Lucene search
+L

11 matches found

RedhatCVE
RedhatCVE
added 2026/06/29 2:41 p.m.11 views

CVE-2026-58050

A flaw in libssh2 allows a malicious SSH server to trigger a memory overflow by sending a manipulated attribute count. This can cause the connecting client to crash or allow unauthorized code execution. Mitigation To mitigate this issue,ensure your applications are running strictly on 64-bit...

8.3CVSS5.9AI score0.00333EPSS
Exploits0References6
NVD
NVD
added 2026/06/28 2:16 a.m.14 views

CVE-2026-58050

libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response and uses it in the allocation numattrs sizeoflibssh2publickeyattribute without bounds checking, so on 32-bit platforms the multiplication overflows to an undersized buffer. A malicious S...

8.3CVSS0.00333EPSS
Exploits0References3
OSV
OSV
added 2026/06/28 2:16 a.m.4 views

DEBIAN-CVE-2026-58050

libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response and uses it in the allocation numattrs sizeoflibssh2publickeyattribute without bounds checking, so on 32-bit platforms the multiplication overflows to an undersized buffer. A malicious S...

7.5CVSS6AI score0.00333EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/28 1:32 a.m.9 views

EUVD-2026-39970

libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response and uses it in the allocation numattrs sizeoflibssh2publickeyattribute without bounds checking, so on 32-bit platforms the multiplication overflows to an undersized buffer. A malicious S...

8.3CVSS6AI score0.00333EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/28 1:32 a.m.7 views

CVE-2026-58050

libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response and uses it in the allocation numattrs sizeoflibssh2publickeyattribute without bounds checking, so on 32-bit platforms the multiplication overflows to an undersized buffer. A malicious S...

8.3CVSS6AI score0.00333EPSS
Exploits0
OSV
OSV
added 2026/05/29 1:42 p.m.10 views

CLSA-2026-1780062116 Fix CVE(s): CVE-2026-41035

SECURITY UPDATE: use-after-free in receivexattr - debian/patches/CVE-2026-41035.patch: replace stale local 'count' with tempxattr.count in the qsort call inside receivexattr, so the sort uses the live size of the rebuilt xattr items list; victim must run rsync with -X / --xattrs - CVE-2026-41035...

7.8CVSS5.8AI score0.00393EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2026/05/29 1:15 a.m.13 views

SUSE CVE-2026-46197

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: validate SVM ioctl nattr against buffer size Validate nattr field against the buffer size, preventing out-of-bounds buffer access via user-controlled attribute count. cherry picked from commit...

7.8CVSS5.9AI score0.00139EPSS
Exploits0References17
RedhatCVE
RedhatCVE
added 2026/05/28 9:9 p.m.11 views

CVE-2026-46197

A flaw was found in the Linux kernel. A local attacker could exploit an out-of-bounds buffer access vulnerability in the AMDGPU kernel driver by providing a specially crafted attribute count during SVM ioctl operations. This improper validation could allow the attacker to cause a system crash,...

7.8CVSS5.9AI score0.00139EPSS
Exploits0References4
NVD
NVD
added 2026/05/28 10:16 a.m.22 views

CVE-2026-46197

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: validate SVM ioctl nattr against buffer size Validate nattr field against the buffer size, preventing out-of-bounds buffer access via user-controlled attribute count. cherry picked from commit...

7.8CVSS0.00139EPSS
Exploits0References7
NVD
NVD
added 2026/05/06 12:16 p.m.6 views

CVE-2026-43168

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix reflink preserve cleanup issue commit c06c303832ec "ocfs2: fix xattr array entry countedby error" doesn't handle all cases and the cleanup job for preserved xattr entries still has bug: - the 'last' pointer should be...

5.5CVSS0.00123EPSS
Exploits0References8
CNNVD
CNNVD
added 2023/03/23 12:0 a.m.6 views

SAMSUNG Mobile Chipset 缓冲区错误漏洞

SAMSUNG Mobile Chipset is a series of chips from the South Korean company Samsung SAMSUNG. A security vulnerability exists in Samsung Baseband Modem Chipset for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos Auto T5124, which stems from an incorrect checking of the number o...

9.8CVSS8.3AI score0.24266EPSS
Exploits0References4
Rows per page
Query Builder