Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

20 matches found

EUVD
EUVDadded 2026/05/06 12:30 p.m.1 views

EUVD-2026-27710

In the Linux kernel, the following vulnerability has been resolved: net: wan/fslucchdlc: Fix dmafreecoherent in uhdlcmemclean The priv-rxbuffer and priv-txbuffer are alloc'd together as contiguous buffers in uhdlcinit but freed as two buffers in uhdlcmemclean. Change the cleanup to only call...

5.8AI score0.00013EPSS
Exploits0References9
ATTACKERKB
ATTACKERKBadded 2026/05/06 11:27 a.m.1 views

CVE-2026-43149

In the Linux kernel, the following vulnerability has been resolved: net: wan/fslucchdlc: Fix dmafreecoherent in uhdlcmemclean The priv-rxbuffer and priv-txbuffer are alloc'd together as contiguous buffers in uhdlcinit but freed as two buffers in uhdlcmemclean. Change the cleanup to only call...

5.7AI score0.00013EPSS
Exploits0References9Affected Software1
CVE
CVEadded 2026/05/06 11:27 a.m.3 views

CVE-2026-43149

The CVE-2026-43149 issue affects the Linux kernel: the net: wan/fsl_ucc_hdlc driver allocated priv->rx_buffer and priv->tx_buffer as a single contiguous block in uhdlc_init(), but incorrectly freed them as two buffers in uhdlc_memclean() by calling dma_free_coherent() twice. The fix changes...

5.5CVSS5.8AI score0.00013EPSS
Exploits0References8Affected Software1
Cvelist
Cvelistadded 2026/05/06 11:27 a.m.19 views

CVE-2026-43149 net: wan/fsl_ucc_hdlc: Fix dma_free_coherent() in uhdlc_memclean()

In the Linux kernel, the following vulnerability has been resolved: net: wan/fslucchdlc: Fix dmafreecoherent in uhdlcmemclean The priv-rxbuffer and priv-txbuffer are alloc'd together as contiguous buffers in uhdlcinit but freed as two buffers in uhdlcmemclean. Change the cleanup to only call...

0.00013EPSS
Exploits0References8
Positive Technologies
Positive Technologiesadded 2026/05/06 12:0 a.m.4 views

PT-2026-37489

In the Linux kernel, the following vulnerability has been resolved: net: wan/fsl ucc hdlc: Fix dma free coherent in uhdlc memclean The priv-rx buffer and priv-tx buffer are alloc'd together as contiguous buffers in uhdlc init but freed as two buffers in uhdlc memclean. Change the cleanup to only...

5.9AI score0.00013EPSS
Exploits0References9
Tenable Nessus
Tenable Nessusadded 2026/04/27 12:0 a.m.3 views

Fedora 44 : python-cryptography (2026-aa318887d6)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-aa318887d6 advisory. Changelog Wed Apr 8 2026 Jeremy Cline - 46.0.7-1 - Update to 46.0.7 - SECURITY ISSUE: Fixed an issue where non-contiguous buffers could be passed to APIs tha...

9.8CVSS5.5AI score0.00023EPSS
Exploits0References2
SUSE CVE
SUSE CVEadded 2026/04/10 11:25 p.m.2 views

SUSE CVE-2026-39892

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers e.g. Hash.update, this could lead to buffer overflows. This vulnerability is fixed in...

5.3CVSS6AI score0.00023EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2026/04/09 9:58 p.m.3 views

CVE-2026-39892

A flaw was found in the cryptography library. This vulnerability occurs when a non-contiguous buffer is passed to certain application programming interfaces APIs that accept Python buffers, such as Hash.update. A remote attacker could exploit this to cause a buffer overflow, potentially leading t...

9.8CVSS6AI score0.00023EPSS
Exploits0References6
NVD
NVDadded 2026/04/08 9:17 p.m.2 views

CVE-2026-39892

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers e.g. Hash.update, this could lead to buffer overflows. This vulnerability is fixed in...

9.8CVSS0.00023EPSS
Exploits0References2
PyPA
PyPAadded 2026/04/08 9:17 p.m.3 views

PYSEC-2026-36

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers e.g. Hash.update, this could lead to buffer overflows. This vulnerability is fixed in...

9.8CVSS5.9AI score0.00023EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2026/04/08 9:17 p.m.2 views

PYSEC-2026-36

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers e.g. Hash.update, this could lead to buffer overflows. This vulnerability is fixed in...

9.8CVSS5.9AI score0.00023EPSS
Exploits0References2
UbuntuCve
UbuntuCveadded 2026/04/08 9:17 p.m.1 views

CVE-2026-39892

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers e.g. Hash.update, this could lead to buffer overflows. This vulnerability is fixed in...

9.8CVSS6AI score0.00023EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/04/08 8:49 p.m.17 views

CVE-2026-39892 cryptography has a buffer overflow if non-contiguous buffers were passed to APIs

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers e.g. Hash.update, this could lead to buffer overflows. This vulnerability is fixed in...

6.9CVSS0.00023EPSS
Exploits0References1
CVE
CVEadded 2026/04/08 8:49 p.m.20 views

CVE-2026-39892

CVE-2026-39892 affects the Python package cryptography. From 45.0.0 to before 46.0.7, passing a non-contiguous buffer to APIs that accept Python buffers (e.g., Hash.update()) could cause buffer overflows. The issue is fixed in version 46.0.7. Remediation: upgrade to cryptography 46.0.7 or later.

9.8CVSS6.1AI score0.00023EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinuxadded 2026/04/08 8:49 p.m.2 views

CVE-2026-39892

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers e.g. Hash.update, this could lead to buffer overflows. This vulnerability is fixed in...

9.8CVSS6.1AI score0.00023EPSS
Exploits0
OSV
OSVadded 2026/04/08 7:23 p.m.1 views

GHSA-P423-J2CM-9VMQ Cryptography vulnerable to buffer overflow if non-contiguous buffers were passed to APIs

If a non-contiguous buffer was passed to APIs which accepted Python buffers e.g. Hash.update, this could lead to buffer overflows. For example: python h = HashSHA256 b.updatebuf::-1 would read past the end of the buffer on Python 3.11...

6.9CVSS6AI score0.00023EPSS
Exploits0References4
Snyk
Snykadded 2026/04/08 7:23 p.m.2 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the update function when non-contiguous buffers are provided as input. An attacker can cause memory corruption or unintended behavior by supplying specially crafted non-contiguous buffers to APIs that accept Pytho...

9.8CVSS5.8AI score0.00023EPSS
Exploits0References2
EUVD
EUVDadded 2026/04/08 7:23 p.m.2 views

EUVD-2026-20640

Cryptography vulnerable to buffer overflow if non-contiguous buffers were passed to APIs...

6.9CVSS6.2AI score0.00023EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/04/08 12:0 a.m.2 views

PT-2026-31459

Name of the Vulnerable Software and Affected Versions cryptography versions 45.0.0 through 46.0.6 Description The cryptography package, designed for cryptographic primitives in Python, contains a flaw where non-contiguous buffers passed to APIs accepting Python buffers e.g., Hash.update can lead ...

6.9CVSS6.1AI score0.00023EPSS
Exploits0References11
CVE
CVEadded 2025/09/16 1:8 p.m.18 views

CVE-2025-39836

CVE-2025-39836 is a Linux kernel issue described as resolved: the EFI stmm path allocated a communication buffer with kmalloc(), while the consumer expects contiguous pages, risking corruptions/BUGs. The fix switches from kmalloc() to alloc_pages_exact() in setup_mm_hdr() so buffers passed to tee...

7.8CVSS6.3AI score0.00017EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder