Lucene search
K

1247 matches found

OSV
OSV
added 2026/02/25 9:16 p.m.3 views

UBUNTU-CVE-2026-26965

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, in the RLE planar decode path, planardecompressplanerle writes into pDstData at nYDst+y nDstStep + 4nXDst + nChannel without verifying that nYDst+nSrcHeight fits in the destination height or that...

8.8CVSS5.9AI score0.00591EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/02/25 8:59 p.m.23 views

CVE-2026-26965 FreeRDP has Out-of-bounds Write

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, in the RLE planar decode path, planardecompressplanerle writes into pDstData at nYDst+y nDstStep + 4nXDst + nChannel without verifying that nYDst+nSrcHeight fits in the destination height or that...

8.8CVSS0.00591EPSS
Exploits1References2
AlpineLinux
AlpineLinux
added 2026/02/25 8:59 p.m.4 views

CVE-2026-26965

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, in the RLE planar decode path, planardecompressplanerle writes into pDstData at nYDst+y nDstStep + 4nXDst + nChannel without verifying that nYDst+nSrcHeight fits in the destination height or that...

8.8CVSS6AI score0.00591EPSS
Exploits1
Packet Storm News
Packet Storm News
added 2026/02/21 12:0 a.m.4 views

Routing-Aware Explanations for Mixture of Experts Graph Models in Malware Detection

Mixture-of-Experts MoE offers flexible graph reasoning by combining multiple views of a graph through a learned router. We investigate routing-aware explanations for MoE graph models in malware detection using control flow graphs CFGs. Our architecture builds diversity at two levels. At the node...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/18 12:0 a.m.3 views

Aether Smart Contract Security Analysis Framework 4.7.1

Aether is a Python-based framework for analyzing Solidity smart contracts, generating vulnerability findings, producing Foundry-based proof-of-concept PoC tests, and validating exploits on mainnet forks. It combines Solidity AST parsing, taint analysis, control flow graph analysis, cross-contract...

5.5AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/02/16 2:23 p.m.5 views

CVE-2026-23128

A flaw was found in the Linux kernel on arm64 systems with Control Flow Integrity CFI enabled. During hibernate resume, the swsusparchresume function attempts to verify a CFI hash when calling swsusparchsuspendexit, which is marked as SYMCODE and lacks a CFI hash. This causes a data abort DABT an...

5.5CVSS5.3AI score0.00114EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/14 3:16 p.m.5 views

CVE-2026-23128

In the Linux kernel, the following vulnerability has been resolved: arm64: Set nocfi on swsusparchresume A DABT is reported1 on an android based system when resume from hiberate. This happens because swsusparchsuspendexit is marked with SYMCODE and does not have a CFI hash, but swsusparchresume...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References27
OSV
OSV
added 2026/02/14 3:16 p.m.4 views

UBUNTU-CVE-2026-23128

In the Linux kernel, the following vulnerability has been resolved: arm64: Set nocfi on swsusparchresume A DABT is reported1 on an android based system when resume from hiberate. This happens because swsusparchsuspendexit is marked with SYMCODE and does not have a CFI hash, but swsusparchresume...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References31
Cvelist
Cvelist
added 2026/02/14 3:9 p.m.25 views

CVE-2026-23128 arm64: Set __nocfi on swsusp_arch_resume()

In the Linux kernel, the following vulnerability has been resolved: arm64: Set nocfi on swsusparchresume A DABT is reported1 on an android based system when resume from hiberate. This happens because swsusparchsuspendexit is marked with SYMCODE and does not have a CFI hash, but swsusparchresume...

0.00114EPSS
Exploits0References5
CVE
CVE
added 2026/02/14 3:9 p.m.22 views

CVE-2026-23128

CVE-2026-23128 affects the Linux kernel on ARM64, where the hibernation resume path swsusp_arch_resume() could trigger a Control-Flow Integrity (CFI) hash check mismatch during resume, leading to a DABT fault on Android-based devices. The root cause is that swsusp_arch_suspend_exit() is not accom...

5.5CVSS5.5AI score0.00114EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/02/14 3:9 p.m.2 views

CVE-2026-23128 arm64: Set __nocfi on swsusp_arch_resume()

In the Linux kernel, the following vulnerability has been resolved: arm64: Set nocfi on swsusparchresume A DABT is reported1 on an android based system when resume from hiberate. This happens because swsusparchsuspendexit is marked with SYMCODE and does not have a CFI hash, but swsusparchresume...

5.5CVSS5.6AI score0.00114EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/02/14 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-23128

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - arm64: Set nocfi on swsusparchresume A DABT is reported1 on an android based system when resume from hiberate. This happens because swsusparchsuspendexit is...

5.5CVSS6.4AI score0.00114EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/14 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the CFI check is not disabled for swsusparchresume in arm64, potentially leading to...

5.5CVSS6AI score0.00114EPSS
Exploits0References5
NVD
NVD
added 2026/02/11 1:15 p.m.9 views

CVE-2025-58466

A use of uninitialized variable vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to denial of service conditions, or modify control flow in unexpected ways. We have alread...

5.1CVSS0.00503EPSS
Exploits0References1
OSV
OSV
added 2026/02/11 1:15 p.m.6 views

CVE-2025-58466

A use of uninitialized variable vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to denial of service conditions, or modify control flow in unexpected ways. We have alread...

4.9CVSS5.8AI score0.00503EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/11 12:16 p.m.4 views

CVE-2025-58466 QTS, QuTS hero

A use of uninitialized variable vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to denial of service conditions, or modify control flow in unexpected ways. We have alread...

5.1CVSS5.7AI score0.00503EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/11 12:16 p.m.4 views

CVE-2025-58466

A use of uninitialized variable vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to denial of service conditions, or modify control flow in unexpected ways. We have alread...

5.1CVSS5.7AI score0.00503EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/02/11 12:16 p.m.12 views

CVE-2025-58466

CVE-2025-58466 affects QNAP QTS and QuTS hero: a use of uninitialized variable issue that can be exploited by an attacker with an administrator account to cause denial of service or alter control flow. Affected: QTS before 5.2.8.3332 build 20251128 and earlier; QuTS hero before h5.2.8.3321 build ...

5.1CVSS5.7AI score0.00503EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.6 views

PT-2026-7563

Name of the Vulnerable Software and Affected Versions QNAP QTS versions prior to 5.2.8.3332 build 20251128 QNAP QuTS hero versions prior to h5.2.8.3321 build 20251117 Description A use of uninitialized variable issue exists in QNAP operating systems. A remote attacker gaining administrator access...

5.1CVSS5.6AI score0.00503EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.8 views

QNAP Systems QTS和QNAP Systems QuTS hero 安全漏洞

QNAP Systems QTS and QNAP Systems QuTS Hero are both software products with data storage and management functions developed by QNAP Systems, a company based in Taiwan, China. There were security vulnerabilities in versions of QNAP Systems QTS 5.2.8.3332 and QNAP Systems QuTS Hero h5.2.8.3321. The...

5.1CVSS5.8AI score0.00503EPSS
Exploits0References2
Rows per page
Query Builder