Lucene search
K

504 matches found

EUVD
EUVD
added 2026/04/01 9:31 a.m.3 views

EUVD-2026-17834

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix side-effect bug in matchchar macro usage The matchchar macro evaluates its character parameter multiple times when traversing differential encoding chains. When invoked with str++, the string pointer advances on eac...

5.9AI score0.00177EPSS
Exploits0References6
NVD
NVD
added 2026/04/01 9:16 a.m.6 views

CVE-2026-23406

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix side-effect bug in matchchar macro usage The matchchar macro evaluates its character parameter multiple times when traversing differential encoding chains. When invoked with str++, the string pointer advances on eac...

7.8CVSS0.00177EPSS
Exploits0References8
OSV
OSV
added 2026/04/01 9:16 a.m.6 views

UBUNTU-CVE-2026-23406

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix side-effect bug in matchchar macro usage The matchchar macro evaluates its character parameter multiple times when traversing differential encoding chains. When invoked with str++, the string pointer advances on eac...

7.8CVSS5.9AI score0.00177EPSS
Exploits0References16
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.11 views

PT-2026-29489

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.19.0-rc7-next-20260127 Description The Linux kernel contains a flaw within the apparmor subsystem, specifically in the match char macro. This macro incorrectly evaluates its character parameter multiple times...

7.8CVSS6.7AI score0.00177EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/03/12 1:35 p.m.7 views

freerdp: FreeRDP global-buffer-overflow

A global buffer overflow flaw has been discovered in FreeRDP. This global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = 0 can be...

9.1CVSS5.9AI score0.00599EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/03/12 8:52 a.m.2 views

freerdp: FreeRDP global-buffer-overflow

A global buffer overflow flaw has been discovered in FreeRDP. This global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = 0 can be...

9.1CVSS5.9AI score0.00599EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/03/12 8:32 a.m.3 views

freerdp: FreeRDP global-buffer-overflow

A global buffer overflow flaw has been discovered in FreeRDP. This global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = 0 can be...

9.1CVSS5.9AI score0.00599EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/03/09 6:7 p.m.5 views

freerdp: FreeRDP global-buffer-overflow

A global buffer overflow flaw has been discovered in FreeRDP. This global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = 0 can be...

9.1CVSS5.9AI score0.00599EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/02/25 11:24 a.m.2 views

freerdp: FreeRDP global-buffer-overflow

A global buffer overflow flaw has been discovered in FreeRDP. This global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = 0 can be...

9.1CVSS5.9AI score0.00599EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/02/23 10:55 a.m.2 views

freerdp: FreeRDP global-buffer-overflow

A global buffer overflow flaw has been discovered in FreeRDP. This global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = 0 can be...

9.1CVSS5.9AI score0.00599EPSS
Exploits1References6
The Hacker News
The Hacker News
added 2026/02/23 7:25 a.m.15 views

MuddyWater Targets MENA Organizations with GhostFetch, CHAR, and HTTP_VIP

The Iranian hacking group known as MuddyWater aka Earth Vetala, Mango Sandstorm, and MUDDYCOAST has targeted several organizations and individuals mainly located across the Middle East and North Africa MENA region as part of a new campaign codenamed Operation Olalampo. The activity, first observe...

6AI score
Exploits0
OSV
OSV
added 2026/01/28 6:16 p.m.4 views

CVE-2020-36972

SmartBlog 2.0.1 contains a blind SQL injection vulnerability in the 'idpost' parameter of the details controller that allows attackers to extract database information. Attackers can systematically test and retrieve database contents by injecting crafted SQL queries that compare...

7.5CVSS5.8AI score0.00282EPSS
Exploits1References3
Snyk
Snyk
added 2026/01/27 9:30 a.m.2 views

Improperly Controlled Sequential Memory Allocation

Overview com.foxinmy:weixin4j-base is a 微信开发基础工程 Affected versions of this package are vulnerable to Improperly Controlled Sequential Memory Allocation due to improper control of memory allocation in the CharArrayBuffer and ClassUtil components. An attacker can cause excessive memory consumption ...

6.3CVSS5.9AI score0.00432EPSS
Exploits0References2
OSV
OSV
added 2026/01/27 9:15 a.m.6 views

CVE-2026-24819

Improperly Controlled Sequential Memory Allocation vulnerability in foxinmy weixin4j weixin4j-base/src/main/java/com/foxinmy/weixin4j/util modules. This vulnerability is associated with program files CharArrayBuffer.Java, ClassUtil.Java. This issue affects weixin4j...

6.3CVSS5.8AI score0.00432EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/27 8:55 a.m.5 views

CVE-2026-24819 An out-of-memory (OOM) issue in foxinmy/weixin4j

Improperly Controlled Sequential Memory Allocation vulnerability in foxinmy weixin4j weixin4j-base/src/main/java/com/foxinmy/weixin4j/util modules. This vulnerability is associated with program files CharArrayBuffer.Java, ClassUtil.Java. This issue affects weixin4j...

6.3CVSS5.9AI score0.00432EPSS
Exploits0References1
CVE
CVE
added 2026/01/27 8:55 a.m.17 views

CVE-2026-24819

CVE-2026-24819 refers to an Improperly Controlled Sequential Memory Allocation in foxinmy/weixin4j (weixin4j-base module), affecting CharArrayBuffer and ClassUtil Java components. Public descriptions in Red Hat, Snyk, and OSV entries confirm the issue impacts weixin4j across versions, with memory...

6.3CVSS5.9AI score0.00432EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/27 8:55 a.m.5 views

CVE-2026-24819

Improperly Controlled Sequential Memory Allocation vulnerability in foxinmy weixin4j weixin4j-base/src/main/java/com/foxinmy/weixin4j/util modules. This vulnerability is associated with program files CharArrayBuffer.Java, ClassUtil.Java. This issue affects weixin4j...

6.3CVSS5.9AI score0.00432EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/27 12:0 a.m.6 views

weixin4j security vulnerabilities

Weixin4j is a WeChat development toolkit personally developed by Jinyu. Weixin4j has security vulnerabilities, which stem from improper control over sequential memory allocation in the program files CharArrayBuffer.Java and ClassUtil.Java...

6.3CVSS5.8AI score0.00432EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/01/16 12:25 a.m.5 views

SUSE CVE-2026-22858

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = ...

6.8CVSS7AI score0.00599EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.6 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002348)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002348 advisory. The bcmcharioctl function in drivers/staging/bcm/Bcmchar.c in the Linux kernel before 3.12 does not initialize a certain data structure, which allows local users to...

4.9CVSS7.8AI score0.00446EPSS
Exploits0References20
Rows per page
Query Builder