CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

In the Linux kernel, the following vulnerability has been resolved: HID: core: ensure the allocated report buffer can contain the reserved report ID When the report ID is not used, the low level transport drivers expect the first byte to be 0. However, currently the allocated buffer not account f...

5.5CVSS0.00021EPSS

Exploits0References10

OSV•added 2025/07/28 11:22 a.m.•2 views

CVE-2025-38495 HID: core: ensure the allocated report buffer can contain the reserved report ID

5.5CVSS6.2AI score0.00021EPSS

Exploits0References13

RedhatCVE•added 2025/06/20 4:53 p.m.•2 views

CVE-2025-38061

In the Linux kernel, the following vulnerability has been resolved: net: pktgen: fix access outside of user given buffer in pktgenthreadwrite Honour the user given buffer size for the strnlen calls otherwise strnlen will access memory outside of the user given buffer...

6.7CVSS7.5AI score0.00081EPSS

Exploits0References4

Positive Technologies•added 2025/06/19 12:0 a.m.•1 views

PT-2025-26227

Name of the Vulnerable Software and Affected Versions HDF5 versions up to 1.14.6 Description A critical issue has been found, affecting the H5FS sect find node function of the file H5FSsection.c, leading to a heap-based buffer overflow. The attack can be launched on the local host. Recommendation...

5.3CVSS5.4AI score0.00146EPSS

Exploits1References19

OSV•added 2025/06/18 11:3 a.m.•2 views

CVE-2022-50159 of: check previous kernel's ima-kexec-buffer against memory bounds

In the Linux kernel, the following vulnerability has been resolved: of: check previous kernel's ima-kexec-buffer against memory bounds Presently imagetkexecbuffer doesn't check if the previous kernel's ima-kexec-buffer lies outside the addressable memory range. This can result in a kernel panic i...

5.5CVSS7.1AI score0.00065EPSS

Exploits0References7

RedhatCVE•added 2025/05/22 7:5 p.m.•5 views

CVE-2021-1969

Improper validation of kernel buffer address while copying information back to user buffer can lead to kernel memory information exposure to user space in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdrag...

6.2CVSS7AI score0.00035EPSS

Exploits0References1

CVE•added 2025/05/06 8:32 a.m.•62 views

CVE-2025-21460

CVE-2025-21460 describes memory corruption in a Qualcomm chipset-based automotive software platform built on QNX. The vulnerability occurs while processing a message where a buffer is controlled by a Guest VM, allowing the value to be changed continuously and potentially triggering corruption. CV...

7.8CVSS8AI score0.00068EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/01/21 12:18 p.m.•11 views

CVE-2024-57943 exfat: fix the new buffer was not zeroed before writing

In the Linux kernel, the following vulnerability has been resolved: exfat: fix the new buffer was not zeroed before writing Before writing, if a bufferhead marked as new, its data must be zeroed, otherwise uninitialized data in the page cache will be written. So this commit uses foliozeronewbuffe...

0.00072EPSS

Exploits0References2

RedhatCVE•added 2024/08/08 5:45 p.m.•14 views

CVE-2024-42237

In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Validate payload length before processing block Move the payload length check in csdspload and csdspcoeffload to be done before the block is processed. The check that the length of a block payload does not exceed...

5.5CVSS7.5AI score0.00033EPSS

Exploits0References4

OSV•added 2024/07/16 12:25 p.m.•23 views

CVE-2022-48853 Reinstate some of "swiotlb: rework "fix info leak with DMA_FROM_DEVICE""

In the Linux kernel, the following vulnerability has been resolved: swiotlb: fix info leak with DMAFROMDEVICE The problem I'm addressing was discovered by the LTP test covering cve-2018-1000204. A short description of what happens follows: 1 The test case issues a command code 00 TEST UNIT READY...

5.5CVSS6.5AI score0.0002EPSS

Exploits0References20

Cvelist•added 2024/05/30 3:29 p.m.•20 views

CVE-2024-36934 bna: ensure the copied buf is NUL terminated

In the Linux kernel, the following vulnerability has been resolved: bna: ensure the copied buf is NUL terminated Currently, we allocate a nbytes-sized kernel buffer and copy nbytes from userspace to that buffer. Later, we use sscanf on this buffer but we don't ensure that the string is terminated...

7.3AI score0.00011EPSS

Exploits0References8

Positive Technologies•added 2023/07/18 12:0 a.m.•2 views

PT-2023-11654 · Unknown · Advancemame

Name of the Vulnerable Software and Affected Versions: AdvanceMAME versions through 2.1 Description: The issue is a heap-based buffer over-read in the png convert 4 function, located in the pngex.cc file. This occurs in AdvanceMAME. Recommendations: For AdvanceMAME versions through 2.1, update to...

7.1CVSS6.7AI score0.00032EPSS

Exploits1References6

Github Security Blog•added 2022/06/16 11:38 p.m.•14 views

`Read` on uninitialized buffer in `fill_buf()` and `read_up_to()`

Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation. Arbitrary Read implementations can read from the uninitialized buffer memory exposure and also can return incorrect number of bytes written to the buffer. Reading from uninitialized memory...

6.8AI score

Exploits0References3Affected Software1

Cvelist•added 2021/08/27 3:25 p.m.•13 views

CVE-2021-36530

ngiflib 0.4 has a heap overflow in GetByteStr at ngiflib.c:108 in NGIFLIBNOFILE mode, GetByteStr copy memory buffer without checking the boundary...

9.2AI score0.00352EPSS

Exploits1References1