Lucene search
K

83 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-47995

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory Allocation with Excessive Size Value discovered in BitmapAccess.cpp::FreeImageAllocateBitmap in FreeImage 3.18.0 allows attackers to cause a denial of...

6.5CVSS6.6AI score0.00725EPSS
Exploits0References3
NVD
NVD
added 2025/08/14 9:15 a.m.7 views

CVE-2025-54472

Unlimited memory allocation in redis protocol parser in Apache bRPC all versions 1.14.1 on all platforms allows attackers to crash the service via network. Root Cause: In the bRPC Redis protocol parser code, memory for arrays or strings of corresponding sizes is allocated based on the integers re...

7.5CVSS0.01198EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-57258

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflows in memory allocation in Das U-Boot before 2025.01-rc1 occur for a crafted squashfs filesystem via sbrk, via request2size, or because ptrdifft ...

7.8CVSS7.7AI score0.00233EPSS
Exploits0References2
OSV
OSV
added 2025/07/25 4:15 p.m.1 views

DEBIAN-CVE-2025-38463

In the Linux kernel, the following vulnerability has been resolved: tcp: Correct signedness in skb remaining space calculation Syzkaller reported a bug 1 where sk-skforwardalloc can overflow. When we send data, if an skb exists at the tail of the write queue, the kernel will attempt to append the...

5.5CVSS5.7AI score0.00146EPSS
Exploits0References1
OSV
OSV
added 2025/07/03 9:15 a.m.1 views

DEBIAN-CVE-2025-38162

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: prevent overflow in lookup table allocation When calculating the lookup table size, ensure the following multiplication does not overflow: - desc-fieldlen maximum value is U8MAX multiplied by...

5.5CVSS5.5AI score0.00138EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/07/03 9:15 a.m.7 views

CVE-2025-38162

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: prevent overflow in lookup table allocation When calculating the lookup table size, ensure the following multiplication does not overflow: - desc-fieldlen maximum value is U8MAX multiplied by...

5.5CVSS5.1AI score0.00138EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/03/03 3:15 p.m.2 views

DEBIAN-CVE-2024-45780

A flaw was found in grub2. When reading tar files, grub2 allocates an internal buffer for the file name. However, it fails to properly verify the allocation against possible integer overflows. It's possible to cause the allocation length to overflow with a crafted tar file, leading to a heap...

6.7CVSS6.5AI score0.00262EPSS
Exploits0References1
OSV
OSV
added 2025/02/28 3:33 p.m.6 views

OESA-2025-1210 uboot-tools security update

This package includes the mkimage program, which allows generation of U-Boot images in various formats, and the fwprintenv and fwsetenv programs to read and modify U-Boot's environment. Security Fixes: An integer overflow in sqfsinodesize in Das U-Boot before 2025.01-rc1 occurs in the symlink siz...

7.8CVSS7.3AI score0.00365EPSS
Exploits0References7
OSV
OSV
added 2025/02/26 1:56 a.m.12 views

CVE-2022-49292 ALSA: oss: Fix PCM OSS buffer allocation overflow

In the Linux kernel, the following vulnerability has been resolved: ALSA: oss: Fix PCM OSS buffer allocation overflow We've got syzbot reports hitting INTMAX overflow at vmalloc allocation that is called from sndpcmplugalloc. Although we apply the restrictions to input parameters, it's based only...

7.8CVSS5.7AI score0.00267EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2025/02/20 2:33 p.m.1 views

SUSE CVE-2024-45780

A flaw was found in grub2. When reading tar files, grub2 allocates an internal buffer for the file name. However, it fails to properly verify the allocation against possible integer overflows. It's possible to cause the allocation length to overflow with a crafted tar file, leading to a heap...

6.4CVSS6.9AI score0.00262EPSS
Exploits0References12
OSV
OSV
added 2025/02/18 6:0 p.m.5 views

UBUNTU-CVE-2024-45780

A flaw was found in grub2. When reading tar files, grub2 allocates an internal buffer for the file name. However, it fails to properly verify the allocation against possible integer overflows. It's possible to cause the allocation length to overflow with a crafted tar file, leading to a heap...

6.7CVSS5.9AI score0.00262EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2024/12/13 12:30 a.m.4 views

SUSE CVE-2024-47606

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemuxparsetheoraextension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a large unintended...

7.8CVSS8.2AI score0.01344EPSS
Exploits0References20
SUSE CVE
SUSE CVE
added 2024/09/08 3:2 a.m.4 views

SUSE CVE-2023-52910

In the Linux kernel, the following vulnerability has been resolved: iommu/iova: Fix alloc iova overflows issue In allocandinsertiovarange, there is an issue that retrypfn overflows. The value of iovad-anchor.pfnhi is 0UL, then when iovad-cachednode is iovad-anchor, curriova-pfnhi + 1 will overflo...

5.5CVSS6.4AI score0.00236EPSS
Exploits0References6
Microsoft CVE
Microsoft CVE
added 2024/08/05 7:0 a.m.3 views

A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursor_alloc() function can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. This flaw allows a malicious privileged guest user to crash the QEMU process on the host or potentially execute arbitrary code within the context of the QEMU process.

...

8.2CVSS7AI score0.00834EPSS
Exploits1
Amazon
Amazon
added 2024/04/01 12:0 a.m.13 views

Important: kernel

Issue Overview: dmtablecreate in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to in alloctargets allocate more than INTMAX bytes, and crash, because of a missing check for struct dmioctl.targetcount. CVE-2023-52429 In the Linux kernel, the following vulnerability has been...

7.8CVSS7.5AI score0.02224EPSS
Exploits3
Amazon
Amazon
added 2024/04/01 12:0 a.m.13 views

Important: kernel

Issue Overview: dmtablecreate in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to in alloctargets allocate more than INTMAX bytes, and crash, because of a missing check for struct dmioctl.targetcount. CVE-2023-52429 In the Linux kernel, the following vulnerability has been...

7.8CVSS6.7AI score0.02224EPSS
Exploits2
OSV
OSV
added 2023/10/27 11:6 a.m.1 views

OESA-2023-1770 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: An issue was discovered in drivers/usb/storage/eneub6250.c for the ENE UB6250 reader driver in the Linux kernel before 6.2.5. An object could potentially extend beyond the end of an allocation.CVE-2023-45862...

5.5CVSS8.2AI score0.00282EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2023/10/20 7:0 a.m.3 views

An issue was discovered in drivers/usb/storage/ene_ub6250.c for the ENE UB6250 reader driver in the Linux kernel before 6.2.5. An object could potentially extend beyond the end of an allocation.

...

5.5CVSS7AI score0.00282EPSS
Exploits0
CNNVD
CNNVD
added 2023/10/14 12:0 a.m.2 views

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in versions of Linux kernel prior to 6.2.5, which stems from a problem with the card reader driver, where objects may go beyond the end of their...

5.5CVSS6.5AI score0.00282EPSS
Exploits0References8
NVD
NVD
added 2023/05/08 5:15 p.m.41 views

CVE-2023-30837

Vyper is a pythonic smart contract language for the EVM. The storage allocator does not guard against allocation overflows in versions prior to 0.3.8. An attacker can overwrite the owner variable. This issue was fixed in version 0.3.8...

7.5CVSS7.4AI score0.00697EPSS
Exploits1References2
Rows per page
Query Builder