Lucene search
K

91 matches found

NVD
NVD
added 2026/06/25 9:16 a.m.6 views

CVE-2026-53224

In the Linux kernel, the following vulnerability has been resolved: sctp: validate embedded INIT chunk and address list lengths in cookie sctpunpackcookie only checked that the embedded INIT chunk length did not exceed the remaining cookie payload, but did not ensure that the INIT chunk is large...

9.1CVSS0.00547EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 9:16 a.m.5 views

UBUNTU-CVE-2026-53246

In the Linux kernel, the following vulnerability has been resolved: sctp: validate cached peer INIT chunk length in COOKIEECHO processing When a listening SCTP server processes a COOKIEECHO chunk, the cached peer INIT chunk embedded after the cookie is parsed and its parameters are later walked b...

9.8CVSS5.9AI score0.00481EPSS
Exploits0References6
OSV
OSV
added 2026/06/25 8:39 a.m.2 views

CVE-2026-53246 sctp: validate cached peer INIT chunk length in COOKIE_ECHO processing

In the Linux kernel, the following vulnerability has been resolved: sctp: validate cached peer INIT chunk length in COOKIEECHO processing When a listening SCTP server processes a COOKIEECHO chunk, the cached peer INIT chunk embedded after the cookie is parsed and its parameters are later walked b...

9.8CVSS6AI score0.00481EPSS
Exploits0References6
CVE
CVE
added 2026/06/25 8:39 a.m.39 views

CVE-2026-53224

The vulnerability CVE-2026-53224 affects the Linux kernel SCTP implementation. The issue arises from insufficient validation of embedded INIT chunks and address list lengths in cookies: sctp_unpack_cookie() may accept a truncated INIT chunk, and the subsequent sctp_process_init() could read INIT ...

9.1CVSS5.7AI score0.00547EPSS
Exploits0References3Affected Software1
RustSec
RustSec
added 2026/06/06 12:0 p.m.23 views

DoS vulnerability in HTTP/1.x chunked encoding parser triggered by maliciously crafted chunk lengths

When using the affected versions of the vibeio-http crate, an attacker could craft a malicious HTTP/1.x request with a large chunk length between usize::MAX - 1 and usize::MAX inclusive and send it, causing the server to crash integer overflow panic in debug builds, splitto out of bounds panic in...

5.5AI score
Exploits0Affected Software1
OSV
OSV
added 2026/05/06 12:11 p.m.4 views

SUSE-SU-2026:1716-1 Security update for libpng12

This update for libpng12 fixes the following issues: Update to version 1.2.59 jscPED-16191. Security issues : - CVE-2017-12652: missing chunk length check can lead to sensitive information disclosure, data corruption or crash bsc1141493. - CVE-2026-33416: use-after-free via pointer aliasing in...

9.8CVSS7.2AI score0.04113EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 7 : libpng-1.5.13-8.el7 (AXSA:2020-552:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-552:01 advisory. libpng: does not check length of chunks against user limit CVE-2017-12652 CVE-2017-12652 libpng before 1.6.32 does not properly check the length of chunks...

9.8CVSS5.6AI score0.04113EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2011-1574

Malware in sbrugna...

5.9CVSS5.9AI score0.02791EPSS
Exploits1References11
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-4191

Malware in sbrugna...

9.8CVSS6.5AI score0.04113EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-2029

Malware in sbrugna...

7.5CVSS6.8AI score0.0628EPSS
Exploits0References47
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-1867

Malicious code in bioql PyPI...

7.5CVSS6.8AI score0.01762EPSS
Exploits1References8
Microsoft CVE
Microsoft CVE
added 2025/03/14 7:0 a.m.4 views

libpng before 1.6.32 does not properly check the length of chunks against the user limit.

...

9.8CVSS6.8AI score0.04113EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/05 5:42 p.m.26 views

Security Bulletin: Vulnerabilities in snappy-java affect watsonx.data

Summary Snappy-java is vulnerable to a denial of service, caused by either an integer overflow, use of an unchecked chunk length or missing upper bound check on chunk length. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2023-34453 DESCRIPTION: snappy-java is vulnerable to a deni...

7.5CVSS7.8AI score0.01762EPSS
Exploits3Affected Software1
RedHat Linux
RedHat Linux
added 2024/05/30 8:24 p.m.4 views

snappy-java: Missing upper bound check on chunk length in snappy-java can lead to Denial of Service (DoS) impact

A flaw was found in SnappyInputStream in snappy-java, a data compression library in Java. This issue occurs when decompressing data with a too-large chunk size due to a missing upper bound check on chunk length. An unrecoverable fatal error can occur, resulting in a Denial of Service DoS...

7.5CVSS7.3AI score0.0104EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2024/03/11 6:15 p.m.33 views

CVE-2024-26616

In the Linux kernel, the following vulnerability has been resolved: btrfs: scrub: avoid use-after-free when chunk length is not 64K aligned BUG There is a bug report that, on a ext4-converted btrfs, scrub leads to various problems, including: - "unable to find chunk map" errors BTRFS info device...

7.8CVSS6.2AI score0.00291EPSS
Exploits0References13
OSV
OSV
added 2024/03/11 6:15 p.m.6 views

UBUNTU-CVE-2024-26616

In the Linux kernel, the following vulnerability has been resolved: btrfs: scrub: avoid use-after-free when chunk length is not 64K aligned BUG There is a bug report that, on a ext4-converted btrfs, scrub leads to various problems, including: - "unable to find chunk map" errors BTRFS info device...

7.8CVSS6.2AI score0.00291EPSS
Exploits0References14
Vulnrichment
Vulnrichment
added 2024/02/29 3:52 p.m.21 views

CVE-2024-26616 btrfs: scrub: avoid use-after-free when chunk length is not 64K aligned

In the Linux kernel, the following vulnerability has been resolved: btrfs: scrub: avoid use-after-free when chunk length is not 64K aligned BUG There is a bug report that, on a ext4-converted btrfs, scrub leads to various problems, including: - "unable to find chunk map" errors BTRFS info device...

6.6AI score0.00291EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/02/29 3:52 p.m.37 views

CVE-2024-26616 btrfs: scrub: avoid use-after-free when chunk length is not 64K aligned

In the Linux kernel, the following vulnerability has been resolved: btrfs: scrub: avoid use-after-free when chunk length is not 64K aligned BUG There is a bug report that, on a ext4-converted btrfs, scrub leads to various problems, including: - "unable to find chunk map" errors BTRFS info device...

7.5AI score0.00291EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/01/18 12:0 a.m.11 views

PT-2024-3787 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the fixed version Description: The vulnerability is related to a use-after-free issue in the btrfs file system when the chunk length is not 64K aligned. This can lead to various problems, including "unable to fi...

7.8CVSS6.8AI score0.78388EPSS
Exploits2References467
RedHat Linux
RedHat Linux
added 2023/12/05 2:36 p.m.5 views

snappy-java: Unchecked chunk length leads to DoS

A flaw was found in Snappy-java's fileSnappyInputStream hasNextChunk function, which does not sufficiently evaluate input bytes before beginning operations. This issue could allow an attacker to send malicious input to trigger an out of memory error that crashes the program, resulting in a denial...

7.5CVSS7.3AI score0.01762EPSS
Exploits1References4
Rows per page
Query Builder