Lucene search
K

60 matches found

OSV
OSV
added 2026/06/24 2:0 p.m.3 views

UBUNTU-CVE-2026-9547

When a libcurl-based application performs transfers via SCP:// or SFTP:// and utilizes the CURLOPTSSHKEYFUNCTION callback, it may silently accept an untrusted server. This vulnerability occurs when a server presents a host key type that does not match the specific key type already recorded for th...

5.9AI score
Exploits0References3
OSV
OSV
added 2026/06/24 8:0 a.m.9 views

CURL-CVE-2026-9547 SSH improper host validation

When a libcurl-based application performs transfers via SCP:// or SFTP:// and utilizes the CURLOPTSSHKEYFUNCTION callback, it may silently accept an untrusted server. This vulnerability occurs when a server presents a host key type that does not match the specific key type already recorded for th...

5.9AI score
Exploits0
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: smb: client: fixed the off-by-8 bounds check in checkwsleas The bounds check uses u8 ea + nlen + 1 + vlen as the end of the EA name and value. However, eadata is located at offset sizeofstruct smb2filefulleainfo = 8 from ea, not ...

7.1CVSS6.2AI score0.00126EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 6:35 p.m.12 views

EUVD-2026-37520

A path traversal in the SFTP provider SFTPHook.retrievedirectory / SFTPOperatoroperation=get let a malicious or compromised remote SFTP server write files outside the configured local destination directory via crafted directory-entry names. No Airflow account is required — the attack surface is a...

9.1CVSS5.4AI score0.00626EPSS
Exploits0References4
OSV
OSV
added 2026/06/17 6:35 p.m.4 views

GHSA-QF38-JQ28-3CCQ Apache Airflow SFTP provider: Path traversal in SFTPHook.retrieve_directory

A path traversal in the SFTP provider SFTPHook.retrievedirectory / SFTPOperatoroperation=get let a malicious or compromised remote SFTP server write files outside the configured local destination directory via crafted directory-entry names. No Airflow account is required — the attack surface is a...

9.1CVSS5.4AI score0.00626EPSS
Exploits0References5
RustSec
RustSec
added 2026/06/12 12:0 p.m.8 views

Panic on a `DataRow` with fewer fields than columns allows denial of service

A malicious or compromised server can send a row containing fewer fields than its row description declares columns. Reading one of the missing columns then panics with an out-of-bounds index, aborting the calling task. This affects even the otherwise non-panicking tryget, and both Row and...

5.3AI score
Exploits0Affected Software1
OSV
OSV
added 2026/06/12 12:0 p.m.11 views

RUSTSEC-2026-0178 Panic on a `DataRow` with fewer fields than columns allows denial of service

A malicious or compromised server can send a row containing fewer fields than its row description declares columns. Reading one of the missing columns then panics with an out-of-bounds index, aborting the calling task. This affects even the otherwise non-panicking tryget, and both Row and...

6.9CVSS5.4AI score
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/10 10:0 p.m.7 views

kernel: smb: client: fix OOB reads parsing symlink error response

A flaw was found in the Linux kernel's Server Message Block SMB client. A remote, untrusted server could send a specially crafted symlink error response, leading to an out-of-bounds read vulnerability. This could result in the disclosure of sensitive information from the kernel's memory to a loca...

8.1CVSS6.7AI score0.00378EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/04 3:55 p.m.7 views

kernel: smb: client: fix OOB reads parsing symlink error response

A flaw was found in the Linux kernel's Server Message Block SMB client. A remote, untrusted server could send a specially crafted symlink error response, leading to an out-of-bounds read vulnerability. This could result in the disclosure of sensitive information from the kernel's memory to a loca...

8.1CVSS5.8AI score0.00378EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/05/20 3:35 p.m.14 views

OpenTofu: Excessive resource usage in "tofu init" when installing dependencies from attacker-controlled server

Impact Unauthenticated denial of service. Summary When installing provider or module packages from attacker-controlled servers, the server may cause tofu initto enter an infinite loop sending garbage data to that server. Those who depend on modules or providers served from untrusted third-party...

7.5CVSS6.4AI score0.00781EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/05/05 8:9 p.m.3 views

GHSA-98QH-XJC8-98PQ pgjdbc: Unbounded PBKDF2 iterations in SCRAM authentication allows CPU exhaustion DoS

Summary pgjdbc is vulnerable to a client-side denial of service during SCRAM-SHA-256 authentication. Impact A malicious server can instruct the driver to perform SCRAM authentication with a very large iteration count. With a large enough value, the client spends an unbounded amount of CPU time...

7.5CVSS5.8AI score0.0077EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/04/25 1:37 a.m.4 views

SUSE CVE-2026-31614

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix off-by-8 bounds check in checkwsleas The bounds check uses u8 ea + nlen + 1 + vlen as the end of the EA name and value, but eadata sits at offset sizeofstruct smb2filefulleainfo = 8 from ea, not at offset 0. The...

7.1CVSS5.4AI score0.00126EPSS
Exploits0References15
RedhatCVE
RedhatCVE
added 2026/04/24 8:32 p.m.4 views

CVE-2026-31614

A flaw was found in the Linux kernel's Server Message Block SMB client. An untrusted server can exploit an out-of-bounds read vulnerability within the checkwsleas function. This flaw allows the server to read up to 8 bytes beyond the intended memory boundary, leading to information disclosure. Th...

7.1CVSS5.2AI score0.00126EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/24 8:16 p.m.5 views

CVE-2026-31613

A flaw was found in the Linux kernel's Server Message Block SMB client. A remote, untrusted server could send a specially crafted symlink error response, leading to an out-of-bounds read vulnerability. This could result in the disclosure of sensitive information from the kernel's memory to a loca...

8.1CVSS5.1AI score0.00378EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/24 2:42 p.m.4 views

EUVD-2026-25507

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix off-by-8 bounds check in checkwsleas The bounds check uses u8 ea + nlen + 1 + vlen as the end of the EA name and value, but eadata sits at offset sizeofstruct smb2filefulleainfo = 8 from ea, not at offset 0. The...

5.4AI score0.00126EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.6 views

PT-2026-34966

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the SMB client within the check wsl eas function. A bounds check incorrectly uses the base pointer of the extended attribute EA instead of the ea data field, which is...

9.8CVSS5.8AI score0.00444EPSS
Exploits0References337
Debian CVE
Debian CVE
added 2026/04/22 9:33 a.m.6 views

CVE-2026-33600

An RPZ sent by a malicious authoritative server can result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service...

4.9CVSS5.2AI score0.00523EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/02/26 3:33 p.m.6 views

CVE-2026-28295

A flaw was found in the FTP GVfs backend. A malicious FTP server can exploit this vulnerability by providing an arbitrary IP address and port in its passive mode PASV response. The client unconditionally trusts this information and attempts to connect to the specified endpoint, allowing the...

4.3CVSS5.7AI score0.00186EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/13 12:0 a.m.8 views

TP-LINK Tapo 安全漏洞

TP-LINK Tapo is a series of secure Wi-Fi cameras produced by TP-LINK Corporation. TP-LINK Tapo has a security vulnerability, which stems from issues with the certificate verification logic. This vulnerability may allow applications to accept identities of servers that are untrusted or not properl...

8.1CVSS5.8AI score0.00224EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/02/10 9:11 a.m.6 views

libsoup: Stack-Based Buffer Overflow in libsoup Multipart Response Parsingmultipart HTTP response

A flaw was found in libsoup. This stack-based buffer overflow vulnerability occurs during the parsing of multipart HTTP responses due to an incorrect length calculation. A remote attacker can exploit this by sending a specially crafted multipart HTTP response, which can lead to memory corruption...

8.6CVSS6.7AI score0.00947EPSS
Exploits0References5
Rows per page
Query Builder