Lucene search
K

594 matches found

RedhatCVE
RedhatCVE
added 2026/07/05 3:15 p.m.6 views

CVE-2026-53362

A flaw was found in the Linux kernel's ipv6 networking subsystem. An incorrect parameter length calculation allows an attacker with permissions to create UDP sockets to trigger overwrites of kernel memory, potentially leading to privilege escalation, data corruption, or a system crash. Mitigation...

7.8CVSS5.9AI score0.00176EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/07/05 12:0 a.m.11 views

PT-2026-55811

Name of the Vulnerable Software and Affected Versions radareorg radare2 versions prior to 6.1.7 Description An integer overflow occurs in the r str ndup and r str append functions within the libr/util/str.c file. This issue requires local access to be exploited. Recommendations Apply the patch...

5.5CVSS5.9AI score0.00131EPSS
Exploits1References10
ATTACKERKB
ATTACKERKB
added 2026/07/01 1:32 p.m.7 views

CVE-2026-53329

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Use kreallocarray in dalvectorreserve Why & How dalvectorreserve computes the allocation size as "capacity vector-structsize" using uint32t arithmetic, which can silently wrap to a small value on overflow. This...

6AI score0.00195EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2026/07/01 12:16 a.m.4 views

UBUNTU-CVE-2026-54903

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, Oj.load is vulnerable to heap corruption when parsing a JSON string longer than 2 GB. An integer overflow in bufappendstring buf.h:61 converts the string length to a large negative sizet,...

6.3CVSS5.8AI score0.00253EPSS
Exploits0References3
NVD
NVD
added 2026/06/29 6:16 p.m.16 views

CVE-2026-13592

A vulnerability was detected in liftoff-sr CIPster up to e8e9dba09bf56962807d3504b783ccdb6287f3e4. Affected by this issue is the function BufWriter::append of the component EtherNet IP Message Handler. Performing a manipulation results in out-of-bounds write. Remote exploitation of the attack is...

7.5CVSS0.00371EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/06/29 5:15 p.m.36 views

CVE-2026-13592 liftoff-sr CIPster EtherNet IP Message append out-of-bounds write

A vulnerability was detected in liftoff-sr CIPster up to e8e9dba09bf56962807d3504b783ccdb6287f3e4. Affected by this issue is the function BufWriter::append of the component EtherNet IP Message Handler. Performing a manipulation results in out-of-bounds write. Remote exploitation of the attack is...

7.5CVSS0.00371EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2026/06/29 5:15 p.m.7 views

CVE-2026-13592

A vulnerability was detected in liftoff-sr CIPster up to e8e9dba09bf56962807d3504b783ccdb6287f3e4. Affected by this issue is the function BufWriter::append of the component EtherNet IP Message Handler. Performing a manipulation results in out-of-bounds write. Remote exploitation of the attack is...

7.5CVSS6.7AI score0.00371EPSS
Exploits0References9
CVE
CVE
added 2026/06/29 5:15 p.m.13 views

CVE-2026-13592

The CVE-2026-13592 issue affects liftoff-sr CIPster (up to commit e8e9dba09bf56962807d3504b783ccdb6287f3e4). The vulnerability is in BufWriter::append within the EtherNet IP Message Handler, where manipulation can cause an out-of-bounds write. It allows remote exploitation, and public exploits ar...

7.5CVSS6.7AI score0.00371EPSS
Exploits0References9
EUVD
EUVD
added 2026/06/29 5:15 p.m.6 views

EUVD-2026-40156

A vulnerability was detected in liftoff-sr CIPster up to e8e9dba09bf56962807d3504b783ccdb6287f3e4. Affected by this issue is the function BufWriter::append of the component EtherNet IP Message Handler. Performing a manipulation results in out-of-bounds write. Remote exploitation of the attack is...

7.5CVSS6.7AI score0.00371EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/06/29 1:7 p.m.6 views

CVE-2026-53022

In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: bound enumeration string aggregation populateenumdata aggregates firmware-provided value-modifier and possible-value strings into fixed 512-byte struct members. The current code bounds each individu...

7CVSS5.8AI score0.00172EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 11:43 p.m.6 views

CVE-2026-54679

A flaw was found in jq, a command-line JSON processor. On 32-bit systems, a local attacker could exploit an integer overflow vulnerability in the jvpstringappend function. This could lead to a massive buffer overrun, resulting in a denial of service DoS condition. Mitigation Mitigation for this...

6.9CVSS5.8AI score0.00103EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/25 5:16 p.m.7 views

EUVD-2026-39499

jq is a command-line JSON processor. Prior to 1.8.2, on 32bit system, jvpstringappend has a chance of integer/multiple overflowing and then causing a massive buffer overrun. This vulnerability is fixed in 1.8.2...

6.9CVSS6AI score0.00103EPSS
Exploits0References1
CVE
CVE
added 2026/06/25 5:16 p.m.34 views

CVE-2026-54679

CVE-2026-54679 affects the jq tool prior to version 1.8.2 on 32-bit systems. The vulnerability is in jvp_string_append where an integer overflow could trigger a massive buffer overrun, with a local attack vector and potential high impact on availability as described in the CVE. The issue is fixed...

6.9CVSS6AI score0.00103EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/06/25 5:16 p.m.2 views

CVE-2026-54679 jq: potential integer overflow in jvp_string_append

jq is a command-line JSON processor. Prior to 1.8.2, on 32bit system, jvpstringappend has a chance of integer/multiple overflowing and then causing a massive buffer overrun. This vulnerability is fixed in 1.8.2...

6.9CVSS6.1AI score0.00103EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/06/25 5:16 p.m.8 views

CVE-2026-54679

jq is a command-line JSON processor. Prior to 1.8.2, on 32bit system, jvpstringappend has a chance of integer/multiple overflowing and then causing a massive buffer overrun. This vulnerability is fixed in 1.8.2...

6.9CVSS6AI score0.00103EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.11 views

PT-2026-52519

Name of the Vulnerable Software and Affected Versions jq versions prior to 1.8.2 Description On 32-bit systems, the jvp string append function is susceptible to integer or multiplication overflow, which can lead to a significant buffer overrun. A buffer overrun occurs when a program writes more...

6.9CVSS5.9AI score0.00103EPSS
Exploits0References7
OSV
OSV
added 2026/06/24 4:29 p.m.2 views

CVE-2026-53022 platform/x86: dell-wmi-sysman: bound enumeration string aggregation

In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: bound enumeration string aggregation populateenumdata aggregates firmware-provided value-modifier and possible-value strings into fixed 512-byte struct members. The current code bounds each individu...

5.8AI score0.00172EPSS
Exploits0References10
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in Python 3.11

When constructing nested elements using XMLDom.minidom methods like appendChild, which rely on clearidcache, the algorithm has a quadratic complexity. This can affect the availability of documents when they are constructed with excessively nested structures...

6.3CVSS6.7AI score0.00708EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.6 views

PT-2026-51887

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A double-free flaw exists in the Transparent Inter-Process Communication TIPC module. The issue occurs within the tipc buf append function when it incorrectly handles memory after a sock...

9.8CVSS6.2AI score0.00351EPSS
Exploits0References89
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-51916

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the populate enum data function within the dell-wmi-sysman module. The function aggregates firmware-provided value-modifier and possible-value strings into fixed...

6.2AI score0.00172EPSS
Exploits0References16
Rows per page
Query Builder