Lucene search
+L

866 matches found

astralinux
astralinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: net: gso: Fixed a panic that occurred when using a fraglist with mixed head allocation types. Since the commit 3dcbdb134f32 “net: gso: Fixed an error in skbsegment when splitting a gsosize mangled skb having linear-headed...

5.5CVSS6.1AI score0.00166EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: pagepool: Always add GFPNOWARN for ATOMIC allocations. Driver authors often forget to include GFPNOWARN when allocating pages from the datapath. This is annoying for users, as OOM Out-of-Memory conditions are common. We can expec...

6.1AI score0.00167EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: spi: Fixed a use-after-free issue with devmspialloc. We cannot rely on the contents of the devres list during spiunregistercontroller, as the list is already cleared when we call devmspireleasecontroller. This causes devices...

7.8CVSS5.9AI score0.00245EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: A memory leak was fixed in lpfccreateport. The commit 5e633302ace1 “scsi: lpfc: vmid: Added support for VMID in the mailbox command” introduced allocations for the VMID resources in lpfccreateport after the call to...

5.8AI score0.00198EPSS
Exploits0References1
mscve
mscve
added 2026/05/16 8:4 a.m.18 views

PostgreSQL server undersizes allocations, via integer wraparound

...

8.8CVSS5.8AI score0.00668EPSS
Exploits0
osv
osv
added 2026/05/14 3:16 p.m.8 views

UBUNTU-CVE-2026-44216

Wasmtime is a runtime for WebAssembly. From 30.0.0 to 36.0.8, 43.0.2, and 44.0.1, Wasmtime's allocation logic for a WebAssembly table contained checked arithmetic which panicked on overflow. This overflow is possible to trigger, and thus panic, when a table with an extremely large size is...

7.5CVSS6AI score0.00319EPSS
Exploits0References3
cvelist
cvelist
added 2026/05/14 1:0 p.m.77 views

CVE-2026-6473 PostgreSQL server undersizes allocations, via integer wraparound

Integer wraparound in multiple PostgreSQL server features allows an unprivileged database user to cause the server to undersize an allocation and write out-of-bounds. This may execute arbitrary code as the operating system user running the database. In applications that pass gigabyte-scale user...

8.8CVSS0.00668EPSS
Exploits0References1
cve
cve
added 2026/05/14 1:0 p.m.71 views

CVE-2026-6473

CVE-2026-6473 affects PostgreSQL server features where integer wraparound can cause undersized allocations and write out-of-bounds. An unprivileged database user could potentially execute arbitrary code as the OS user running the database, or trigger segmentation faults with gigabyte-scale inputs...

8.8CVSS6.2AI score0.00668EPSS
Exploits0References31Affected Software1
ptsecurity
ptsecurity
added 2026/05/12 12:0 a.m.13 views

PT-2026-40334

Name of the Vulnerable Software and Affected Versions Exim versions 4.97 through 4.99.2 Description A use-after-free issue exists in the BDAT body parsing path of Exim when compiled with GnuTLS. The flaw is triggered when a client sends a TLS close notify alert during a CHUNKING transfer before t...

10CVSS6.5AI score0.01225EPSS
Exploits2References123
susecve
susecve
added 2026/05/09 2:43 a.m.14 views

SUSE CVE-2026-39820

Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...

7.5CVSS5.8AI score0.00784EPSS
Exploits0References14
susecve
susecve
added 2026/05/09 2:41 a.m.11 views

SUSE CVE-2026-43169

In the Linux kernel, the following vulnerability has been resolved: drm/buddy: Prevent BUGON by validating rounded allocation When DRMBUDDYCONTIGUOUSALLOCATION is set, the requested size is rounded up to the next power-of-two via rounduppowoftwo. Similarly, for non-contiguous allocations with lar...

5.7AI score0.00127EPSS
Exploits0References3
euvd
euvd
added 2026/05/07 9:30 p.m.23 views

EUVD-2026-28423

Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...

5.8AI score0.00784EPSS
Exploits0References5
osv
osv
added 2026/05/07 8:16 p.m.5 views

DEBIAN-CVE-2026-39820

Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...

7.5CVSS5.8AI score0.00784EPSS
Exploits0References1
ubuntucve
ubuntucve
added 2026/05/07 8:16 p.m.18 views

CVE-2026-39820

Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...

7.5CVSS5.8AI score0.00784EPSS
Exploits0References7
osv
osv
added 2026/05/07 8:16 p.m.7 views

UBUNTU-CVE-2026-39820

Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...

7.5CVSS5.8AI score0.00784EPSS
Exploits0References8
cvelist
cvelist
added 2026/05/07 7:41 p.m.59 views

CVE-2026-39820 Quadratic string concatentation in consumeComment in net/mail

Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...

0.00784EPSS
Exploits0References4
osv
osv
added 2026/05/07 7:41 p.m.2 views

CVE-2026-39820 Quadratic string concatentation in consumeComment in net/mail

Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...

7.5CVSS5.9AI score0.00784EPSS
Exploits0References20
snyk
snyk
added 2026/05/07 4:26 a.m.10 views

Allocation of Resources Without Limits or Throttling

Overview org.webjars.npm:vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the Buffer.alloc family in lib/setup-sandbox.js. An attacker can crash t...

8.7CVSS5.8AI score0.00424EPSS
Exploits1References2
nvd
nvd
added 2026/05/06 12:16 p.m.7 views

CVE-2026-43245

In the Linux kernel, the following vulnerability has been resolved: ntfs: -dcompare must not block ... so don't use getname there. Switch it and ntfsdhash, while we are at it to kmallocPATHMAX, GFPNOWAIT. Yes, ntfsdhash almost certainly can do with smaller allocations, but let ntfs folks deal wit...

7.5CVSS0.00441EPSS
Exploits0References5
attackerkb
attackerkb
added 2026/05/06 11:28 a.m.8 views

CVE-2026-43245

In the Linux kernel, the following vulnerability has been resolved: ntfs: -dcompare must not block ... so don't use getname there. Switch it and ntfsdhash, while we are at it to kmallocPATHMAX, GFPNOWAIT. Yes, ntfsdhash almost certainly can do with smaller allocations, but let ntfs folks deal wit...

7.5CVSS5.7AI score0.00441EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder