Lucene search
K

199 matches found

OSV
OSV
added 2026/03/10 6:34 p.m.2 views

SUSE-SU-2026:20716-1 Security update for qemu

This update for qemu fixes the following issues: - CVE-2025-14876: Fixed unbounded allocation in virtio-crypto. bsc1255400 - CVE-2026-0665: Fixed PIRQ bounds check in xenphysdevmappirq. bsc1256484...

6.5CVSS5.8AI score0.00143EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/03/07 12:0 a.m.5 views

SUSE SLED15: qemu / qemu-SLOF / qemu-accel-qtest / qemu-accel-tcg-x86 / qemu-arm / etc (SUSE-SU-2026:0832-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0832-1 advisory. Security issue: - CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto bsc1255400. Non security issues: -...

5.5CVSS6.8AI score0.00137EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.4 views

TencentOS Server 4: qemu (TSSA-2026:0110)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0110 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

5.5CVSS5.9AI score0.00137EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2026/03/05 4:38 p.m.6 views

Security update for qemu

This update for qemu fixes the following issues: Security issue: CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto bsc1255400. Non security issues: hw/virtio: Also include md stubs in case CONFIGVIRTIOPCI is not set jscPED-14271. s390x/pv: prepare for memory devices jscPED-14271...

6.8CVSS5.8AI score0.00137EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/03/04 12:0 a.m.7 views

openSUSE 15: qemu / qemu-SLOF / qemu-accel-qtest / qemu-accel-tcg-x86 / qemu-arm / etc (SUSE-SU-2026:0662-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0662-1 advisory. - CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto bsc1255400. - CVE-2026-0665: out-of-bounds heap access can lead to a denial of...

6.5CVSS6.8AI score0.00143EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2026/03/02 12:0 a.m.3 views

openSUSE Security Advisory (SUSE-SU-2026:0662-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6AI score0.00143EPSS
Exploits0References5
OSV
OSV
added 2026/02/26 4:27 p.m.7 views

GO-2026-4534 Fiber is Vulnerable to Denial of Service via Flash Cookie Unbounded Allocation in github.com/gofiber/fiber/v3

Fiber is Vulnerable to Denial of Service via Flash Cookie Unbounded Allocation in github.com/gofiber/fiber/v3...

7.5CVSS5.4AI score0.00396EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/02/25 11:43 p.m.22 views

CVE-2026-27710 NanaZip .NET Single-File Parser Integer Underflow Leads to Unbounded Allocation (DoS)

NanaZip is an open source file archive. Starting in version 5.0.1252.0 and prior to versions 6.0.1638.0 and 6.5.1638.0, a denial-of-service vulnerability exists in NanaZip’s .NET Single File Application parser. A crafted bundle can force an integer underflow in header-size calculation and trigger...

5.1CVSS0.00129EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/02/24 9:11 p.m.2 views

CVE-2026-25899

Fiber is an Express inspired web framework written in Go. In versions on the v3 branch prior to 3.1.0, the use of the fiberflash cookie can force an unbounded allocation on any server. A crafted 10-character cookie value triggers an attempt to allocate up to 85GB of memory via unvalidated msgpack...

7.5CVSS5.8AI score0.00396EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/02/18 8:47 p.m.43 views

CVE-2025-14876

CVE-2025-14876 affects the virtio-crypto device in QEMU. The AKCIPHER path has a missing length limit, causing unbounded memory allocation and potential host DoS (QEMU process termination) via a malicious guest. Affected products include qemu/kvm; advisories from SUSE openSUSE and other vendors r...

5.5CVSS5.4AI score0.00137EPSS
Exploits0References2
NVD
NVD
added 2026/02/11 1:15 p.m.5 views

CVE-2025-54155

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of...

6.9CVSS0.0041EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/11 12:18 p.m.4 views

CVE-2025-54155

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of...

6.9CVSS5.6AI score0.0041EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2026/02/10 11:30 a.m.5 views

golang: archive/tar: Unbounded allocation when parsing GNU sparse map

A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go...

4.3CVSS7.1AI score0.00419EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/02/10 12:0 a.m.5 views

AlmaLinux 10 : osbuild-composer (ALSA-2026:1837)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:1837 advisory. golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 Tenable has extracted the preceding description block directly from the...

4.3CVSS5.6AI score0.00419EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.6 views

RHEL 10 : osbuild-composer (RHSA-2026:1837)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1837 advisory. A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for...

4.3CVSS5.6AI score0.00419EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.3 views

RHEL 10 : image-builder (RHSA-2026:1838)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:1838 advisory. A local binary for building customized OS artifacts such as VM images and OSTree commits. Uses osbuild under the hood. Security Fixes: golang:...

4.3CVSS5.6AI score0.00419EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/02/04 3:15 a.m.5 views

CVE-2025-58340

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/senddelts write operation, leading to kernel...

6.2CVSS5.6AI score0.00152EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/04 3:15 a.m.5 views

CVE-2025-58342

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/uapsd write operation, leading to kernel memor...

6.2CVSS5.6AI score0.00152EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/04 3:15 a.m.5 views

CVE-2025-58343

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/createtspec write operation, leading to kernel...

5.5CVSS5.6AI score0.00136EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/04 3:15 a.m.4 views

CVE-2025-58344

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation in a /proc/driver/unifi0/connlogeventbursttous write operation, leading to kernel memory...

6.2CVSS5.4AI score0.00152EPSS
Exploits0References1
Rows per page
Query Builder