Lucene search
+L

3186 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:41 p.m.11 views

CVE-2025-47408

Memory corruption when another driver calls an IOCTL with invalid input/output buffer...

7.8CVSS5.5AI score0.00075EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:33 p.m.11 views

CVE-2026-45740

protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 7.5.8 and 8.2.0, protobufjs could recurse without a depth limit while expanding nested JSON descriptors through Root.fromJSON and Namespace.addJSON. A crafted JSON descriptor with deeply nested namespace definitions...

7.5CVSS5.4AI score0.00263EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:10 p.m.11 views

CVE-2026-8466

Allocation of Resources Without Limits or Throttling vulnerability in ninenines cowboy allows denial of service via unbounded buffer accumulation in multipart header parsing. cowboyreq:readpart/3 in src/cowboyreq.erl accumulates incoming request bytes into a Buffer binary with no upper-bound chec...

8.2CVSS5.6AI score0.00382EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 12:16 p.m.15 views

CVE-2026-50264

An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attachments and one DRI2BufferFrontLeft can trigger an out-of-bounds heap write. This may be used to crash the server, or for...

7.8CVSS0.00148EPSS
Exploits0References26
OSV
OSV
added 2026/06/05 12:16 p.m.8 views

UBUNTU-CVE-2026-50264

An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attachments and one DRI2BufferFrontLeft can trigger an out-of-bounds heap write. This may be used to crash the server, or for...

7.8CVSS5.3AI score0.00148EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/05 10:36 a.m.10 views

EUVD-2026-34818

An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attachments and one DRI2BufferFrontLeft can trigger an out-of-bounds heap write. This may be used to crash the server, or for...

7.8CVSS5.4AI score0.00148EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/05 10:36 a.m.79 views

CVE-2026-50264 Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: out-of-bounds heap write in dri2 drigetbuffers/drigetbufferswithformat

An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attachments and one DRI2BufferFrontLeft can trigger an out-of-bounds heap write. This may be used to crash the server, or for...

7.8CVSS0.00148EPSS
Exploits0References25
CVE
CVE
added 2026/06/05 10:36 a.m.49 views

CVE-2026-50264

CVE-2026-50264 concerns the X.Org X server and Xwayland. The flaw is an out-of-bounds heap write in DRIGetBuffers/DRIGetBuffersWithFormat when a client requests multiple DRI2BufferBackLeft attachments plus one DRI2BufferFrontLeft. This can crash the X server and may enable privilege escalation if...

7.8CVSS5.4AI score0.00148EPSS
Exploits0References26Affected Software3
Debian CVE
Debian CVE
added 2026/06/05 10:36 a.m.12 views

CVE-2026-50264

An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attachments and one DRI2BufferFrontLeft can trigger an out-of-bounds heap write. This may be used to crash the server, or for...

7.8CVSS5.4AI score0.00148EPSS
Exploits0
Redos
Redos
added 2026/06/05 12:0 a.m.10 views

ROS-20260605-73-0082

The vulnerability in Firefox is related to the execution of operations outside the buffer in memory. The vulnerability can be exploited remotely...

7.5CVSS5.8AI score0.00433EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/06/04 9:13 p.m.19 views

USN-8390-1: Linux kernel vulnerability

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

8.8CVSS6.1AI score0.93235EPSS
Exploits31
OSV
OSV
added 2026/06/04 5:33 p.m.5 views

CVE-2026-48040 netty-incubator-codec-ohttp's Incorrect Native Pointer Derivation in Pooled Direct ByteBuf Fallback Leads to Out-of-Bounds Native Memory Access

The netty incubator codec.bhttp is a java language binary http parser. The library implements Oblivious HTTP RFC 9458 using BoringSSL's HPKE C library via JNI. When deriving native memory addresses for cryptographic operations versions prior to 0.0.22.Final provide a fallback path for direct...

8.8CVSS6.1AI score0.00174EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/03 3:50 p.m.8 views

CVE-2026-46267

In the Linux kernel, the following vulnerability has been resolved: nfc: hci: shdlc: Stop timers and work before freeing context llcshdlcdeinit purges SHDLC skb queues and frees the llcshdlc structure while its timers and state machine work may still be active. Timer callbacks can schedule smwork...

5.7AI score0.00121EPSS
Exploits0References8Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/03 10:1 a.m.14 views

CVE-2026-25260

Memory Corruption when accessing shared buffers without validation of concurrent user-mode input modifications...

7.8CVSS5.8AI score0.00052EPSS
Exploits0References1
OSV
OSV
added 2026/06/03 7:2 a.m.21 views

OPENSUSE-SU-2026:20896-1 Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues: - CreateSaverWindow Use-After-Free Information Disclosure. bsc1266301 - DRI2 DRIGetBuffers/DRIGetBuffersWithFormat Out-Of-Bounds Write. bsc1266302 - Font Alias Stack-based Buffer Overflow. bsc1266294 - GLX ChangeDrawableAttributes...

5.5AI score
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.21 views

PT-2026-46002

Mercusys AC12G EU V1 with firmware AC12GEU V1 200909 exposes an undocumented /agileconfigreset endpoint that returns internal buffer contents to unauthenticated attackers on the adjacent network...

4.3CVSS5.9AI score0.00166EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/03 12:0 a.m.20 views

EUVD-2026-34153

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 exposes an undocumented /agileconfigreset endpoint that returns internal buffer contents to unauthenticated attackers on the adjacent network...

4.3CVSS5.9AI score0.00166EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.12 views

Mercusys AC12G 安全漏洞

The Mercusys AC12G is a Gigabit wireless router produced by the Chinese company Mercusys. The Mercusys AC12G EU V1 AC12G EU V1 version has a security vulnerability. This vulnerability arises from returning uninitialized internal buffer contents when HTTP POST requests are sent to an undefined pat...

4.3CVSS5.6AI score0.00159EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2026/06/02 8:42 a.m.14 views

Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues CreateSaverWindow Use-After-Free Information Disclosure. bsc1266301 DRI2 DRIGetBuffers/DRIGetBuffersWithFormat Out-Of-Bounds Write. bsc1266302 Font Alias Stack-based Buffer Overflow. bsc1266294 GLX ChangeDrawableAttributes Out-Of-Bounds...

5.8AI score
Exploits0References18
OSV
OSV
added 2026/06/02 8:40 a.m.8 views

SUSE-SU-2026:2221-1 Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues - CreateSaverWindow Use-After-Free Information Disclosure. bsc1266301 - DRI2 DRIGetBuffers/DRIGetBuffersWithFormat Out-Of-Bounds Write. bsc1266302 - Font Alias Stack-based Buffer Overflow. bsc1266294 - GLX ChangeDrawableAttributes...

5.8AI score
Exploits0References10
Rows per page
Query Builder