Lucene search
K

17 matches found

Cvelist
Cvelist
added 2026/04/30 7:58 a.m.38 views

CVE-2026-42512 Remotely triggerable out-of-bounds heap write in dhclient

As dhclient is building an environment to pass to dhclient-script, it may need to resize the array of string pointers. The code which expands the array incorrectly calculates its new size when requesting memory, resulting in a heap buffer overrun. A specially crafted packet can cause dhclient to...

0.01423EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/09 8:29 p.m.3 views

CVE-2026-40093 nimiq-blockchain is missing a wall-clock upper bound on block timestamps

nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In 1.3.0 and earlier, block timestamp validation enforces that timestamp = parent.timestamp for non-skip blocks and timestamp == parent.timestamp + MINPRODUCERTIMEOUT for skip blocks, but there is no visible upper...

8.1CVSS5.8AI score0.00314EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/02 12:0 a.m.7 views

GNOME localsearch 安全漏洞

GNOME localsearch is a file search engine developed under the GNU General Public License. GNOME localsearch has a security vulnerability, which stems from an error in length calculation during the MP3 Extractor tracker-extract-mp3 process. This error may lead to heap buffer overflows,...

5.9AI score0.00246EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/12/12 12:0 a.m.7 views

PT-2025-50956

Name of the Vulnerable Software and Affected Versions Malwarebytes version 1.0.14 Description The software does not correctly calculate signatures in certain situations, leading to a potential bypass of malware detection. Recommendations Update to a newer version that contains a fix for this...

3.3CVSS6.6AI score0.00182EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2025/11/03 12:0 a.m.3 views

SUSE: Security Advisory (SUSE-SU-2025:1771-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.01467EPSS
Exploits1References5
CVE
CVE
added 2025/10/16 3:51 p.m.25 views

CVE-2025-62493

CVE-2025-62493 affects the QuickJS engine, specifically the BigInt string conversion path (js_bigint_to_string1). The root cause is an off-by-one error in the calculation of the number of digits (n_digits) needed for the string representation, which can cause memory reads beyond the allocated Big...

6.5CVSS6AI score0.00348EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-35903

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: x86/bpf: Fix IP after emitting call depth accounting Adjust the IP passed to emitpatch so it...

5.5CVSS5.8AI score0.0021EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.9 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: nvkm: The available space of the GSP cmdq buffer is calculated correctly. r535gspcmdqpush waits for an available page in the GSP cmdq buffer when handling a large RPC request. When it encounters at least one available page in...

5.5CVSS6.6AI score0.0018EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/10/24 12:0 a.m.11 views

The vulnerability of the dcn302_fpu_update_bw_bounding_box() function in the amdgpu kernel of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the dcn302fpuupdatebwboundingbox function in the drivers/gpu/drm/amd/display/dc/dml/dcn302/dcn302fpu.c file of the amdgpu kernel in the Linux operating system is related to incorrect calculation of the index. Exploiting this vulnerability may allow an attacker to compromise t...

7.8CVSS7.1AI score0.00246EPSS
Exploits0References11Affected Software3
RedHat Linux
RedHat Linux
added 2024/01/31 7:11 a.m.5 views

Mozilla: Potential permissions request bypass via clickjacking

The Mozilla Foundation Security Advisory describes this flaw as: A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions...

8.8CVSS7.3AI score0.00837EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/08/03 1:57 p.m.7 views

Mozilla: Potential permissions request bypass via clickjacking

The Mozilla Foundation Security Advisory describes this flaw as: A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions...

8.8CVSS7.2AI score0.00582EPSS
Exploits1References8
Code423n4
Code423n4
added 2022/10/23 12:0 a.m.12 views

Redemption weight of tiered NFTs miscalculates, making users redeem incorrect amounts - Bug #1

Lines of code Vulnerability details Description Redemption weight is a concept used in Juicebox to determine investor's eligible percentage of the non-locked funds. In redeemParams, JB721Delegate calculates user's share using: uint256 redemptionWeight = redemptionWeightOfdecodedTokenIds; uint256...

6.5AI score
Exploits0
OSV
OSV
added 2017/09/09 8:29 a.m.2 views

UBUNTU-CVE-2017-14227

In MongoDB libbson 1.7.0, the bsonitercodewscope function in bson-iter.c miscalculates a bsonutf8validate length argument, which allows remote attackers to cause a denial of service heap-based buffer over-read in the bsonutf8validate function in bson-utf8.c, as demonstrated by bson-to-json.c...

7.5CVSS7.3AI score0.02797EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2016/11/03 8:8 a.m.7 views

nettle: secp256 calculation bug

The ecc256modq function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than...

9.8CVSS5.8AI score0.02791EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/07/03 5:12 a.m.4 views

Mozilla: Out-of-bound read while computing an oscillator rendering range in Web Audio (MFSA 2015-62)

The AudioParamTimeline::AudioNodeInputValue function in the Web Audio implementation in Mozilla Firefox before 39.0 and Firefox ESR 38.x before 38.1 does not properly calculate an oscillator rendering range, which allows remote attackers to obtain sensitive information from process memory or caus...

5CVSS7.4AI score0.02741EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2012/10/09 12:0 a.m.4 views

PT-2012-5408 · Oracle +1 · Mysql Server +1

Name of the Vulnerable Software and Affected Versions: MySQL versions 5.0.88 and possibly other versions Description: The issue allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified DATA DIRECTORY or INDEX DIRECTORY arguments. These argument...

2.1CVSS6AI score0.00398EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2012/02/14 12:0 a.m.39 views

Ubuntu 11.10 : linux vulnerabilities (USN-1363-1)

A bug was discovered in the Linux kernel's calculation of OOM Out of memory scores, that would result in the wrong process being killed. A user could use this to kill the process with the highest OOM score, even if that process belongs to another user or the system. CVE-2011-4097 A flaw was found...

7.8CVSS6.7AI score0.20492EPSS
Exploits11References6
Rows per page
Query Builder