Lucene search
K

3783 matches found

RedHat Linux
RedHat Linux
added 2026/05/26 9:26 a.m.16 views

glibc: glibc: Denial of Service via iconv() function with specific character sets

A flaw was found in glibc, the GNU C Library. A remote attacker could exploit this vulnerability by providing specially crafted inputs using the IBM1390 or IBM1399 character sets to the iconv function. This could lead to an assertion failure, causing the application to crash and resulting in a...

7.5CVSS5.8AI score0.00357EPSS
Exploits1References7
OSV
OSV
added 2026/05/25 9:16 p.m.9 views

DEBIAN-CVE-2026-48852

PuTTY 0.71 before 0.84 has an assertion failure in ECDSA signature verification...

3.7CVSS5.8AI score0.00274EPSS
Exploits0References1
NVD
NVD
added 2026/05/25 9:16 p.m.16 views

CVE-2026-48852

PuTTY 0.71 before 0.84 has an assertion failure in ECDSA signature verification...

3.7CVSS0.00274EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/05/25 9:16 p.m.14 views

CVE-2026-48852

PuTTY 0.71 before 0.84 has an assertion failure in ECDSA signature verification...

3.7CVSS5.8AI score0.00274EPSS
Exploits0References3
OSV
OSV
added 2026/05/25 9:16 p.m.15 views

UBUNTU-CVE-2026-48852

PuTTY 0.71 before 0.84 has an assertion failure in ECDSA signature verification...

3.7CVSS5.8AI score0.00274EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/25 8:19 p.m.9 views

CVE-2026-48852

PuTTY 0.71 before 0.84 has an assertion failure in ECDSA signature verification...

3.7CVSS5.8AI score0.00274EPSS
Exploits0References2
CVE
CVE
added 2026/05/25 8:19 p.m.56 views

CVE-2026-48852

PuTTY 0.71 before 0.84 is affected by an assertion failure in ECDSA signature verification (CVE-2026-48852). The public data specifies affected version range and impact but provides no remediation details in the documents. The CVSS v3.1 vector yields a LOW overall impact (availability loss) with ...

3.7CVSS5.8AI score0.00274EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2026/05/25 8:19 p.m.23 views

CVE-2026-48852

PuTTY 0.71 before 0.84 has an assertion failure in ECDSA signature verification...

3.7CVSS5.8AI score0.00274EPSS
Exploits0References2
OSV
OSV
added 2026/05/25 7:35 a.m.5 views

CLSA-2026-1779579653 thunderbird: Fix of 4 CVEs

CVE-2024-0742: assertion failure in nsPresContext::UserInputEventsAllowed Document::SetIsInitialDocument sticky-bit - CVE-2025-2830: path traversal via malformed attachment filename in multipart message directory guard in MimePart.fetchAttachment + mimedrft.cpp - CVE-2025-3909: predictable...

8.1CVSS6.7AI score0.00596EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.14 views

PT-2026-43124

Name of the Vulnerable Software and Affected Versions PuTTY versions 0.71 through 0.83 Description An assertion failure occurs during the ECDSA Elliptic Curve Digital Signature Algorithm signature verification process...

3.7CVSS5.4AI score0.00274EPSS
Exploits0References9
OSV
OSV
added 2026/05/20 1:16 p.m.8 views

ALPINE-CVE-2026-5946

Multiple flaws have been identified in named related to the handling of DNS messages whose CLASS is not Internet IN — for example, CHAOS or HESIOD, or DNS messages that specify meta-classes ANY or NONE in the question section. Specially crafted requests reaching the affected code paths — recursio...

7.5CVSS5.9AI score0.0181EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/20 1:10 p.m.11 views

CVE-2026-5946

Multiple flaws have been identified in named related to the handling of DNS messages whose CLASS is not Internet IN — for example, CHAOS or HESIOD, or DNS messages that specify meta-classes ANY or NONE in the question section. Specially crafted requests reaching the affected code paths — recursio...

7.5CVSS5.9AI score0.0181EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/20 1:10 p.m.10 views

CVE-2026-5946 Invalid handling of CLASS != IN

Multiple flaws have been identified in named related to the handling of DNS messages whose CLASS is not Internet IN — for example, CHAOS or HESIOD, or DNS messages that specify meta-classes ANY or NONE in the question section. Specially crafted requests reaching the affected code paths — recursio...

7.5CVSS5.9AI score0.0181EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2026/05/20 1:10 p.m.12 views

CVE-2026-5946

Multiple flaws have been identified in named related to the handling of DNS messages whose CLASS is not Internet IN — for example, CHAOS or HESIOD, or DNS messages that specify meta-classes ANY or NONE in the question section. Specially crafted requests reaching the affected code paths — recursio...

7.5CVSS5.9AI score0.0181EPSS
Exploits0References13
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in bind9

In BIND 9.8.5 - 9.8.8, 9.9.3 - 9.11.29, 9.12.0 - 9.16.13, and versions of BIND 9 Supported Preview Edition such as 9.9.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1, as well as the release version 9.17.0 - 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a...

6.5CVSS7.4AI score0.0594EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed the race condition between balance operations and cancel/pause requests. Syzbot reported a panic that looked like this: Assertion failed: fsinfo-exclusiveoperation == BTRFSEXCLOPBALANCEPAUSED, in fs/btrfs/ioctl.c:465...

5.9AI score0.00155EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: jbd2: The assertion “jh-bfrozendata == NULL” failed when the journal was aborted. The following process will fail the assertion “jh-bfrozendata == NULL” in jbd2journaldirtymetadata: jbd2journalcommitTransaction; unlinkdir/a; jh-b...

5.5CVSS6.1AI score0.00156EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in unbound

Unbound before version 1.9.5 allows assertion failures and denial of service in dnamepktcopy due to an invalid packet. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, an ongoing Unbound installation cannot be remotely or locally exploited...

7.5CVSS7.9AI score0.02128EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Redis

Redis before 6cbea7d allows a replica to cause an assertion failure in a primary server by sending a non-administrative command specifically, a SET command. NOTE: this issue was fixed for Redis 6.2.x and 7.x in 2021. Versions before 6.2 were not intended to have any safety guarantees related to...

5.9CVSS6.5AI score0.01309EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: fixed a race condition between the async reclaim worker and closectree Syzbot reported an assertion failure due to an attempt to add a delayed iput after setting BTRFSFSSTATENODELAYEDIPUT in the fsinfo state: WARNING:...

4.7CVSS6AI score0.00096EPSS
Exploits0References2
Rows per page
Query Builder