Lucene search
K

141 matches found

OSV
OSV
added 2026/06/24 4:28 p.m.4 views

CVE-2026-52956 libceph: Fix potential out-of-bounds access in __ceph_x_decrypt()

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in cephxdecrypt In cephxdecrypt, a part of the buffer p is interpreted as a cephxencryptheader, and the magic field of this struct is accessed. This happens without any guarantee that t...

7.5CVSS5.9AI score0.00359EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.11 views

EulerOS Virtualization 2.12.1 : expat (EulerOS-SA-2026-2073)

According to the versions of the expat package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data.CVE-2026-24515 In libexpat...

7.8CVSS5.8AI score0.00193EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/28 9:35 a.m.9 views

CVE-2026-46128

In the Linux kernel, the following vulnerability has been resolved: ipmi: Check event message buffer response for bad data The event message buffer response data size got checked later when processing, but check it right after the response comes back. It appears some BMCs may return an empty...

5.8AI score0.00128EPSS
Exploits0References9Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The validation of the request buffer size was added in smb2allocaterspbuf. The response buffer should be allocated in smb2allocaterspbuf before validation of the request. However, fields within the payload as well as the...

7.8CVSS6AI score0.00234EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/08 1:11 p.m.34 views

CVE-2026-43304 libceph: define and enforce CEPH_MAX_KEY_LEN

In the Linux kernel, the following vulnerability has been resolved: libceph: define and enforce CEPHMAXKEYLEN When decoding the key, verify that the key material would fit into a fixed-size buffer in processauthdone and generally has a sane length. The new CEPHMAXKEYLEN check replaces the existin...

9.8CVSS0.00502EPSS
Exploits0References7
OSV
OSV
added 2026/05/08 5:46 a.m.6 views

BIT-JRE-2024-47777 GHSL-2024-259: GStreamer has an OOB-read in gst_wavparse_smpl_chunk

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been identified in the gstwavparsesmplchunk function within gstwavparse.c. This function attempts to read 4 bytes from the data + 12 offset without checking if the size of the data buffer is...

9.1CVSS7.1AI score0.01161EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/06 11:28 a.m.5 views

CVE-2026-43206

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix out-of-bounds write in kfdeventpageset The kfdeventpageset function writes KFDSIGNALEVENTLIMIT 8 bytes via memset without checking the buffer size parameter. This allows unprivileged userspace to trigger an out-of...

5.9AI score0.00139EPSS
Exploits0References9Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.12 views

PT-2026-38026

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been identified in the gst wavparse smpl chunk function within gstwavparse.c. This function attempts to read 4 bytes from the data + 12 offset without checking if the size of the data buffer...

9.1CVSS6.7AI score0.01161EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/05/01 2:15 p.m.34 views

CVE-2026-43048 HID: core: Mitigate potential OOB by removing bogus memset()

In the Linux kernel, the following vulnerability has been resolved: HID: core: Mitigate potential OOB by removing bogus memset The memset in hidreportrawevent has the good intention of clearing out bogus data by zeroing the area from the end of the incoming data string to the assumed end of the...

8.8CVSS0.00241EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/01 2:15 p.m.7 views

EUVD-2026-26647

In the Linux kernel, the following vulnerability has been resolved: HID: core: Mitigate potential OOB by removing bogus memset The memset in hidreportrawevent has the good intention of clearing out bogus data by zeroing the area from the end of the incoming data string to the assumed end of the...

5.9AI score0.00241EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.8 views

PT-2026-36465

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the HID core where the memset function within hid report raw event attempts to clear data by zeroing the area between the end of the incoming data string and the assumed...

8.8CVSS6.7AI score0.00415EPSS
Exploits0References169
SUSE CVE
SUSE CVE
added 2026/04/25 1:37 a.m.6 views

SUSE CVE-2026-31631

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix buffer overread in rxgkdoverifyauthenticator Fix rxgkdoverifyauthenticator to check the buffer size before checking the nonce...

8.2CVSS5.7AI score0.00385EPSS
Exploits0References3
OSV
OSV
added 2026/04/24 3:16 p.m.7 views

DEBIAN-CVE-2026-31631

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix buffer overread in rxgkdoverifyauthenticator Fix rxgkdoverifyauthenticator to check the buffer size before checking the nonce...

8.2CVSS5.5AI score0.00385EPSS
Exploits0References1
NVD
NVD
added 2026/04/24 3:16 p.m.5 views

CVE-2026-31612

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate EaNameLength in smb2getea smb2getea reads eareq-EaNameLength from the client request and passes it directly to strncmp as the comparison length without verifying that the length of the name really is the size of t...

7.5CVSS0.00415EPSS
Exploits0References7
EUVD
EUVD
added 2026/04/24 2:44 p.m.5 views

EUVD-2026-25524

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix buffer overread in rxgkdoverifyauthenticator Fix rxgkdoverifyauthenticator to check the buffer size before checking the nonce...

5.6AI score0.00385EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.17 views

PT-2026-34964

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the ksmbd module, the smb2 get ea function reads the EaNameLength variable from a client request and passes it to strncmp as the comparison length without verifying if the name length...

9.8CVSS5.2AI score0.00525EPSS
Exploits0References351
SUSE CVE
SUSE CVE
added 2026/04/23 1:26 a.m.17 views

SUSE CVE-2026-31432

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix OOB write in QUERYINFO for compound requests When a compound request such as READ + QUERYINFOSecurity is received, and the first command READ consumes most of the response buffer, ksmbd could write beyond the allocated...

8.8CVSS5.8AI score0.00507EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2026/04/22 12:0 a.m.4 views

The vulnerability of the libpng library, related to copying buffers without checking the size of the input data, allows a hacker to cause a service failure.

The vulnerability of the libpng library lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6AI score0.00139EPSS
Exploits1References6Affected Software4
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.9 views

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. There is a security vulnerability in Qualcomm Chipsets, which stems from the lack of size verification when accessing the output buffer during the IOCTL processing of the camera sensor driver. This...

7.8CVSS5.9AI score0.00075EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.9 views

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. There are security vulnerabilities in Qualcomm Chipsets, which stem from the lack of size verification when accessing the output buffer during IOCTL processing, potentially leading to memory...

7.8CVSS5.9AI score0.00077EPSS
Exploits0References1
Rows per page
Query Builder