Lucene search
+L

11 matches found

redhat
redhat
added 2026/07/07 6:28 a.m.4 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB SetMap request via mapWidths indexing

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. XkbSetMapChecks declares a fixed-size stack buffer mapWidths256 indexed by key type index. The helper function CheckKeyTypes writes to this buffer at a client-controlled offset, allowing a stack buffer overflow. This...

7.8CVSS7.5AI score0.00165EPSS
Exploits0References7
susecve
susecve
added 2026/06/06 2:45 a.m.12 views

SUSE CVE-2026-50259

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. XkbSetMapChecks declares a fixed-size stack buffer mapWidths256 indexed by key type index. The helper function CheckKeyTypes writes to this buffer at a client-controlled offset, allowing a stack buffer overflow. This...

7.8CVSS6AI score0.00165EPSS
Exploits0References10
attackerkb
attackerkb
added 2026/06/05 10:31 a.m.9 views

CVE-2026-50259

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. XkbSetMapChecks declares a fixed-size stack buffer mapWidths256 indexed by key type index. The helper function CheckKeyTypes writes to this buffer at a client-controlled offset, allowing a stack buffer overflow. This...

7.8CVSS6AI score0.00165EPSS
Exploits0References24
euvd
euvd
added 2026/06/05 10:31 a.m.13 views

EUVD-2026-34814

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. XkbSetMapChecks declares a fixed-size stack buffer mapWidths256 indexed by key type index. The helper function CheckKeyTypes writes to this buffer at a client-controlled offset, allowing a stack buffer overflow. This...

7.8CVSS6AI score0.00165EPSS
Exploits0References5
cvelist
cvelist
added 2026/06/05 10:31 a.m.79 views

CVE-2026-50259 Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: stack buffer overflow in xkb setmap request via mapwidths indexing

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. XkbSetMapChecks declares a fixed-size stack buffer mapWidths256 indexed by key type index. The helper function CheckKeyTypes writes to this buffer at a client-controlled offset, allowing a stack buffer overflow. This...

7.8CVSS0.00165EPSS
Exploits0References25
euvd
euvd
added 2026/06/02 2:17 p.m.11 views

EUVD-2026-33944

The Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the real-mode hook handler, implemented in napoca/kernel/handler.c. The handler uses a guest-controlled SS:SP-derived offset as an index into the 1MB RealModeMemory buffer without bounds validation. With...

8.5CVSS5.9AI score0.00118EPSS
Exploits0References1
anthropic
anthropic
added 2026/03/24 8:43 p.m.18 views

ANT-2026-HN9XZXJ9 · freerdp · heap

heap-buffer-overflow medium GHSA-mpxh-8fq3-x8mh GHSA-mvpx-xj7r-3p3r GHSA-p6r2-4hgm-m6ff Severity Claude critical · Security research firm medium · Maintainer unknown Discovered by Claude Mythos Preview REPORT Anthropic's analysis, sealed at approval. Disclosure to the maintainer was performed by...

6AI score
Exploits0
osv
osv
added 2024/03/06 11:19 a.m.26 views

BIT-TENSORFLOW-2021-29558 Heap buffer overflow in `SparseSplit`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in tf.rawops.SparseSplit. This is because the...

7.8CVSS7.7AI score0.00211EPSS
Exploits1References3
pypa
pypa
added 2021/05/14 8:15 p.m.7 views

PYSEC-2021-486

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in tf.rawops.SparseSplit. This is because the...

7.8CVSS7.4AI score0.00211EPSS
Exploits1References2Affected Software1
ptsecurity
ptsecurity
added 2021/05/14 12:0 a.m.5 views

PT-2021-18309 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow version 2.4.2 TensorFlow version 2.3.3 TensorFlow version 2.2.3 TensorFlow version 2.1.4 Description: An attacker can cause a heap buffer overflow in tf.raw ops.SparseSplit because the...

7.8CVSS7.7AI score0.00211EPSS
Exploits1References13
exploitdb
exploitdb
added 2016/03/23 12:0 a.m.38 views

Apple Mac OSX Kernel - Code Execution Due to Lack of Bounds Checking in AppleUSBPipe::Abort

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=728 External Method 36 of IOUSBInterfaceUserClient is AbortStreamPipe. It takes two scalar inputs and uses the second one as an array index to read a pointer to a C++ object without checking the bounds then calls a virtual method...

7.4AI score
Exploits0
Rows per page
Query Builder