Lucene search
K

253640 matches found

OSV
OSV
added 2026/05/09 12:33 p.m.8 views

OESA-2026-2260 editorconfig security update

EditorConfig makes it easy to maintain the correct coding style when switching between different text editors and between different projects. The EditorConfig project maintains a file format and plugins for various text editors which allow this file format to be read and used by those editors...

8.6CVSS6AI score0.00151EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/05/09 8:4 a.m.9 views

Gnutls: gnutls: denial of service via heap buffer overflow in dtls handshake fragment reassembly

...

7.5CVSS5.8AI score0.01263EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/09 2:42 a.m.7 views

SUSE CVE-2026-43125

In the Linux kernel, the following vulnerability has been resolved: dlm: validate length in dlmsearchrsbtree The len parameter in dlmdumprsbname is not validated and comes from network messages. When it exceeds DLMRESNAMEMAXLEN, it can cause out-of-bounds write in dlmsearchrsbtree. Add length...

5.5CVSS6.1AI score0.00411EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/09 12:43 a.m.10 views

CVE-2026-6665 PgBouncer buffer overflow in SCRAM

The SCRAM code in PgBouncer before 1.25.2 did not check the return value of strlcat correctly when building the contents of the SCRAM client-final-message. A malicious backend that sends a SCRAM server-final-message with a long nonce can trigger a stack overflow...

8.1CVSS6AI score0.00372EPSS
Exploits0References1
CVE
CVE
added 2026/05/09 12:43 a.m.24 views

CVE-2026-6665

PgBouncer: CVE-2026-6665 concerns the SCRAM code before 1.25.2, where the return value of strlcat() is not checked when building SCRAM client-final-message. A malicious SCRAM server-final-message with a long nonce can trigger a stack overflow in the backing process. Affected product is PgBouncer;...

9.8CVSS6AI score0.00372EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/09 12:0 a.m.14 views

PT-2026-39309

Name of the Vulnerable Software and Affected Versions smallbitvec affected versions not specified Description An integer overflow occurs during the internal capacity calculation within the buffer lencap function. When the cap variable is close to usize::MAX, unchecked arithmetic causes the value ...

7.3CVSS6AI score0.00151EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/05/08 7:26 p.m.15 views

CVE-2026-43341

A flaw was found in the Linux kernel's IPv6 In-situ Operations, Administration, and Maintenance IOAM6 trace fill functionality. An integer overflow vulnerability exists in the ioam6filltracedata function, where the schema length calculation can wrap around due to being stored in an 8-bit unsigned...

9.8CVSS5.9AI score0.00409EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/08 6:46 p.m.10 views

CVE-2026-43304

A flaw was found in the libceph component of the Linux kernel. This vulnerability occurs when the kernel processes authentication keys, specifically in the processauthdone function, where it fails to properly enforce a maximum length for key material. An attacker could exploit this by providing a...

9.8CVSS6AI score0.00502EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/08 6:31 p.m.12 views

EUVD-2026-28785

nanoMODBUS through v1.22.0 has a stack-based buffer overflow in recvreadregistersres in nanomodbus.c. When a client calls nmbsreadholdingregisters or nmbsreadinputregisters, the library writes register data from the server response to the caller-provided buffer based on the response's bytecount...

8.2CVSS6.4AI score0.00639EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/08 6:31 p.m.10 views

EUVD-2026-28786

An issue was discovered in kosma minmea 0.3.0. The minmeascan functions format specifier copies NMEA field data to a caller-provided buffer without a size parameter. Applications using minmeascan on untrusted input are vulnerable to a stack buffer overflow...

7.5CVSS6.1AI score0.00307EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/08 6:29 p.m.7 views

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the minmeascan function. An attacker can execute arbitrary code or cause a denial of service by supplying specially crafted NMEA input that leads to copying data into a buffer without proper size...

8.7CVSS6.3AI score0.00307EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/05/08 6:11 p.m.189 views

Exploit for Stack-based Buffer Overflow in Dronecode Px4_Drone_Autopilot

CTT-Enhanced-PX4-Autopilot-Exploit-CVE-2026-32743 CVE-2026-327...

6.5CVSS6.3AI score0.00365EPSS
Exploits3
NVD
NVD
added 2026/05/08 4:16 p.m.13 views

CVE-2026-29974

An issue was discovered in kosma minmea 0.3.0. The minmeascan functions format specifier copies NMEA field data to a caller-provided buffer without a size parameter. Applications using minmeascan on untrusted input are vulnerable to a stack buffer overflow...

7.5CVSS0.00307EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/08 2:21 p.m.5 views

CVE-2026-43380

In the Linux kernel, the following vulnerability has been resolved: hwmon: pmbus/q54sj108a2 fix stack overflow in debugfs read The q54sj108a2debugfsread function suffers from a stack buffer overflow due to incorrect arguments passed to bin2hex. The function currently passes 'data' as the...

6AI score0.00143EPSS
Exploits0References8Affected Software1
NVD
NVD
added 2026/05/08 2:16 p.m.24 views

CVE-2026-41509

CROSS implementation contains reference and optimized implementations of the CROSS post-quantum signature algorithm. Prior to commit fc6b7e7, there is a buffer overflow in cryptosignopen caused by an underflow of the integer mlen. This issue has been patched via commit fc6b7e7...

9.8CVSS0.0034EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/08 1:47 p.m.13 views

CVE-2026-41509 Integer underflow in crypto_sign_open() leads to buffer overflow

CROSS implementation contains reference and optimized implementations of the CROSS post-quantum signature algorithm. Prior to commit fc6b7e7, there is a buffer overflow in cryptosignopen caused by an underflow of the integer mlen. This issue has been patched via commit fc6b7e7...

6.9CVSS6AI score0.0034EPSS
Exploits0References2
CVE
CVE
added 2026/05/08 1:47 p.m.13 views

CVE-2026-41509

The CVE-2026-41509 entry concerns the CROSS implementation of the CROSS post-quantum signature algorithm. A buffer overflow in crypto_sign_open() was caused by an underflow of the length field (mlen) before commit fc6b7e7. This underflow vulnerability could enable an overflow during signature ver...

9.8CVSS6AI score0.0034EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/08 1:47 p.m.9 views

CVE-2026-41509

CROSS implementation contains reference and optimized implementations of the CROSS post-quantum signature algorithm. Prior to commit fc6b7e7, there is a buffer overflow in cryptosignopen caused by an underflow of the integer mlen. This issue has been patched via commit fc6b7e7...

6.9CVSS6AI score0.0034EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/08 1:47 p.m.29 views

CVE-2026-41509 Integer underflow in crypto_sign_open() leads to buffer overflow

CROSS implementation contains reference and optimized implementations of the CROSS post-quantum signature algorithm. Prior to commit fc6b7e7, there is a buffer overflow in cryptosignopen caused by an underflow of the integer mlen. This issue has been patched via commit fc6b7e7...

6.9CVSS0.0034EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/08 1:47 p.m.14 views

EUVD-2026-28598

CROSS implementation contains reference and optimized implementations of the CROSS post-quantum signature algorithm. Prior to commit fc6b7e7, there is a buffer overflow in cryptosignopen caused by an underflow of the integer mlen. This issue has been patched via commit fc6b7e7...

6.9CVSS6AI score0.0034EPSS
Exploits0References2
Rows per page
Query Builder