CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

96 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: fixed the issue of null pointer dereferencing on the pointer csdesc. The pointer csdesc is returned from sndusbfindclocksource; this pointer may be null, resulting in a potential null pointer dereferencing issue...

5.5CVSS6.2AI score0.00009EPSS

Exploits0References2

CVE•added 2026/05/01 2:15 p.m.•3 views

CVE-2026-31776

CVE-2026-31776 affects the Linux kernel via ALSA ctxfi SPDIF1 handling. The issue occurs in daio_device_index() for SPDIF1 (hw20k2) where the index is not properly handled, leading to an out-of-bounds access. Affected code path is fixed upstream by returning the correct index, mirroring the hw20k...

7.8CVSS5.7AI score0.00017EPSS

Exploits0References2Affected Software1

Tenable Nessus•added 2026/04/21 12:0 a.m.•0 views

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007054)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007054 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 power domain descriptors, too UAC3 power domain descriptors need t...

7.8CVSS5.6AI score0.00024EPSS

Exploits0References4

CVE•added 2026/03/25 10:27 a.m.•5 views

CVE-2026-23318

CVE-2026-23318 affects the Linux kernel ALSA USB-audio UAC3 header validation. The validator table for UAC3 AC header descriptors used UAC_VERSION_2 instead of UAC_VERSION_3, so real UAC3 devices were not validated and could trigger out-of-bounds reads when the driver accesses unvalidated descrip...

7.1CVSS5.6AI score0.00022EPSS

Exploits0References8Affected Software1

ATTACKERKB•added 2026/01/23 2:58 a.m.•2 views

CVE-2026-0782

ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific fla...

7.2CVSS6.3AI score0.00383EPSS

Exploits0References2Affected Software1

Tenable Nessus•added 2026/01/15 12:0 a.m.•1 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002556)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002556 advisory. In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device with zero interfaces tha...

7.8CVSS6.8AI score0.00059EPSS

Exploits0References20

Zero Day Initiative•added 2026/01/09 12:0 a.m.•3 views

(0Day) ALGO 8180 IP Audio Alerter SCI Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific flaw exists within the SCI module. The issue results from the lack of proper validation of a...

7.5CVSS7.6AI score0.00767EPSS

Exploits0

NVD•added 2025/10/29 2:15 p.m.•3 views

CVE-2025-40085

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix NULL pointer deference in trytoregistercard In trytoregistercard, the return value of usbifnumtoif is passed directly to usbinterfaceclaimed without a NULL check, which will lead to a NULL pointer dereference...

0.00087EPSS

Exploits0References6

OSV•added 2025/10/26 8:0 a.m.•2 views

RLSA-2025:18297 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ALSA: usb-audio: Validate UAC3 cluster segment descriptors CVE-2025-39757 kernel: ALSA: hda/ca0132: Fix buffer overflow in addtuningcontrol CVE-2025-39751 kernel: crypto: seqiv - Handle...

7.1CVSS7AI score0.00022EPSS

Exploits0References4

RedhatCVE•added 2025/10/18 5:45 a.m.•1 views

CVE-2025-55098

In USBX before 6.4.3, the USB support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in uxhostclassaudiodevicetypeget when parsing a descriptor of an USB audio device...

6.1CVSS6.8AI score0.00038EPSS

Exploits1References1

OSV•added 2025/10/17 6:15 a.m.•1 views

CVE-2025-55098

6.1CVSS5.5AI score0.00038EPSS

Exploits1References1

EUVD•added 2025/10/17 5:36 a.m.•1 views

EUVD-2025-34866

1CVSS6.3AI score0.00038EPSS

Exploits1References1

Vulnrichment•added 2025/10/17 5:36 a.m.•1 views

CVE-2025-55098 Potential out-of-bounds read in _ux_host_class_audio_device_type_get()

1CVSS6.5AI score0.00038EPSS

Exploits1References1

Cvelist•added 2025/10/17 5:36 a.m.•5 views

CVE-2025-55098 Potential out-of-bounds read in _ux_host_class_audio_device_type_get()

1CVSS0.00038EPSS

Exploits1References1

CNNVD•added 2025/10/17 12:0 a.m.•1 views

Eclipse ThreadX USBX 缓冲区错误漏洞

Eclipse ThreadX USBX is an open source USB host, device and mobile embedded stack for Eclipse ThreadX. A buffer error vulnerability exists in Eclipse ThreadX USBX versions prior to 6.4.3 that stems from a possible out-of-bounds read when parsing USB audio device descriptors...

6.1CVSS6.8AI score0.00038EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2019-2385

Malware in sbrugna...

10CVSS8.3AI score0.00388EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-29845

Malware in sbrugna...

5.5CVSS5.6AI score0.00063EPSS

Exploits0References5