Lucene search
K

244 matches found

CVE
CVE
added last week11 views

CVE-2026-21379

CVE-2026-21379 describes a memory corruption (buffer over-read) issue in Windows Compute caused by allocating memory with sizes that exceed the maximum allowed value. The CVSS 3.1 metrics indicate a high impact on confidentiality, integrity, and availability (C:H, I:H, A:H) with a local attack ve...

7.8CVSS6AI score0.0007EPSS
Exploits0References1Affected Software1
CVE
CVE
added last week15 views

CVE-2026-55646

CVE-2026-55646 (vLLM) affects vLLM versions 0.22.0–0.23.0. The routes /v1/audio/transcriptions and /v1/audio/translations call request.file.read() to fully materialize an uploaded audio file before enforcing the documented size limit (default 25 MB). This can cause the server to allocate memory p...

6.5CVSS6AI score0.00289EPSS
Exploits0References3Affected Software1
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:12 a.m.6 views

thunderbolt: Clamp XDomain response data copy to allocation size

...

7.8CVSS5.8AI score0.00145EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/26 2:12 a.m.6 views

SUSE CVE-2026-53148

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Clamp XDomain response data copy to allocation size tbxdppropertiesrequest derives the per-packet copy length from the response header without checking that it fits in the previously allocated data buffer. A maliciou...

7CVSS5.8AI score0.00145EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 9:16 a.m.5 views

CVE-2026-53148

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Clamp XDomain response data copy to allocation size tbxdppropertiesrequest derives the per-packet copy length from the response header without checking that it fits in the previously allocated data buffer. A maliciou...

7.8CVSS0.00145EPSS
Exploits0References11
OSV
OSV
added 2026/06/25 9:16 a.m.5 views

UBUNTU-CVE-2026-53148

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Clamp XDomain response data copy to allocation size tbxdppropertiesrequest derives the per-packet copy length from the response header without checking that it fits in the previously allocated data buffer. A maliciou...

7CVSS5.7AI score0.00145EPSS
Exploits0References11
Debian CVE
Debian CVE
added 2026/06/25 8:38 a.m.5 views

CVE-2026-53148

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Clamp XDomain response data copy to allocation size tbxdppropertiesrequest derives the per-packet copy length from the response header without checking that it fits in the previously allocated data buffer. A maliciou...

7.8CVSS5.7AI score0.00145EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/25 8:38 a.m.32 views

CVE-2026-53148 thunderbolt: Clamp XDomain response data copy to allocation size

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Clamp XDomain response data copy to allocation size tbxdppropertiesrequest derives the per-packet copy length from the response header without checking that it fits in the previously allocated data buffer. A maliciou...

0.00145EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/25 8:38 a.m.4 views

EUVD-2026-39239

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Clamp XDomain response data copy to allocation size tbxdppropertiesrequest derives the per-packet copy length from the response header without checking that it fits in the previously allocated data buffer. A maliciou...

5.7AI score0.00145EPSS
Exploits0References8
CVE
CVE
added 2026/06/25 8:38 a.m.26 views

CVE-2026-53148

The CVE affects the Linux kernel Thunderbolt driver (tb_xdp_properties_request) where per-packet copy length is derived from the response header without bounds checking against the allocated data buffer, causing a potential out-of-bounds memcpy and memory corruption. The issue can lead to denial ...

7.8CVSS5.7AI score0.00145EPSS
Exploits0References11Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-53047

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - efi/capsule-loader: fix incorrect sizeof in phys array reallocation The krealloc call for capinfo-phys in eficapsulesetupinfo uses sizeofphysaddrt instead of...

6.2AI score0.00195EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 4:29 p.m.4 views

EUVD-2026-38915

In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect sizeof in phys array reallocation The krealloc call for capinfo-phys in eficapsulesetupinfo uses sizeofphysaddrt instead of sizeofphysaddrt, which might be causing an undersized allocation. The...

6AI score0.00195EPSS
Exploits0References8
CVE
CVE
added 2026/06/24 4:29 p.m.8 views

CVE-2026-53047

CVE-2026-53047 affects the Linux kernel’s efi/capsule-loader. The vulnerability arises from a mis-sized allocation in __efi_capsule_setup_info(): the krealloc() for cap_info->phys uses sizeof(phys_addr_t *) instead of sizeof(phys_addr_t). This can produce an undersized allocation, inconsistent...

6AI score0.00195EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:28 p.m.5 views

CVE-2026-52959

In the Linux kernel, the following vulnerability has been resolved: virt: sev-guest: Do not use host-controlled page order in cleanup path When issuing an extended guest request SVMVMGEXITEXTGUESTREQUEST, getextreport allocates a buffer to retrieve a certificate blob from the host, keeping track ...

5.8AI score0.00093EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/06/24 8:16 a.m.9 views

CVE-2026-52934

In the Linux kernel, the following vulnerability has been resolved: batman-adv: tvlv: reject oversized TVLV packets batadvtvlvcontainerogmappend builds a TVLV packet section from the tvlv.containerlist. The total size of this section is computed by batadvtvlvcontainerlistsize, which sums the size...

8.8CVSS0.00247EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-51941

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An undersized allocation occurs in the efi capsule setup info function due to the use of sizeofphys addr t instead of sizeofphys addr t during a krealloc call for the cap info-phys...

6.2AI score0.00195EPSS
Exploits0References17
Oracle linux
Oracle linux
added 2026/06/23 12:0 a.m.5 views

freerdp security update

2:2.11.7-7.3 - Lock appWindow to fix use-after-free in RAIL mode CVE-2026-25952 Resolves: RHEL-159860 2:2.11.7-7.2 - Fix double free in xfrailwindowcommon cleanup CVE-2026-26986 - Fix growth of preallocated buffers CVE-2026-27951 - Fix heap-buffer-overflow in bitmapcacheput CVE-2026-29775 - Add D...

9.8CVSS6.4AI score0.00599EPSS
Exploits7
CVE
CVE
added 2026/06/15 4:22 p.m.33 views

CVE-2026-6045

CVE-2026-6045 : In LibreOffice, importing EMF+ graphics can trigger a heap buffer overflow in the gradient brush import. The file’s gradient blend points are read to compute an allocation size, and an overflow can occur when multiplying that count, causing a small buffer to be filled as if it wer...

6.9CVSS5.6AI score0.0012EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/08 3:41 p.m.42 views

CVE-2026-46281 vmalloc: fix buffer overflow in vrealloc_node_align()

In the Linux kernel, the following vulnerability has been resolved: vmalloc: fix buffer overflow in vreallocnodealign Commit 4c5d3365882d "mm/vmalloc: allow to set node and align in vrealloc" added the ability to force a new allocation if the current pointer is on the wrong NUMA node, or if an...

0.0014EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/20 4:52 p.m.10 views

CVE-2026-44636

A flaw was found in libsixel. A signed integer overflow in sixelencodehighcolor's allocation size calculation can lead to a heap buffer overflow. The public sixelencode entry point validates only that width and height are greater than zero, with no upper bound. width and height are multiplied as...

7.8CVSS6.2AI score0.00104EPSS
Exploits0References2
Rows per page
Query Builder