Lucene search
+L

35 matches found

Cvelist
Cvelist
added 2026/07/04 11:56 a.m.39 views

CVE-2026-53362 ipv6: account for fraggap on the paged allocation path

In the Linux kernel, the following vulnerability has been resolved: ipv6: account for fraggap on the paged allocation path In ip6appenddata, when the paged-allocation branch is taken MSGMORE / NETIFFSG / large fraglen, alloclen and pagedlen are computed as alloclen = fragheaderlen + transhdrlen;...

7.8CVSS0.00176EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/05 7:37 p.m.10 views

CVE-2026-41664

Integer overflow in memory copy size calculation in Samsung Open Source ONE could lead to invalid memory operations with large tensor shapes. Affected version is prior to commit 1.30.0...

6.6CVSS5.5AI score0.00102EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 1:30 a.m.32 views

CVE-2026-9632

CVE-2026-9632 affects UTT HiPER 1250GW (up to version 3.2.7-210907-180535). The vulnerability resides in the Web Management Interface, specifically the strcpy call in /goform/formGroupConfig, where manipulating the Profile argument can cause a stack-based buffer overflow. This flaw enables a remo...

9CVSS7.7AI score0.00463EPSS
Exploits0References4
NVD
NVD
added 2026/05/26 4:16 p.m.19 views

CVE-2026-48686

FastNetMon Community Edition through 1.2.9 contains a stack-based buffer overflow in the BGP NLRI Network Layer Reachability Information decoder. The function decodebgpsubnetencodingipv4raw in src/bgpprotocol.cpp reads prefixbitlength directly from the BGP packet line 99 without validating it is ...

9.8CVSS0.00565EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe/migrate: Do not overflow the maximum copy size. With non-page-aligned copies, we need to use a pitch that is 4 bytes in size. However, the size of the copied data may still be close to our maximum of approximately 8M. As a...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/05 7:30 p.m.7 views

EUVD-2026-27462

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, several ProcessServer handlers KillAllHandler, SuspendAllHandler, and RunSandboxedHandler copy a WCHAR boxname34 field from request structures into WCHAR40 stack buffers using wcscpy...

7.3CVSS6.2AI score0.00174EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/22 9:31 a.m.7 views

EUVD-2026-24624

Integer overflow in tensor copy size calculation in Samsung Open Source ONE could lead to out of bounds access during loop state propagation. Affected version is prior to commit 1.30.0...

6.6CVSS5.8AI score0.00138EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/22 9:31 a.m.7 views

EUVD-2026-24618

Integer overflow in output tensor copy size calculation in Samsung Open Source ONE could cause incorrect copy length and memory corruption for oversized tensors. Affected version is prior to commit 1.30.0...

6.6CVSS5.8AI score0.00138EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/22 5:56 a.m.31 views

CVE-2026-41666

Integer overflow in tensor copy size calculation in Samsung Open Source ONE could lead to out of bounds access during loop state propagation. Affected version is prior to commit 1.30.0...

6.6CVSS0.00138EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013207)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013207 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace A received TKIP key may b...

5.6AI score0.00177EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/06 6:33 p.m.15 views

EUVD-2025-209224

Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation...

7.8CVSS6AI score0.00098EPSS
Exploits0References2
OSV
OSV
added 2026/01/21 12:15 p.m.10 views

AZL-75020 CVE-2026-0988 affecting package glib 2.71.0-9

A flaw was found in glib. Missing validation of offset and count parameters in the gbufferedinputstreampeek function can lead to an integer overflow during length calculation. When specially crafted values are provided, this overflow results in an incorrect size being passed to memcpy, triggering...

3.7CVSS6.2AI score0.00396EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/21 11:38 a.m.5 views

CVE-2026-0988

A flaw was found in glib. Missing validation of offset and count parameters in the gbufferedinputstreampeek function can lead to an integer overflow during length calculation. When specially crafted values are provided, this overflow results in an incorrect size being passed to memcpy, triggering...

3.7CVSS5.9AI score0.00396EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/08 12:0 a.m.3 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : mozjs60 (SUSE-SU-2026:0044-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0044-1 advisory. - CVE-2024-45492: embedded expat: detect integer overflow in function nextScaffoldPart bsc123003...

9.8CVSS7.5AI score0.01686EPSS
Exploits0References13
EUVD
EUVD
added 2025/12/30 3:30 p.m.6 views

EUVD-2022-55829

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix slab-out-of-bounds in rpage When PAGESIZE is 64K, if readlogpage is called by logreadrst for the first time, the size of buffer would be equal to DefaultLogPageSize4K.But for buffer operations like memcpy, if the...

6.1AI score0.00168EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/12/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-54286

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace A received TKIP key may be up to 32 bytes because it may contain MIC rx/tx keys too. The...

6.5AI score0.00177EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/20 12:0 a.m.11 views

PT-2025-42748

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A buffer overflow issue exists in the USB 9pfs transport layer. Inconsistent size validation between packet header parsing and actual data copying allows a malicious USB host to overflow...

7.8CVSS5.7AI score0.00519EPSS
Exploits5References598
RedHat Linux
RedHat Linux
added 2025/10/15 11:39 a.m.6 views

kernel: usb: dwc3: gadget: check that event count does not exceed event buffer length

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: check that event count does not exceed event buffer length The event count is read from register DWC3GEVNTCOUNT. There is a check for the count being zero, but not for exceeding the event buffer length. Check...

7.8CVSS6.9AI score0.0019EPSS
Exploits0References5
OSV
OSV
added 2025/10/01 12:15 p.m.6 views

UBUNTU-CVE-2022-50440

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate the box size for the snooped cursor Invalid userspace dma surface copies could potentially overflow the memcpy from the surface to the snooped image leading to crashes. To fix it the dimensions of the copybox...

5.5CVSS5.9AI score0.00149EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2025/09/11 12:0 a.m.7 views

PT-2025-37200

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel’s drm/xe/migrate module related to handling copy sizes during migration. Specifically, when dealing with non-page aligned copies and pitches, the...

5.8AI score0.00128EPSS
Exploits0References4
Rows per page
Query Builder