Lucene search
K

4189 matches found

EUVD
EUVD
added 2026/07/01 12:34 a.m.8 views

EUVD-2026-40658

Uninitialized Use in Media in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS5.8AI score0.00271EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 12:16 a.m.5 views

CVE-2026-54500

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.3, Oj.load in :object mode reads uninitialized stack memory and, for long keys, reads out of bounds when parsing a JSON object whose key is 254 bytes or longer. The interned bytes can surfac...

5.3CVSS0.00197EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/30 11:8 p.m.5 views

CVE-2026-54500

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.3, Oj.load in :object mode reads uninitialized stack memory and, for long keys, reads out of bounds when parsing a JSON object whose key is 254 bytes or longer. The interned bytes can surfac...

5.3CVSS5.9AI score0.00197EPSS
Exploits0
CVE
CVE
added 2026/06/30 11:8 p.m.25 views

CVE-2026-54500

Oj (Optimized JSON) is a Ruby gem for JSON parsing/ marshalling. Affects versions prior to 3.17.3 where Oj.load in mode :object reads uninitialized stack memory when a JSON object has a long key (254+ bytes). In ext/oj/intern.c, form_attr() passes an uninitialized stack buffer to rb_intern3(), ca...

5.3CVSS5.9AI score0.00197EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/26 5:31 p.m.9 views

CVE-2026-53029

A flaw was found in the Linux kernel's ntfs3 filesystem driver. This vulnerability occurs due to an uninitialized local variable lcn when handling zero-length data during I/O operations. An attacker could potentially exploit this flaw to cause a denial of service or information disclosure due to...

5.8AI score0.00172EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/26 9:39 a.m.6 views

CVE-2026-53218

A flaw was found in the Linux kernel's netfilter component. This vulnerability occurs in the nftexthdr module when handling user-controlled data lengths with a specific flag, NFTEXTHDRFPRESENT, enabled. An attacker could exploit this by providing a crafted input, leading to the exposure of...

7CVSS5.8AI score0.00128EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/26 1:26 a.m.9 views

CVE-2026-53263

A flaw was found in the Linux kernel's 6lowpan component. An off-by-one error during multicast context address compression can lead to the transmission of uninitialized kernel stack memory over the network. This vulnerability results in information disclosure, potentially allowing an attacker to...

5.5CVSS5.8AI score0.00172EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 6:18 p.m.4 views

CVE-2026-52985

A flaw was found in the Linux kernel's netdevsim module. An uninitialized memory vulnerability exists in the handling of struct iphdr within a dummy skbuff due to the use of skbput instead of skbputzero. This could lead to unpredictable system behavior, including crashes Denial of Service, or...

5.5CVSS5.8AI score0.00176EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 6:17 p.m.4 views

CVE-2026-52989

A flaw was found in the nvmet-tcp component of the Linux kernel. The nvmettcpbuildpduiovec function fails to propagate errors when detecting out-of-bounds PDU lengths or offsets. This can lead to uninitialized memory being used by subsequent operations, such as reading incoming network data into ...

9.8CVSS6.1AI score0.00342EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 5:47 p.m.7 views

CVE-2026-53225

A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP implementation. An unauthenticated remote attacker can exploit this vulnerability by sending a specially crafted, truncated ASCONF Address Configuration chunk. This can cause the system to read up to 16 bytes of...

9.1CVSS5.8AI score0.00544EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 1:16 p.m.7 views

CVE-2026-40210

An out-of-bounds read might happen when SetMacAddrAction is used, potentially resulting in uninitialized memory being sent over the network or a crash...

4.8CVSS0.00336EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/25 12:23 p.m.30 views

CVE-2026-40210 Out-of-bounds read in SetMacAddrAction

An out-of-bounds read might happen when SetMacAddrAction is used, potentially resulting in uninitialized memory being sent over the network or a crash...

4.8CVSS0.00336EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 12:23 p.m.5 views

EUVD-2026-39349

An out-of-bounds read might happen when SetMacAddrAction is used, potentially resulting in uninitialized memory being sent over the network or a crash...

4.8CVSS5.9AI score0.00336EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/25 12:23 p.m.5 views

CVE-2026-40210

An out-of-bounds read might happen when SetMacAddrAction is used, potentially resulting in uninitialized memory being sent over the network or a crash...

4.8CVSS5.8AI score0.00336EPSS
Exploits0
CVE
CVE
added 2026/06/25 8:39 a.m.21 views

CVE-2026-53225

The CVE-2026-53225 entry describes a Linux kernel SCTP vulnerability in __sctp_rcv_asconf_lookup() where an unauthenticated peer can send a truncated ASCONF chunk; the code may read 16 bytes of uninitialized memory past the address parameter when the chunk’s length is misdeclared. Affected compon...

9.1CVSS5.7AI score0.00544EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.27 views

CVE-2026-53225 sctp: fix uninit-value in __sctp_rcv_asconf_lookup()

In the Linux kernel, the following vulnerability has been resolved: sctp: fix uninit-value in sctprcvasconflookup sctprcvasconflookup in net/sctp/input.c only checks that the ASCONF chunk can hold the ADDIP header and a parameter header, then calls af-fromaddrparam, which reads the full address 1...

9.1CVSS0.00544EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/25 8:39 a.m.4 views

EUVD-2026-39316

In the Linux kernel, the following vulnerability has been resolved: sctp: fix uninit-value in sctprcvasconflookup sctprcvasconflookup in net/sctp/input.c only checks that the ASCONF chunk can hold the ADDIP header and a parameter header, then calls af-fromaddrparam, which reads the full address 1...

5.7AI score0.00544EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.4 views

PT-2026-52320

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the SCTP implementation where the sctp rcv asconf lookup function in net/sctp/input.c fails to properly validate the length of an ASCONF chunk. The function verifies i...

9.1CVSS5.9AI score0.00544EPSS
Exploits0References16
RedhatCVE
RedhatCVE
added 2026/06/24 3:36 p.m.6 views

CVE-2026-52937

A flaw was found in the Linux kernel's tap driver. This vulnerability allows an attacker to potentially disclose sensitive kernel stack memory contents to userspace. The flaw occurs in the tapioctl function when handling the SIOCGIFHWADDR command, where uninitialized portions of a stack-allocated...

5.5CVSS5.7AI score0.00154EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in GIMP

GIMP PGM File Parsing: Uninitialized Memory Causes Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability, as the target must visit a malicious page or...

8.8CVSS7.6AI score0.00972EPSS
Exploits0References3
Rows per page
Query Builder