Lucene search
K

18 matches found

CVE
CVE
added 2026/07/02 4:6 p.m.14 views

CVE-2026-54886

The vulnerability CVE-2026-54886 affects Erlang/OTP's SSH server side (ssh_sftpd) and allows an authenticated SFTP client to trigger an infinite loop on a channel by sending SSH_MSG_CHANNEL_EXTENDED_DATA. The handle_data/4 clause tail-calls itself when a non-zero data_type_code arrives with an em...

5.3CVSS6AI score0.0033EPSS
Exploits0References5Affected Software2
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-53295

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mailbox: add sanity check for channel array Fail gracefully if there is no channel array attached to the mailbox controller. Otherwise the later dereference wil...

5.5CVSS6AI score0.00123EPSS
Exploits0References3
Amazon
Amazon
added 2026/06/08 12:0 a.m.21 views

Important: rclone

Issue Overview: Parsing a malicious font file can cause excessive memory allocation. CVE-2026-33812 An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected user...

10CVSS5.8AI score0.00513EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/24 9:44 p.m.5 views

CVE-2026-31647

A flaw was found in the Linux kernel's idpf driver. This vulnerability arises from improper nesting of spinlocks during asynchronous Virtual Channel VC handling. An attacker could potentially trigger an invalid wait context, leading to a system crash or denial of service. Mitigation To reduce...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.6 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987175)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987175 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: fix use-after-free in l2capconndel When l2caprecvframe is invoked to receive...

6.2AI score0.00024EPSS
Exploits0References4
NVD
NVD
added 2025/10/01 12:15 p.m.7 views

CVE-2023-53472

In the Linux kernel, the following vulnerability has been resolved: pwm: lpc32xx: Remove handling of PWM channels Because LPC32xx PWM controllers have only a single output which is registered as the only PWM device/channel per controller, it is known in advance that pwm-hwpwm value is always 0. O...

5.5CVSS0.00146EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/08/05 12:0 a.m.7 views

Russh 安全漏洞

Russh is a Rust SSH client-side and server-side library from the individual developers at Eugene. A security vulnerability exists in Russh 0.54.0 and earlier versions that stems from improper handling of SSH protocol channel window adjustment messages, which could lead to an integer overflow...

6.5CVSS6.4AI score0.00386EPSS
Exploits1References2
NVD
NVD
added 2025/07/03 9:15 a.m.16 views

CVE-2025-38133

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad4851: fix ad4858 chan pointer handling The pointer returned from ad4851parsechannelscommon is incremented internally as each channel is populated. In ad4858parsechannels, the same pointer was further incremented while...

7.8CVSS0.00155EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/07/03 8:35 a.m.8 views

CVE-2025-38133 iio: adc: ad4851: fix ad4858 chan pointer handling

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad4851: fix ad4858 chan pointer handling The pointer returned from ad4851parsechannelscommon is incremented internally as each channel is populated. In ad4858parsechannels, the same pointer was further incremented while...

0.00155EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/05/01 2:10 p.m.14 views

CVE-2022-49909

...

0.00024EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/02/27 2:7 a.m.4 views

CVE-2024-57991 wifi: rtw89: chan: fix soft lockup in rtw89_entity_recalc_mgnt_roles()

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: chan: fix soft lockup in rtw89entityrecalcmgntroles During rtw89entityrecalcmgntroles, there is a normalizing process which will re-order the list if an entry with target pattern is found. And once one is found, shou...

6AI score0.00203EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/02/26 2:11 a.m.10 views

CVE-2022-49378

In the Linux kernel, the following vulnerability has been resolved: sfc: fix considering that all channels have TX queues Normally, all channels have RX and TX queues, but this is not true if modparam efxseparatetxchannels=1 is used. In that cases, some channels only have RX queues and others onl...

5.5CVSS5.4AI score0.00252EPSS
Exploits0
Debian CVE
Debian CVE
added 2024/12/11 7:3 p.m.11 views

CVE-2024-47600

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been detected in the formatchannelmask function in gst-discoverer.c. The vulnerability affects the local array position, which is defined with a fixed size of 64 elements. However, the...

9.1CVSS6.7AI score0.01123EPSS
Exploits0
OSV
OSV
added 2023/01/16 3:1 p.m.3 views

OPENSUSE-SU-2023:0022-1 Security update for tor

This update for tor fixes the following issues: tor 0.4.7.13: fix SafeSocks option to avoid DNS leaks boo1207110, TROVE-2022-002 improve congestion control fix relay channel handling tor 0.4.7.12: new key for moria1 new metrics are exported on the MetricsPort for the congestion control subsystem...

7.2AI score
Exploits0References2
OSV
OSV
added 2022/12/16 5:37 p.m.7 views

CVE-2022-41972 Contiki-NG contains NULL Pointer Dereference in BLE L2CAP module

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. Versions prior to 4.9 contain a NULL Pointer Dereference in BLE L2CAP module. The Contiki-NG operating system for IoT devices contains a Bluetooth Low Energy stack. An attacker can inject a packet in th...

2.9CVSS6.5AI score0.00205EPSS
Exploits0References4
OSV
OSV
added 2019/11/12 7:15 p.m.2 views

CVE-2019-1424

A security feature bypass vulnerability exists when Windows Netlogon improperly handles a secure communications channel, aka 'NetLogon Security Feature Bypass Vulnerability'...

8.1CVSS5.8AI score0.02574EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2018/12/17 12:0 a.m.2 views

PT-2018-3819 · Freeware +2 · Faad2 +2

Name of the Vulnerable Software and Affected Versions: Freeware Advanced Audio Decoder 2 FAAD2 version 2.8.8 Description: The issue is related to the incorrect handling of a new PS channel in the sbr process channel function of the libfaad/sbr dec.c component of the FAAD2 audio decoder. This allo...

7.8CVSS6.1AI score0.01518EPSS
Exploits22References123
Tenable Nessus
Tenable Nessus
added 2014/07/28 12:0 a.m.41 views

AIX Java Advisory : java_apr2014_advisory.asc

The version of Java SDK installed on the remote host is potentially affected by the following vulnerabilities : - There is an information disclosure flaw in libjpeg and libjpeg-turbo allowing remote attackers access to uninitialized memory via crafted JPEG images. CVE-2013-6629 - A vulnerability ...

10CVSS8.4AI score0.10117EPSS
Exploits1References39
Rows per page
Query Builder