Lucene search
K

1973 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/07/06 1:23 p.m.9 views

Security Bulletin: Multiple Vulnerabilities in IBM Bob

Summary Multiple vulnerabilities were addressed in IBM Bob V 2.0 Vulnerability Details CVEID:CVE-2026-41676 DESCRIPTION: rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive and PkeyCtxRef::derive sets len = buf.len and passes it...

9.8CVSS7.8AI score0.00412EPSS
Exploits1Affected Software1
CVE
CVE
added 2026/07/03 8:57 p.m.49 views

CVE-2026-14355

The CVE-2026-14355 issue affects PHP 8.2.x before 8.2.32, 8.3.x before 8.3.32, 8.4.x before 8.4.23, and 8.5.x before 8.5.8. It is caused by a buffer allocation flaw in the AES-WRAP-PAD algorithm within the OpenSSL extension, where the output buffer for AES key-wrap-with-padding is sized from plai...

5.6CVSS6.1AI score0.00306EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/07/03 6:29 p.m.15 views

CVE-2026-58379

The CVE-2026-58379 vulnerability affects GIMP 's Paint Shop Pro (PSP) file format parser. It is a heap buffer overflow caused by incorrect buffer size calculations when processing low bit-depth PSP images , which can lead to arbitrary code execution or DoS when a user opens a crafted image. The p...

7.3CVSS6.7AI score0.00233EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.10 views

PT-2026-55578

Name of the Vulnerable Software and Affected Versions GIMP affected versions not specified Description A heap buffer overflow exists in the Paint Shop Pro PSP file format parser. The issue occurs when the software incorrectly calculates buffer sizes while processing low bit-depth images, which...

7.3CVSS6.6AI score0.00233EPSS
Exploits0References12
EUVD
EUVD
added 2026/07/02 12:31 a.m.8 views

EUVD-2026-41218

A division-by-zero vulnerability in the CStreamSwitcherOutputPin::DecideBufferSize function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

5.5CVSS5.8AI score0.00111EPSS
Exploits0References2
NVD
NVD
added 2026/07/01 10:16 p.m.7 views

CVE-2026-36911

A division-by-zero vulnerability in the CStreamSwitcherOutputPin::DecideBufferSize function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

5.5CVSS0.00111EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/01 12:0 a.m.38 views

CVE-2026-36911

A division-by-zero vulnerability in the CStreamSwitcherOutputPin::DecideBufferSize function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

0.00111EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 12:0 a.m.13 views

CVE-2026-36911

Summary of CVE-2026-36911 (MPC-BE) : A division-by-zero vulnerability exists in the file parsing/processing path: the function CStreamSwitcherOutputPin::DecideBufferSize in MPC-BE (before commit 4341cb3). This can be triggered by a crafted MP4 file, leading to a Denial of Service . Affected softw...

5.5CVSS5.8AI score0.00111EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:7 a.m.8 views

drm/amd/display: Clamp HDMI HDCP2 rx_id_list read to buffer size

...

7.8CVSS5.8AI score0.00143EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/27 12:0 a.m.14 views

PT-2026-53065

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The CONS HISTORY ioctl handler fails to properly validate the requested history size. Providing a large value leads to an integer overflow during the buffer size...

7.8CVSS5.9AI score0.00107EPSS
Exploits0References8
OSV
OSV
added 2026/06/26 8:17 p.m.4 views

UBUNTU-CVE-2026-53304

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Resolve soft lockup issue when opening /dev/sgX The parameter defreservedsize defines the default buffer size reserved for each Sgfd and should be restricted to a range between 0 and 1,048,576 see...

5.5CVSS5.8AI score0.00101EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2026/06/26 8:4 p.m.8 views

CVE-2026-52972

A flaw was found in the Linux kernel's afalg cryptography module. This vulnerability involves an arithmetic overflow when processing associated data lengths during the transmit buffer size check. A remote attacker could exploit this flaw by providing a specially crafted associated data length,...

7CVSS6AI score0.0014EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/26 10:50 a.m.10 views

CVE-2026-53183

A flaw was found in the Linux kernel's Multipath TCP MPTCP implementation. This vulnerability occurs because the TCP stack independently manages the TCP-level receive window, which can lead to an artificial inflation of the MPTCP receive window. A remote attacker could exploit this by sending...

7.5CVSS6AI score0.00506EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/06/26 2:12 a.m.7 views

SUSE CVE-2026-53137

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Clamp HDMI HDCP2 rxidlist read to buffer size Why & How During HDCP 2.x repeater authentication over HDMI, the driver reads the sink's RxStatus register and extracts a 10-bit message size field max value 1023. Th...

6AI score0.00143EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/26 2:9 a.m.7 views

SUSE CVE-2026-53216

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: limit XDP frame size to the RX buffer mvpp2 has short and long BM pools, and short pool buffers can be smaller than PAGESIZE. The XDP path nevertheless initializes every xdpbuff with PAGESIZE as frame size. XDP helper...

9.8CVSS5.9AI score0.00546EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2026/06/26 12:0 a.m.3 views

The vulnerability of the net/batman-adv/bat_iv_ogm.c module in the Linux operating system allows a hacker to trigger a system failure during maintenance operations.

The vulnerability of the net/batman-adv/bativogm.c module in the Linux operating system is related to incorrect calculations of buffer size. Exploiting this vulnerability can allow an attacker to cause a service failure...

7.8CVSS6.1AI score0.00121EPSS
Exploits0References13Affected Software2
Cvelist
Cvelist
added 2026/06/25 8:11 p.m.23 views

CVE-2026-6681 PKCS#7 decode ignores caller output buffer size, writing past buffer bounds

The PKCS7 decode path ignores the caller-supplied output buffer size outputSz, allowing decoded content to be written past the bounds of the provided buffer. This affects wolfSSL 5.9.0 and earlier and was fixed in the 5.9.1 release...

1CVSS0.00256EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:11 p.m.6 views

CVE-2026-6681

The PKCS7 decode path ignores the caller-supplied output buffer size outputSz, allowing decoded content to be written past the bounds of the provided buffer. This affects wolfSSL 5.9.0 and earlier and was fixed in the 5.9.1 release...

1CVSS6AI score0.00256EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/06/25 8:11 p.m.14 views

CVE-2026-6681

CVE-2026-6681 describes a buffer overflow in wolfSSL up to 5.9.0 caused by the PKCS#7 decode path ignoring the caller-supplied output buffer size (outputSz). Decoded data can be written past the provided buffer, potentially affecting confidentiality and integrity. The issue is fixed in wolfSSL 5....

5.3CVSS6AI score0.00256EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/25 6:19 p.m.6 views

CVE-2026-52959

A flaw was found in the Linux kernel's Secure Encrypted Virtualization SEV guest module. This vulnerability allows a malicious host to provide an invalid buffer size during an extended guest request. This incorrect handling of host-controlled page order during the cleanup process can lead to a...

7.8CVSS6AI score0.00093EPSS
Exploits0References4
Rows per page
Query Builder