Lucene search
K

456494 matches found

EUVD
EUVD
added 2026/06/24 7:14 a.m.8 views

EUVD-2026-38702

In the Linux kernel, the following vulnerability has been resolved: xfrm: ipcomp: Free destination pages on acomp errors Move the outfreereq label up by a couple of lines so that the allocated dst SG list gets freed on error as well as success...

5.7AI score0.00339EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/24 7:14 a.m.9 views

CVE-2026-52932

In the Linux kernel, the following vulnerability has been resolved: xfrm: ipcomp: Free destination pages on acomp errors Move the outfreereq label up by a couple of lines so that the allocated dst SG list gets freed on error as well as success...

5.7AI score0.00339EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/06/24 7:14 a.m.7 views

CVE-2026-52932

In CVE-2026-52932, the Linux kernel xfrm IPcomp path contains a fix to ensure that the allocated destination scatter-gather (dst SG) list is freed on error as well as on success, preventing potential resource leaks. The root cause is improper memory deallocation during error handling in the xfrm ...

7.5CVSS5.7AI score0.00339EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/24 7:14 a.m.27 views

CVE-2026-52932 xfrm: ipcomp: Free destination pages on acomp errors

In the Linux kernel, the following vulnerability has been resolved: xfrm: ipcomp: Free destination pages on acomp errors Move the outfreereq label up by a couple of lines so that the allocated dst SG list gets freed on error as well as success...

7.5CVSS0.00339EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/24 7:14 a.m.5 views

CVE-2026-52932

In the Linux kernel, the following vulnerability has been resolved: xfrm: ipcomp: Free destination pages on acomp errors Move the outfreereq label up by a couple of lines so that the allocated dst SG list gets freed on error as well as success...

7.5CVSS5.6AI score0.00339EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 6:26 a.m.9 views

Malicious code in bn-lint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c14057d91b2283926b2b0c1093a66db17c40efbd0ceb21c29b0bdbfa79736da5 Package is published as 'bn-lint' but ships a verbatim copy of MikeMcl/big.js README, source, version banner v7.0.1, and repo URL all identify as...

5.9AI score
Exploits0References2
OSV
OSV
added 2026/06/24 6:26 a.m.5 views

MAL-2026-6376 Malicious code in bn-lint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c14057d91b2283926b2b0c1093a66db17c40efbd0ceb21c29b0bdbfa79736da5 Package is published as 'bn-lint' but ships a verbatim copy of MikeMcl/big.js README, source, version banner v7.0.1, and repo URL all identify as...

5.9AI score
Exploits0References2
OSV
OSV
added 2026/06/24 5:41 a.m.3 views

MGASA-2026-0231 Updated opensc packages fix security vulnerabilities

These packages fix security vulnerabilities: CVE-2026-10275, A flaw has been found in OpenSC up to 0.26.1. This affects the function testkpgencertwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key Generation Module. This manipulation causes buffer overflow. The attack is...

7.8CVSS5.5AI score0.00296EPSS
Exploits0References4
Mageia
Mageia
added 2026/06/24 5:41 a.m.4 views

Updated podofo packages fix security vulnerabilities

Podofo v0.9.8 shares some of the vulnerable code that was discovered in Podofo v0.10.0. This package fixes that. CVE-2023-31567 Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptAESV3::PdfEncryptAESV3. CVE-2023-31568 Podofo v0.10.0 was discovered ...

8.8CVSS6.1AI score0.00749EPSS
Exploits2References5
Mageia
Mageia
added 2026/06/24 5:41 a.m.4 views

Updated opensc packages fix security vulnerabilities

These packages fix security vulnerabilities: CVE-2026-10275, A flaw has been found in OpenSC up to 0.26.1. This affects the function testkpgencertwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key Generation Module. This manipulation causes buffer overflow. The attack is...

7.8CVSS5.2AI score0.00296EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 5:41 a.m.4 views

MGASA-2026-0229 Updated podofo packages fix security vulnerabilities

Podofo v0.9.8 shares some of the vulnerable code that was discovered in Podofo v0.10.0. This package fixes that. CVE-2023-31567 Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptAESV3::PdfEncryptAESV3. CVE-2023-31568 Podofo v0.10.0 was discovered ...

8.8CVSS7.3AI score0.00749EPSS
Exploits2References6
Veracode
Veracode
added 2026/06/24 5:36 a.m.7 views

Open Redirect

Nuxt is vulnerable to open redirect. The vulnerability is due to improper validation of path-normalized URLs in navigateTo, where specially crafted paths can bypass external-host checks after normalization, allowing attackers to redirect users to malicious websites and facilitate phishing attacks...

6.1CVSS5.9AI score0.00205EPSS
Exploits0References5Affected Software1
Veracode
Veracode
added 2026/06/24 5:30 a.m.8 views

Cross Site Scripting

Nuxt is vulnerable to cross-site scripting XSS. The vulnerability is due to improper input sanitization in the NoScript component, where untrusted slot content is written to innerHTML without escaping, allowing attackers to inject malicious scripts through user-controlled data that execute in the...

6.1CVSS5.6AI score0.00209EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/06/24 5:17 a.m.7 views

CVE-2026-9539

An out-of-bounds heap read and integer underflow in the TCP urgent data handling sosendoob in freedesktop.org libslirp version before v4.9.2 on hypervisor host environments e.g., QEMU allows a privileged guest VM attacker root or CAPNETRAW to leak gigabytes of sensitive host-process heap memory v...

6.5CVSS0.00106EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 5:17 a.m.4 views

UBUNTU-CVE-2026-9539

An out-of-bounds heap read and integer underflow in the TCP urgent data handling sosendoob in freedesktop.org libslirp version before v4.9.2 on hypervisor host environments e.g., QEMU allows a privileged guest VM attacker root or CAPNETRAW to leak gigabytes of sensitive host-process heap memory v...

6.5CVSS5.9AI score0.00106EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/24 5:8 a.m.5 views

python: Python: Cross-Site Scripting (XSS) vulnerability in http.cookies module

A flaw was found in Python's http.cookies module. The Morsel.jsoutput function, responsible for generating JavaScript output for cookies, does not properly neutralize the HTML sequence. This oversight could allow a remote attacker to inject malicious script into a web page, potentially leading to...

6.1CVSS6.4AI score0.00229EPSS
Exploits1References8
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:37 a.m.8 views

CVE-2026-9539

An out-of-bounds heap read and integer underflow in the TCP urgent data handling sosendoob in freedesktop.org libslirp version before v4.9.2 on hypervisor host environments e.g., QEMU allows a privileged guest VM attacker root or CAPNETRAW to leak gigabytes of sensitive host-process heap memory v...

6.5CVSS5.9AI score0.00106EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 4:37 a.m.10 views

EUVD-2026-38654

An out-of-bounds heap read and integer underflow in the TCP urgent data handling sosendoob in freedesktop.org libslirp version before v4.9.2 on hypervisor host environments e.g., QEMU allows a privileged guest VM attacker root or CAPNETRAW to leak gigabytes of sensitive host-process heap memory v...

6.5CVSS5.9AI score0.00106EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/24 4:37 a.m.33 views

CVE-2026-9539 libslirp TCP URG OOB Read Information Leak

An out-of-bounds heap read and integer underflow in the TCP urgent data handling sosendoob in freedesktop.org libslirp version before v4.9.2 on hypervisor host environments e.g., QEMU allows a privileged guest VM attacker root or CAPNETRAW to leak gigabytes of sensitive host-process heap memory v...

6.5CVSS0.00106EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/24 4:37 a.m.6 views

CVE-2026-9539 libslirp TCP URG OOB Read Information Leak

An out-of-bounds heap read and integer underflow in the TCP urgent data handling sosendoob in freedesktop.org libslirp version before v4.9.2 on hypervisor host environments e.g., QEMU allows a privileged guest VM attacker root or CAPNETRAW to leak gigabytes of sensitive host-process heap memory v...

6.5CVSS5.9AI score0.00106EPSS
Exploits0References3
Rows per page
Query Builder