsoundfoldsofo in src/spell.c translates a word through a spell file's SOFO sound-folding byte map into a caller-owned result buffer. Its copy loop advances the output index ri with no upper bound an...

7.1CVSS6.1AI score0.0012EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, there was a stack buffer overflow issue in ImageMagick’s morphology kernel parsing functions. User-controlled kernel strings that exceeded the buffer size were...

7.1CVSS7.3AI score0.00108EPSS
Exploits0References3
OSV
OSV
added 2026/06/11 7:16 p.m.6 views

DEBIAN-CVE-2026-53702

A stack buffer overflow flaw was found in the GStreamer H.265 codec parser library gst-plugins-bad. When parsing a buffering period SEI message, the parser uses an incorrect loop bound derived from cpbcntminus1i the loop index instead of the sub-layer 0 CPB count cpbcntminus10 from the referenced...

6.5CVSS5.7AI score0.00228EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.14 views

gst-plugins-bad 缓冲区错误漏洞

gst-plugins-bad is a GStreamer open-source plugin. gst-plugins-bad has a buffer error vulnerability. This vulnerability stems from the H.265 codec parser library using incorrect loop boundaries when parsing SEI messages during the buffer period. As a result, the CPB values allocated for the stack...

6.5CVSS5.6AI score0.00228EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:44 p.m.13 views

CVE-2026-39461

libcasper3 communicates with helper processes via UNIX domain sockets, and uses the select2 system call to wait for data to become available. However, it does not verify that its socket descriptor fits within select2's descriptor set size limit of FDSETSIZE 1024. An attacker able to cause an...

8.8CVSS5.5AI score0.00172EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/03 7:27 p.m.13 views

CVE-2026-6477

A flaw was found in PostgreSQL libpq. A server superuser can exploit a buffer overflow vulnerability in the PQfn function, which is used by client functions such as loexport, loread, lolseek64, and lotell64. This allows the superuser to send an arbitrarily large response, overwriting the client's...

8.8CVSS6.5AI score0.00464EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

microtar 安全漏洞

microtar is a lightweight ANSI C language tar library developed by rxi’s individual developers. Versions of microtar 0.1.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the rawtoheader function using strcpy to copy fields in the ustar format that are not empty...

8.8CVSS5.4AI score0.00318EPSS
Exploits0References4
OSV
OSV
added 2026/05/28 10:16 a.m.9 views

UBUNTU-CVE-2026-46173

In the Linux kernel, the following vulnerability has been resolved: exit: prevent preemption of oopsing TASKDEAD task When an already-exiting task oopses, maketaskdead currently calls dotaskdead with preemption enabled. That is forbidden: dotaskdead calls schedule, which has a comment saying...

7.8CVSS5.7AI score0.00126EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/05/28 9:36 a.m.9 views

CVE-2026-46173

In the Linux kernel, the following vulnerability has been resolved: exit: prevent preemption of oopsing TASKDEAD task When an already-exiting task oopses, maketaskdead currently calls dotaskdead with preemption enabled. That is forbidden: dotaskdead calls schedule, which has a comment saying...

7.8CVSS5.7AI score0.00126EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2026/05/28 9:36 a.m.2 views

CVE-2026-46173 exit: prevent preemption of oopsing TASK_DEAD task

In the Linux kernel, the following vulnerability has been resolved: exit: prevent preemption of oopsing TASKDEAD task When an already-exiting task oopses, maketaskdead currently calls dotaskdead with preemption enabled. That is forbidden: dotaskdead calls schedule, which has a comment saying...

7.8CVSS6.5AI score0.00126EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.27 views

PT-2026-44296

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists where an exiting task that experiences an oops a kernel panic that does not require a full system reboot can be preempted during the execution of do task dead. This occur...

7.8CVSS6.1AI score0.00126EPSS
Exploits0
NVD
NVD
added 2026/05/21 10:16 a.m.15 views

CVE-2026-39461

libcasper3 communicates with helper processes via UNIX domain sockets, and uses the select2 system call to wait for data to become available. However, it does not verify that its socket descriptor fits within select2's descriptor set size limit of FDSETSIZE 1024. An attacker able to cause an...

8.8CVSS0.00172EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/21 9:20 a.m.13 views

EUVD-2026-31258

libcasper3 communicates with helper processes via UNIX domain sockets, and uses the select2 system call to wait for data to become available. However, it does not verify that its socket descriptor fits within select2's descriptor set size limit of FDSETSIZE 1024. An attacker able to cause an...

8.8CVSS5.8AI score0.00172EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/21 9:20 a.m.43 views

CVE-2026-39461 select(2) file descriptor set overflow causes stack overflow

libcasper3 communicates with helper processes via UNIX domain sockets, and uses the select2 system call to wait for data to become available. However, it does not verify that its socket descriptor fits within select2's descriptor set size limit of FDSETSIZE 1024. An attacker able to cause an...

0.00172EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/21 9:20 a.m.10 views

CVE-2026-39461

libcasper3 communicates with helper processes via UNIX domain sockets, and uses the select2 system call to wait for data to become available. However, it does not verify that its socket descriptor fits within select2's descriptor set size limit of FDSETSIZE 1024. An attacker able to cause an...

8.8CVSS5.8AI score0.00172EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.12 views

FreeBSD 安全漏洞

FreeBSD is a Unix-like operating system developed by the FreeBSD Foundation. There is a security vulnerability in FreeBSD, which stems from the lack of verification that the socket descriptors are within the FDSETSIZE limit, potentially leading to stack corruption. If the target application runs...

8.8CVSS5.8AI score0.00172EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/21 12:0 a.m.8 views

FreeBSD : FreeBSD -- select(2) file descriptor set overflow causes stack overflow (90fe1784-54b6-11f1-8d7a-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 90fe1784-54b6-11f1-8d7a-bc241121aa0a advisory. libcasper3 communicates with helper processes via UNIX domain sockets, and uses the select2 system call...

8.8CVSS5.4AI score0.00172EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: gadgetfs: epio – wait until IRQ finishes. After usbepqueue, if waitforcompletioninterruptible is interrupted, we need to wait until IRQ is completed. Otherwise, complete from epiocomplete can corrupt the stack...

5.5CVSS6AI score0.0016EPSS
Exploits0References2
Rows per page
Query Builder