Lucene search
K

59 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Apache2

Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in apstrcmpmatch, especially when an extremely large input buffer is used. Although no code distributed with the server can be forced to make such a call, third-party modules or Lua scripts that us...

9.1CVSS7AI score0.05729EPSS
Exploits0References2
Mageia
Mageia
added 2026/06/10 5:7 a.m.12 views

Updated libssh packages fix security vulnerabilities

CVE-2025-4877 Write beyond bounds in binary to base64 conversion functions CVE-2025-4878 Use of uninitialized variable in privatekeyfromfile CVE-2025-5318 Likely read beyond bounds in sftp server handle management CVE-2025-5351 Double free in functions exporting keys CVE-2025-5372 sshkdf returns ...

8.8CVSS6.2AI score0.02394EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:51 p.m.10 views

CVE-2021-26380

A compromised Trusted OS TOS driver could issue a malformed call that could potentially allow memory access outside the intended range resulting in loss of integrity...

1.8CVSS5.5AI score0.00102EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/19 12:0 a.m.11 views

RHEL 9 : libssh (RHSA-2026:18683)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:18683 advisory. libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh:...

8.2CVSS5.8AI score0.00582EPSS
Exploits0References25
OSV
OSV
added 2026/05/19 12:0 a.m.14 views

ALSA-2026:18683 Moderate: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: Double Free Vulnerability in libssh Key Export Functions CVE-2025-5351 libssh: Use of uninitialized variable in privatekeyfromfile CVE-2025-4878 libssh: Write...

8.2CVSS7.2AI score0.00582EPSS
Exploits0References22
Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.15 views

PT-2026-38486

A read of pixels was coded as modifying coordinates to lie within the image bounds. It would calculate a coordinate by adding a constant to an input and taking the minimum of the resulting coordinate and 'dimension - 1'. This would not protect against malicious inputs that could overflow the...

6.9CVSS5.9AI score
Exploits0References3
CVE
CVE
added 2026/04/24 12:25 p.m.19 views

CVE-2026-5367

CVE-2026-5367 : A flaw in OVN (Open Virtual Network) allows a remote attacker to trigger an out-of-bounds read in ovn-controller by sending crafted DHCPv6 SOLICIT packets with an inflated Client ID length. This can disclose sensitive heap memory to the attacker’s VM port. Connected sources consis...

8.6CVSS5.2AI score0.00868EPSS
Exploits0References14
CNVD
CNVD
added 2026/04/16 12:0 a.m.7 views

Google Chrome XR Memory Misreference Vulnerability

Google Chrome is a web browser developed by Google. Google Chrome suffers from a memory misreference vulnerability. The vulnerability stems from a memory object misreference in the XR component of the Android version and can be exploited by an attacker to perform an out-of-bounds memory read via ...

8.8CVSS5.8AI score0.00269EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/02/25 7:1 p.m.3 views

kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing

A flaw was found in the Linux kernel's USB core configuration parsing. Specifically, the usbparsessendpointcompanion function incorrectly checks the descriptor type before its length, which can lead to reading data beyond the intended buffer. This out-of-bounds read vulnerability could allow a...

7.1CVSS5.8AI score0.00164EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/01/21 1:39 p.m.2 views

libpng: LIBPNG heap buffer overflow

A buffer overflow flaw has been discovered in libpng. There is a heap buffer overflow vulnerability in the libpng simplified API function pngimagefinishread when processing 16-bit interlaced PNGs with 8-bit output format. Attacker-crafted interlaced PNG files cause heap writes beyond allocated...

7.1CVSS5.9AI score0.00224EPSS
Exploits4References9
AstraLinux
AstraLinux
added 2025/11/01 10:54 a.m.4 views

Astra Linux – Vulnerability in apt

The vulnerability of the PackageFromTask function in the program for installing, updating, and deleting Apt software-related software packages is related to reading data beyond the allowed buffer size. Exploiting this vulnerability allows an attacker to cause service failures...

5.5CVSS5.9AI score
Exploits0References2
OSV
OSV
added 2025/08/14 9:26 a.m.2 views

SUSE-SU-2025:20557-1 Security update for libssh

This update for libssh fixes the following issues: - CVE-2025-5372: sshkdf returns a success code on certain failures bsc1245314 - CVE-2025-5987: Invalid return code for chacha20 poly1305 with OpenSSL backend bsc1245317 - CVE-2025-4877: Write beyond bounds in binary to base64 conversion functions...

8.8CVSS6.9AI score0.02394EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2025/08/13 12:0 a.m.2 views

SUSE SLES12 Security Update : libssh (SUSE-SU-2025:02755-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02755-1 advisory. - CVE-2025-4877: Fixed write beyond bounds in binary to base64 conversion functions bsc1245309. - CVE-2025-4878: Fixed use of uninitialized...

8.1CVSS6.6AI score0.02394EPSS
Exploits0References10
SUSE Linux
SUSE Linux
added 2025/07/04 4:2 p.m.3 views

Security update for libssh

This update for libssh fixes the following issues: CVE-2025-5318: Fixed likely read beyond bounds in sftp server handle management bsc1245311. CVE-2025-4877: Fixed write beyond bounds in binary to base64 conversion functions bsc1245309. CVE-2025-4878: Fixed use of uninitialized variable in...

7.6CVSS6.8AI score0.02394EPSS
Exploits0References16
OSV
OSV
added 2025/07/04 4:2 p.m.1 views

SUSE-SU-2025:02229-1 Security update for libssh

This update for libssh fixes the following issues: - CVE-2025-5318: Fixed likely read beyond bounds in sftp server handle management bsc1245311. - CVE-2025-4877: Fixed write beyond bounds in binary to base64 conversion functions bsc1245309. - CVE-2025-4878: Fixed use of uninitialized variable in...

8.8CVSS7.3AI score0.02394EPSS
Exploits0References9
BDU FSTEC
BDU FSTEC
added 2025/06/30 12:0 a.m.10 views

The vulnerability in the LLVM Toolchain development tools, related to reading data beyond the buffer boundary, allows a attacker to trigger a service failure.

The vulnerability of the LLVM Toolchain development tools is related to reading data beyond the allowed buffer size. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.1AI score0.00218EPSS
Exploits0References6Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/06/09 12:0 a.m.5 views

The vulnerability of the acpi_nfit_ctl() function in the drivers/acpi/nfit/core.c file of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the acpinfitctl function in the drivers/acpi/nfit/core.c file of the Linux kernel is related to reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to cause a service failure...

7.1CVSS7.1AI score0.00535EPSS
Exploits0References21Affected Software7
RedhatCVE
RedhatCVE
added 2025/05/23 2:54 a.m.5 views

CVE-2023-0201

NVIDIA DGX-2 SBIOS contains a vulnerability in Bds, where a user with high privileges can cause a write beyond the bounds of an indexable resource, which may lead to code execution, denial of service, compromised integrity, and information disclosure...

6.7CVSS7AI score0.00204EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/03/06 12:0 a.m.10 views

Vulnerability of the hypervisor in VMware ESXi, VMware Workstation, VMware Fusion, the virtualization platform VMware Cloud Foundation, the telecommunications cloud platform VMware Telco Cloud Platform, and VMware Telco Cloud Infrastructure—related to reading beyond the allowed range in memory, allowing an intruder to gain unauthorized access to protected information.

The vulnerability of VMware ESXi, VMware Workstation, VMware Fusion, the virtualization platform VMware Cloud Foundation, the telecommunications cloud platform VMware Telco Cloud Platform, and VMware Telco Cloud Infrastructure is related to reading data beyond the allowed range in memory...

7.1CVSS7.8AI score0.01676EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/02/12 12:0 a.m.5 views

The vulnerability in macOS operating systems, related to reading data beyond the allowed range of memory, allows an attacker to disclose sensitive information that is protected by security measures.

The vulnerability of macOS operating systems relates to reading data beyond the allowed range in memory. Exploiting this vulnerability can lead to the disclosure of protected information...

5.5CVSS5.4AI score0.00249EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder