CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

35 matches found

SUSE CVE•added 2026/05/28 3:54 a.m.•10 views

SUSE CVE-2026-45994

In the Linux kernel, the following vulnerability has been resolved: ibmasm: fix OOB reads in commandfilewrite due to missing size checks The commandfilewrite handler allocates a kernel buffer of exactly count bytes and copies user data into it, but does not validate the buffer against the dot...

5.5CVSS5.9AI score0.00126EPSS

Exploits0References3

EUVD•added 2026/05/27 3:33 p.m.•12 views

EUVD-2026-32290

5.9AI score0.00126EPSS

Exploits0References6

NVD•added 2026/05/27 2:17 p.m.•9 views

CVE-2026-45994

7.1CVSS0.00126EPSS

Exploits0References8

ATTACKERKB•added 2026/05/27 12:57 p.m.•7 views

CVE-2026-46064

In the Linux kernel, the following vulnerability has been resolved: ibmasm: fix heap over-read in ibmasmsendi2omessage The ibmasmsendi2omessage function uses getdotcommandsize to compute the byte count for memcpytoio, but this value is derived from user-controlled fields in the dotcommandheader...

5.8AI score0.00126EPSS

Exploits0References9Affected Software1

CVE•added 2026/05/27 12:55 p.m.•19 views

CVE-2026-45994

The CVE-2026-45994 issue affects the Linux kernel ibmasm: command_file_write, where a kernel buffer is allocated with count bytes and user data copied without validating against the dot command header, enabling out-of-bounds reads via get_dot_command_size/timeout and memcpy_toio. Patches introduc...

7.1CVSS5.9AI score0.00126EPSS

Exploits0References8Affected Software1

Positive Technologies•added 2026/05/27 12:0 a.m.•12 views

PT-2026-43861

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description An issue exists in the command file write handler where it allocates a kernel buffer based on a user-provided count but fails to validate this buffer against the dot command protocol before...

9.8CVSS6.1AI score0.03663EPSS

Exploits14References284

SUSE CVE•added 2026/04/03 11:28 p.m.•1 views

SUSE CVE-2026-23424

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Validate command buffer payload count The count field in the command header is used to determine the valid payload size. Verify that the valid payload does not exceed the remaining buffer space...

7.1CVSS5.9AI score0.00118EPSS

Exploits0References3

OSV•added 2026/04/03 2:16 p.m.•5 views

UBUNTU-CVE-2026-23424

7.1CVSS5.8AI score0.00118EPSS

Exploits0References6

ATTACKERKB•added 2026/04/03 1:24 p.m.•1 views

CVE-2026-23424

5.9AI score0.00118EPSS

Exploits0References4Affected Software1

RedHat Linux•added 2026/02/04 9:7 a.m.•3 views

kernel: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate command header size against SVGACMDMAXDATASIZE This data originates from userspace and is used in buffer offset calculations which could potentially overflow causing an out-of-bounds access...

5.9AI score0.00335EPSS

Exploits0References5

OSV•added 2026/02/03 5:20 p.m.•6 views

RLSA-2026:1148 Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: Bluetooth: hcievent: call disconnect callback before deleting conn CVE-2023-53673 kernel: ASoC: Intel: bytcrrt5640: Fix invalid...

7.8CVSS5.5AI score0.00335EPSS

Exploits0References5

RedHat Linux•added 2026/01/28 7:17 p.m.•5 views

kernel: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE

5.9AI score0.00335EPSS

Exploits0References5

RedHat Linux•added 2026/01/28 3:8 p.m.•2 views

kernel: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE

5.9AI score0.00335EPSS

Exploits0References5

RedHat Linux•added 2026/01/28 12:42 a.m.•4 views

kernel: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE