Lucene search
K

1167 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Platform/x86: x86-android-tablets: Devices are unregistered in reverse order. Not all subsystems support the removal of a device when there are still consumers referencing that device. One example is the regulator subsystem. If a...

5.5CVSS5.9AI score0.00288EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/19 7:54 p.m.9 views

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index in the skipGroup function. An attacker can cause a service crash by sending a crafted protobuf payload with a negative length in a length-delimited field inside a group, leading to an unchecked runtime...

8.7CVSS5.8AI score0.00055EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/19 7:54 p.m.10 views

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index in the skipGroup function. An attacker can cause a service crash by sending a crafted protobuf payload with a negative length in a length-delimited field inside a group, leading to an unchecked runtime...

8.7CVSS5.8AI score0.00055EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/05/19 7:54 p.m.4 views

ai.pipestream:account-manager (=0.0.22), ai.pipestream:account-service (>=0.0.2 <=0.0.18) +413 more potentially affected by CVE-2026-45799 via com.squareup.wire:wire-runtime-jvm (>=3.0.0-alpha03 <=5.3.3)

com.squareup.wire:wire-runtime-jvm MAVEN version =3.0.0-alpha03, =0.0.2, =0.1.1, =0.2.7, =0.2.7, =0.2.7, =0.1.1, =0.2.7, =0.7.21, =0.7.21, =0.7.21, =0.1.7, =0.1.31 and more Source cves: CVE-2026-45799 Source advisory: OSV:GHSA-7XPR-HC2W-34M9...

5.7AI score0.00055EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/19 7:54 p.m.16 views

ai.looktech.ltrpc.schema:app-server (>=1.0.2 <=2.7.0), ai.looktech.ltrpc.schema:bt-app (=1.0.1) +493 more potentially affected by CVE-2026-45799 via com.squareup.wire:wire-runtime (>=1.0.0 <=6.2.0)

com.squareup.wire:wire-runtime MAVEN version =1.0.0, =1.0.2, =1.0.2, =0.0.1, =0.0.2, =0.1.1, =0.2.7, =0.2.7, =0.2.7, =0.1.1, =0.2.7, =0.7.21, =0.7.21, =0.7.26 and more Source cves: CVE-2026-45799 Source advisory: OSV:GHSA-7XPR-HC2W-34M9...

5.7AI score0.00055EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/19 7:54 p.m.4 views

ai.looktech.ltrpc.schema:app-server (>=2.0.0 <=2.7.0), ai.looktech.ltrpc.schema:bt-server (>=2.0.0 <=2.7.0) +49 more potentially affected by CVE-2026-45799 via com.squareup.wire:wire-runtime (>=6.0.0-alpha01 <=6.2.0)

com.squareup.wire:wire-runtime MAVEN version =6.0.0-alpha01, =2.0.0, =2.0.0, =1.5.0-alpha05, =1.5.0-alpha05, =1.5.0-alpha05, =1.0.0-alpha06, =2.0.0-alpha04, =2026.03.19.180705-f87ffc7, =2026.03.19.180705-f87ffc7, =2026.03.19.180705-f87ffc7, =2026.03.19.180705-f87ffc7, =2026.03.19.180705-f87ffc7,...

5.7AI score0.00055EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/19 7:54 p.m.4 views

com.squareup.wire:com.squareup.wire.gradle.plugin (>=7.0.0-alpha01 <=7.0.0-alpha02), com.squareup.wire:wire-compiler (>=7.0.0-alpha01 <=7.0.0-alpha02) +11 more potentially affected by CVE-2026-45799 via com.squareup.wire:wire-runtime-jvm (>=7.0.0-alpha01 <=7.0.0-alpha02)

com.squareup.wire:wire-runtime-jvm MAVEN version =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha02 Source...

5.4AI score0.00055EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/19 7:54 p.m.6 views

ai.looktech.ltrpc.schema:app-server-android (>=2.0.0 <=2.7.0), ai.looktech.ltrpc.schema:app-server-jvm (>=2.0.0 <=2.7.0) +110 more potentially affected by CVE-2026-45799 via com.squareup.wire:wire-runtime-jvm (>=6.0.0-alpha01 <=6.2.0)

com.squareup.wire:wire-runtime-jvm MAVEN version =6.0.0-alpha01, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =1.5.0-alpha05, =1.5.0-alpha05, =1.5.0-alpha05, =1.5.0-alpha05, =1.5.0-alpha05, =2.0.0-alpha04, =2.0.0-alpha04, =2.0.0-alpha04, =2026.03.26.140500-911435f, =2026.03.26.140500-911435f,...

5.4AI score0.00055EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/19 7:54 p.m.5 views

com.squareup.wire:wire-grpc-client (>=7.0.0-alpha01 <=7.0.0-alpha02), com.squareup.wire:wire-schema (>=7.0.0-alpha01 <=7.0.0-alpha02) +1 more potentially affected by CVE-2026-45799 via com.squareup.wire:wire-runtime (>=7.0.0-alpha01 <=7.0.0-alpha02)

com.squareup.wire:wire-runtime MAVEN version =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha02 Source cves: CVE-2026-45799 Source advisory: SNYK:JAVA-COMSQUAREUPWIRE-16771313...

5.4AI score0.00055EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/19 7:54 p.m.5 views

com.squareup.wire:wire-grpc-client (>=7.0.0-alpha01 <=7.0.0-alpha02), com.squareup.wire:wire-schema (>=7.0.0-alpha01 <=7.0.0-alpha02) +1 more potentially affected by CVE-2026-45799 via com.squareup.wire:wire-runtime (>=7.0.0-alpha01 <=7.0.0-alpha02)

com.squareup.wire:wire-runtime MAVEN version =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha01, =7.0.0-alpha02 Source cves: CVE-2026-45799 Source advisory: OSV:GHSA-7XPR-HC2W-34M9...

5.4AI score0.00055EPSS
Exploits0
OSV
OSV
added 2026/05/19 7:54 p.m.8 views

GHSA-7XPR-HC2W-34M9 Wire: skipGroup() missing negative-length check allows 10-byte payload to crash any Wire-decoding service

CVE-2026-45799 Maintainer summary Wire's protobuf group-skipping logic did not reject negative lengths before skipping a length-delimited field inside a group. A crafted protobuf payload could cause Wire to throw an unchecked runtime exception during decoding instead of the documented IOException...

7.5CVSS5.8AI score0.00055EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/05/19 7:54 p.m.13 views

Wire: skipGroup() missing negative-length check allows 10-byte payload to crash any Wire-decoding service

CVE-2026-45799 Maintainer summary Wire's protobuf group-skipping logic did not reject negative lengths before skipping a length-delimited field inside a group. A crafted protobuf payload could cause Wire to throw an unchecked runtime exception during decoding instead of the documented IOException...

5.8AI score0.00055EPSS
Exploits0References4Affected Software2
RedHat Linux
RedHat Linux
added 2026/05/19 1:29 p.m.9 views

freerdp: FreeRDP heap-buffer-overflow

A heap based buffer overflow flaw has been discovered in FreeRDP. In affected versions RDPEAR’s NDR array reader does not perform bounds checking on the on‑wire element count and can write past the heap buffer allocated from hints, causing a heap buffer overflow in ndrreaduint8Array...

9.8CVSS5.9AI score0.00662EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.10 views

PT-2026-42032

CVE-2026-45799 Maintainer summary Wire's protobuf group-skipping logic did not reject negative lengths before skipping a length-delimited field inside a group. A crafted protobuf payload could cause Wire to throw an unchecked runtime exception during decoding instead of the documented IOException...

7.5CVSS5.8AI score0.00055EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.13 views

PT-2026-41958

Name of the Vulnerable Software and Affected Versions go-git versions prior to v5 Description The SSH transport in go-git constructs the remote exec command by wrapping the repository path in single quotes but fails to escape single quotes embedded within that path. This allows a repository path...

9.6CVSS5.9AI score0.00813EPSS
Exploits0References50
OSV
OSV
added 2026/05/18 8:20 p.m.8 views

GHSA-J8P6-96VP-F3R9 OpenTelemetry eBPF Instrumentation: MongoDB parser panics on malformed wire messages

Summary Malformed MongoDB wire messages can trigger uncaught panics in the MongoDB TCP parser, allowing a remote unauthenticated attacker to crash the telemetry agent and cause a denial of service. The parser operates on raw attacker-controlled network payloads before the input is fully validated...

7.5CVSS6AI score0.00462EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/05/18 4:22 p.m.16 views

iskorotkov/avro: Integer Overflow in Decoder

Integer Overflow in Avro Decoder Summary Several Avro decoder paths read attacker-controlled 64-bit values from the wire format and either narrowed them to platform-sized int before bounds-checking, or summed them with overflow-prone signed-int arithmetic. On 32-bit targets GOARCH=386, arm, mips,...

8.7CVSS7.2AI score0.00397EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/18 12:0 a.m.11 views

PT-2026-41799

Name of the Vulnerable Software and Affected Versions iskorotkov/avro versions prior to 2.33.0 github.com/hamba/avro/v2 versions prior to 2.32.0 Description Several Avro decoder paths read attacker-controlled 64-bit values from the wire format and either narrowed them to platform-sized int before...

8.7CVSS7.2AI score0.00397EPSS
Exploits0References4
Circl
Circl
added 2026/05/17 3:1 p.m.15 views

CVE-2025-15023

creationtimestamp| type| source ---|---|--- 2026-05-17 15:01:05+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mm2mvjiwjf2e...

8.8CVSS5.8AI score0.00216EPSS
Exploits0References1
Circl
Circl
added 2026/05/17 2:1 p.m.16 views

CVE-2026-42334

creationtimestamp| type| source ---|---|--- 2026-05-17 14:01:13+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mm2jkjeyun2z...

7.5CVSS5.8AI score0.00274EPSS
Exploits0References1
Rows per page
Query Builder