Lucene search
+L

3082 matches found

OSV
OSV
added 2026/06/10 5:7 a.m.13 views

MGASA-2026-0188 Updated jq packages fix security vulnerabilities

An integer overflow arises when assigning value using an index of 2147483647, the signed integer limit. This causes a denial of service. CVE-2024-23337 It was discovered that jq did not correctly handle certain string concatenations. An attacker could possibly use this issue to cause a denial of...

8.7CVSS6AI score0.00559EPSS
Exploits7References10
Mageia
Mageia
added 2026/06/10 5:7 a.m.27 views

Updated jq packages fix security vulnerabilities

An integer overflow arises when assigning value using an index of 2147483647, the signed integer limit. This causes a denial of service. CVE-2024-23337 It was discovered that jq did not correctly handle certain string concatenations. An attacker could possibly use this issue to cause a denial of...

8.7CVSS6.9AI score0.00559EPSS
Exploits7References9
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.28 views

PT-2026-48353

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0, a heap buffer overflow exists in the Security Scheme 2 SRP6a session-setup path of the protocomm component. The first-phase handler handle session command0 in...

7.1CVSS5.7AI score0.00325EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.19 views

Splunk Cloud Platform和Splunk Enterprise 访问控制错误漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. Vulnerabilities in access control...

9.8CVSS5.8AI score0.88171EPSS
Exploits6References1
OSV
OSV
added 2026/06/09 7:38 p.m.18 views

MGASA-2026-0182 Updated ruby-net-ssh packages fix security vulnerabilities

This update fixes CVE-2023-48795: Prefix Truncation Attacks in SSH Specification Terrapin Attack , for ruby-net-ssh...

5.9CVSS6.9AI score0.93305EPSS
Exploits4References7
Mageia
Mageia
added 2026/06/09 7:38 p.m.19 views

Updated ruby-net-ssh packages fix security vulnerabilities

This update fixes CVE-2023-48795: Prefix Truncation Attacks in SSH Specification Terrapin Attack , for ruby-net-ssh...

5.9CVSS6.9AI score0.93305EPSS
Exploits4References6
NVD
NVD
added 2026/06/09 7:16 p.m.12 views

CVE-2023-29146

The utility functions used by Malwarebytes EDR 1.0.11 on Linux for calculating a cryptographic hash of data bytes truncate the hashed data if it exceeds 4GB. This leads to an integer wrap-around if the data is larger than the maximum unsigned integer value 32-bit. Attackers could create a collidi...

8.2CVSS0.00123EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 12:0 a.m.36 views

CVE-2023-29146

The utility functions used by Malwarebytes EDR 1.0.11 on Linux for calculating a cryptographic hash of data bytes truncate the hashed data if it exceeds 4GB. This leads to an integer wrap-around if the data is larger than the maximum unsigned integer value 32-bit. Attackers could create a collidi...

0.00123EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 12:0 a.m.8 views

CVE-2023-29146

The utility functions used by Malwarebytes EDR 1.0.11 on Linux for calculating a cryptographic hash of data bytes truncate the hashed data if it exceeds 4GB. This leads to an integer wrap-around if the data is larger than the maximum unsigned integer value 32-bit. Attackers could create a collidi...

5.5AI score0.00123EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.19 views

Malwarebytes EDR 输入验证错误漏洞

Malwarebytes EDR is a terminal detection and response platform provided by the American company Malwarebytes. Version 1.0.11 of Malwarebytes EDR contains a vulnerability related to input validation. This vulnerability arises from truncating data exceeding 4GB during computing hash calculations,...

8.2CVSS5.4AI score0.00123EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.11 views

PT-2026-48154

The utility functions used by Malwarebytes EDR 1.0.11 on Linux for calculating a cryptographic hash of data bytes truncate the hashed data if it exceeds 4GB. This leads to an integer wrap-around if the data is larger than the maximum unsigned integer value 32-bit. Attackers could create a collidi...

5.5AI score0.00123EPSS
Exploits0References2
CVE
CVE
added 2026/06/09 12:0 a.m.21 views

CVE-2023-29146

CVE-2023-29146 affects Malwarebytes EDR 1.0.11 on Linux. The vulnerability lies in the utility functions that compute a cryptographic hash of data bytes: hashing truncates data if it exceeds 4 GB, causing an unsigned 32-bit wrap-around. This can enable attackers to craft a colliding hash value fo...

8.2CVSS5.5AI score0.00123EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

OpenSSL 缓冲区错误漏洞

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...

7.5CVSS5.7AI score0.00513EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/06/08 11:1 p.m.25 views

Netty: Unix-socket fd receive leaks descriptors when peer sends two at once

nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 — 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has cmsglen = CMSGLEN8 = 24, which fits exactly with no MSGCTRUNC, so the kernel installs both fds in the receiving process. The subsequent che...

4CVSS5.5AI score0.00136EPSS
Exploits0References5Affected Software2
GithubExploit
GithubExploit
added 2026/06/08 4:36 p.m.139 views

Exploit for Improper Validation of Integrity Check Value in Openbsd Openssh

terrapincheck.py A lightweight Python scanner for CVE-2023...

5.9CVSS6AI score0.93305EPSS
Exploits4
OSV
OSV
added 2026/06/08 1:54 p.m.10 views

SUSE-SU-2026:2300-1 Security update for mutt

This update for mutt fixes the following issues - CVE-2026-43859: strfcpy used instead of memcpy for the IMAP authcram MD5 digest bsc1263897. - CVE-2026-43860: truncation of hashpasswd by one byte for IMAP authcram MD5 digest bsc1263896. - CVE-2026-43861: missing check for \0 in urlpctdecode...

3.7CVSS5.5AI score0.00201EPSS
Exploits0References14
Amazon
Amazon
added 2026/06/08 12:0 a.m.13 views

Medium: perl-XML-LibXML

Issue Overview: XML::LibXML versions through 2.0210 for Perl read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequences. A node name ending in the middle of a multi byte UTF-8 sequence causes the parser to read past the end of the input string into adjace...

7.5CVSS5.5AI score0.00629EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.15 views

EulerOS Virtualization 2.10.1 : libpng (EulerOS-SA-2026-2025)

According to the versions of the libpng package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via the pngimage with...

8.3CVSS5.8AI score0.00955EPSS
Exploits8References6
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.11 views

EulerOS Virtualization 2.13.1 : libpcap (EulerOS-SA-2026-2134)

According to the versions of the libpcap package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : On Windows only, if libpcap needs to convert a Windows error message to UTF-8 and the message includes characters that UTF-8...

1.9CVSS5.5AI score0.00102EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:44 p.m.10 views

CVE-2026-44927

A flaw was found in uriparser. This vulnerability involves pointer difference truncation, where calculations involving memory addresses are incorrectly shortened. This could lead to minor data integrity issues within the application. Exploitation of this flaw requires local access to the system a...

5.3CVSS4.8AI score0.00211EPSS
Exploits0References4
Rows per page
Query Builder