Lucene search
+L

676 matches found

redhatcve
redhatcve
added 2026/07/08 8:19 p.m.5 views

CVE-2026-55999

A flaw was found in the glamorfontget function of the xorg-x11-server. This vulnerability, a heap buffer overflow, occurs when the server processes a specially crafted PCF font file where individual glyph metrics exceed the declared maximum bounds. An authenticated X client can exploit this by...

8.5CVSS6.7AI score0.00212EPSS
Exploits0References3
cvelist
cvelist
added 2026/07/06 4:26 p.m.39 views

CVE-2026-40257 OP-TEE has SHA-3 accelerated finalize heap overflow

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.21.0 and prior to version 4.11.0, the ARM Crypto Extensions accelerated SHA-3 implementation has an off-by-one erro...

5.5CVSS0.00109EPSS
Exploits0References1
cve
cve
added 2026/07/06 4:26 p.m.16 views

CVE-2026-40257

CVE-2026-40257 affects OP-TEE (Trusted Execution Environment) for Cortex-A with TrustZone. From versions 3.21.0 up to, but not including, 4.11.0, the ARM Crypto Extensions accelerated SHA-3 implementation has an off-by-one error that can cause a massive heap overflow, corrupting all TEE kernel me...

5.5CVSS6AI score0.00109EPSS
Exploits0References1Affected Software1
mssecure
mssecure
added 2026/06/30 7:0 p.m.10 views

Accelerating the quantum-safe timeline

The quantum-safe timeline has changed For years, planning for post-quantum cryptography PQC was framed as a future problem: important, inevitable, but distant. That perspective is evolving as technology advances and organizations prepare for the scale and complexity of the transition ahead. At...

6AI score
Exploits0
attackerkb
attackerkb
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53203

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add buffer overflow check in MS getinfoioctl Add validation that the info size returned from the metric stream info query is not exceeded when checked against the allocated buffer size. If the firmware returns a size...

6AI score0.00153EPSS
Exploits0References5Affected Software1
debiancve
debiancve
added 2026/06/25 8:38 a.m.6 views

CVE-2026-53171

In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: fix arithmetic issues in dmalength dmalength derives DMA region usage from command stream values and updates regionsize: len = len + stride0 size0 + stride1 size1 regionsizeregion = max..., len + dma-offset Several...

8.8CVSS5.9AI score0.00137EPSS
Exploits0
euvd
euvd
added 2026/06/25 8:38 a.m.6 views

EUVD-2026-39262

In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: fix arithmetic issues in dmalength dmalength derives DMA region usage from command stream values and updates regionsize: len = len + stride0 size0 + stride1 size1 regionsizeregion = max..., len + dma-offset Several...

6AI score0.00137EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: iio: accel: adxl380: Avoid reading more entries than are present in the FIFO. The interrupt handler reads FIFO entries in batches of N samples, where N is the number of scan elements that have been enabled. However, the sensor...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References2
ossf
ossf
added 2026/06/17 4:26 a.m.10 views

Malicious code in gpu-accelerator (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab0d6b253674f5eef505fbffb76003d2071569fd9d8abdf8993197738bb27759 The package advertises itself as a PostCSS plugin for CSS hardware-acceleration hints, but its only legitimate behavior is a 3-line walkDecls that ad...

6.2AI score
Exploits0References7
nessus
nessus
added 2026/06/06 12:0 a.m.10 views

EulerOS Virtualization 2.10.0 : openssl (EulerOS-SA-2026-2058)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short...

7.5CVSS5.9AI score0.00844EPSS
Exploits1References8
nessus
nessus
added 2026/06/06 12:0 a.m.9 views

EulerOS Virtualization 2.13.1 : openssl (EulerOS-SA-2026-2142)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short...

7.5CVSS6.8AI score0.00844EPSS
Exploits1References8
redhatcve
redhatcve
added 2026/06/05 7:17 p.m.12 views

CVE-2026-33662

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. From 3.8.0 to 4.10, in the function emsapkcs1v15encode in core/drivers/crypto/cryptoapi/acipher/rsassa.c, the amount of padding needed, "...

7.5CVSS5.7AI score0.00403EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:15 p.m.11 views

CVE-2026-42781

When embedded Packet Velocity Acceleration ePVA acceleration is configured, undisclosed local ethernet traffic can cause an increase in ePVA and Traffic Management Microkernel TMM resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

7.1CVSS5.5AI score0.00177EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:13 p.m.12 views

CVE-2026-40618

When an SSL profile is configured on a virtual server on BIG-IP Virtual Edition VE without Intel QuickAssist Technology QAT or on BIG-IP hardware platforms with the database variable crypto.hwacceleration set to disabled, undisclosed traffic can cause the Traffic Management Microkernel TMM to...

8.7CVSS5.5AI score0.00324EPSS
Exploits0References1
susecve
susecve
added 2026/05/28 4:1 a.m.15 views

SUSE CVE-2025-71308

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix potential NULL pointer dereference in context cleanup aiedestroycontext is invoked during error handling in aie2createcontext. However, aiedestroycontext assumes that the context's mailbox channel pointer is...

5.5CVSS5.8AI score0.00137EPSS
Exploits0References3
susecve
susecve
added 2026/05/28 3:55 a.m.13 views

SUSE CVE-2026-45931

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Hold mm structure across iommusvaunbinddevice Some tests trigger a crash in iommusvaunbinddevice due to accessing iommumm after the associated mm structure has been freed. Fix this by taking an explicit reference t...

5.8AI score0.00173EPSS
Exploits0References3
wizblog
wizblog
added 2026/05/27 4:3 p.m.12 views

Evidence at the Moment of Attack. Answers at AI Speed.

Wiz Sensor Forensics is now generally available - automatically capturing forensic artifacts at the moment of detection and using AI to accelerate investigation for SOC and IR teams...

5.8AI score
Exploits0
euvd
euvd
added 2026/05/27 3:33 p.m.16 views

EUVD-2026-32215

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Hold mm structure across iommusvaunbinddevice Some tests trigger a crash in iommusvaunbinddevice due to accessing iommumm after the associated mm structure has been freed. Fix this by taking an explicit reference t...

5.8AI score0.00173EPSS
Exploits0References4
nvd
nvd
added 2026/05/27 2:17 p.m.16 views

CVE-2026-45931

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Hold mm structure across iommusvaunbinddevice Some tests trigger a crash in iommusvaunbinddevice due to accessing iommumm after the associated mm structure has been freed. Fix this by taking an explicit reference t...

7.8CVSS0.00173EPSS
Exploits0References3
ubuntucve
ubuntucve
added 2026/05/27 12:0 a.m.13 views

CVE-2026-46060

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - fix IRQ cleanup on 6xxx probe failure When adfdevup partially completes and then fails, the IRQ handlers registered during adfisrresourcealloc are not detached before the MSI-X vectors are released. Since the device...

5.5CVSS6.1AI score0.00121EPSS
Exploits0References6
Rows per page
Query Builder