Lucene search
K

113 matches found

CVE
CVE
added 6 days ago8 views

CVE-2026-53138

The CVE affects the Linux kernel’s drm/amd/display path. A malformed VBIOS image could cause unbounded iteration during probe due to for(;;) record-chain walks in bios_parser.c/bios_parser2.c, terminating only on a 0xFF sentinel or a zero record_size. In worst cases, this could loop hundreds of t...

5.7AI score0.00168EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in PostgresSQL 11

A flaw was discovered in PostgreSQL versions prior to 13.3, before 12.7, before 11.12, before 10.17, and before 9.6.22. When modifying certain SQL array values, missing bounds checks allow authenticated database users to write arbitrary bytes into a wide range of server memory. The greatest threa...

8.8CVSS7.4AI score0.0199EPSS
Exploits0References2
OSV
OSV
added 2026/06/15 7:56 p.m.3 views

GHSA-HPCV-96WG-7VJ8 DOMPurify: Cross-realm IN_PLACE sanitization leaves executable markup intact via realm-bound `instanceof` checks

Cross-realm INPLACE sanitization leaves executable markup intact via realm-bound instanceof checks CWE: CWE-79 XSS — Improper Neutralization of Input During Web Page Generation via CWE-693 Protection Mechanism Failure — realm-bound instanceof checks fail-open on foreign-realm DOM nodes and CWE-50...

6.1CVSS5.8AI score0.00055EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/05 4:51 p.m.8 views

CVE-2026-45290 Cloudburst Network has DoS in RakNet connection handling due to missing bound checks

Cloudburst Network provides network components used within Cloudburst projects. A vulnerability in versions prior to 1.0.0.CR3-20260417.085727-30 impacts publicly accessible software depending on the affected versions of Network and allows an attacker to exploit a vulnerability in Network to stal...

7.5CVSS5.5AI score0.00278EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/05 4:51 p.m.32 views

CVE-2026-45290 Cloudburst Network has DoS in RakNet connection handling due to missing bound checks

Cloudburst Network provides network components used within Cloudburst projects. A vulnerability in versions prior to 1.0.0.CR3-20260417.085727-30 impacts publicly accessible software depending on the affected versions of Network and allows an attacker to exploit a vulnerability in Network to stal...

7.5CVSS0.00278EPSS
Exploits0References1
CVE
CVE
added 2026/06/05 4:51 p.m.19 views

CVE-2026-45290

Cloudburst Network: A vulnerability in versions prior to 1.0.0.CR3-20260417.085727-30 affects the Network component and can stall the Netty event loop, rendering affected software inoperable. Impact is availability-focused (HIGH) with no confidentiality or integrity impact per the cited metrics. ...

7.5CVSS5.5AI score0.00278EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 9:24 a.m.7 views

CVE-2026-45843

In the Linux kernel, the following vulnerability has been resolved: slip: bound decode reads against the compressed packet length slhcuncompress parses a VJ-compressed TCP header by advancing a pointer through the packet via decode and pull16. Neither helper bounds-checks against isize, and decod...

5.8AI score0.00278EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/05/19 5:0 a.m.52 views

CVE-2026-8813

This affects versions of the package exifreader before 4.39.0. A crafted image containing an ICC mluc tag can set an attacker-controlled record count together with a zero record size. During parsing, ExifReader repeatedly processes the same record and appends entries to an array without sufficien...

8.7CVSS0.00528EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/15 2:47 a.m.7 views

CVE-2023-31317

Improper restriction of operations within the bounds of a memory buffer in the AMD secure processer ASP could allow an attacker to read or write to protected memory potentially resulting in arbitrary code execution...

8.8CVSS6.2AI score0.00104EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of upper-bound checks on user input in the amdgpuuserqsignalioctl function. This...

5.5CVSS5.8AI score0.00126EPSS
Exploits0References2
OSV
OSV
added 2026/04/20 2:7 p.m.5 views

OPENSUSE-SU-2026:20571-1 Security update for go1.26

This update for go1.26 fixes the following issues: - Update to version go1.26.2 bsc1255111. - CVE-2026-27140: cmd/go: trust layer bypass when using cgo and SWIG bsc1261653. - CVE-2026-27143: cmd/compile: possible memory corruption after bound check elimination bsc1261654. - CVE-2026-27144:...

9.8CVSS5.9AI score0.00658EPSS
Exploits0References21
OSV
OSV
added 2026/04/18 8:42 a.m.9 views

BIT-GOLANG-2026-27143 Missing bound checks can lead to memory corruption in safe Go in cmd/compile

Arithmetic over induction variables in loops were not correctly checked for underflow or overflow. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption...

9.8CVSS5.8AI score0.00536EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/04/14 12:0 a.m.9 views

CVE-2026-34003

A flaw was found in the X.Org X server's XKB key types request validation. A local attacker could send a specially crafted request to the X server, leading to an out-of-bounds memory access vulnerability. This could result in the disclosure of sensitive information or cause the server to crash,...

7.8CVSS5.7AI score0.0025EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/08 1:6 a.m.3 views

CVE-2026-27143 Missing bound checks can lead to memory corruption in safe Go in cmd/compile

Arithmetic over induction variables in loops were not correctly checked for underflow or overflow. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption...

5.9AI score0.00536EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/08 1:6 a.m.21 views

CVE-2026-27143 Missing bound checks can lead to memory corruption in safe Go in cmd/compile

Arithmetic over induction variables in loops were not correctly checked for underflow or overflow. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption...

0.00536EPSS
Exploits0References4
OSV
OSV
added 2026/04/07 10:53 p.m.6 views

GO-2026-4868 Missing bound checks can lead to memory corruption in safe Go in cmd/compile

Arithmetic over induction variables in loops were not correctly checked for underflow or overflow. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption...

9.8CVSS5.9AI score0.00536EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, caused by improper bounds checking, which may lead to out-of-bound reads...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/02/10 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-52534

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper bound check within AMD CPU microcode can allow a malicious guest to write to host memory, potentially resulting in loss of integrity. CVE-2025-52534 No...

5.3CVSS5.6AI score0.00297EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/04 12:0 a.m.5 views

PT-2025-49082

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel related to out-of-bounds read access within the qede tpa cont and qede tpa end functions. The loops in these functions iterate over the cqe-len list...

6.1AI score0.00173EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2025/11/25 5:25 p.m.4 views

xorg: xmayland: Value overflow in XkbSetCompatMap()

A flaw was identified in the X.Org X server’s X Keyboard Xkb extension where improper bounds checking in the XkbSetCompatMap function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a cras...

7.3CVSS5.9AI score0.00273EPSS
Exploits0References5
Rows per page
Query Builder