Lucene search
K

597 matches found

OSV
OSV
added 2026/07/01 2:16 p.m.3 views

UBUNTU-CVE-2026-53356

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Fix phys BO pread/pwrite with offset sgpage returns struct page pointer not void so the scaling of pread/pwrite is wrong for phys BO and wrong parts of BO would be accessed if non-zero offset is used. Last impacted...

5.7AI score0.00164EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-56786

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RTKLIB through 2.4.3 contains an out-of-bounds write vulnerability in decodetype1033 function that fails to clamp length counters to destination buffer size,...

9.8CVSS6.5AI score0.00422EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.12 views

PT-2026-52549

Name of the Vulnerable Software and Affected Versions RTKLIB versions prior to 2.4.4 Description An out-of-bounds write occurs in the decode type1033 function because length counters are not clamped to the destination buffer size. This allows an overflow of up to 191 bytes into fixed 64-byte...

9.8CVSS6.5AI score0.00422EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2026/06/19 8:46 p.m.6 views

Python Liquid: Infinite loop when parsing malformed `{% case %}` tags

Impact Given a malformed % case % tag without associated % when % or % else % block, and no terminating % endcase % tag, Python Liquid hangs in an infinite loop at parse time. This allows malicious template authors to craft templates for a denial of service attack. Patches The issue is fixed in...

7.1CVSS5.8AI score0.00451EPSS
Exploits0References2Affected Software1
Packet Storm News
Packet Storm News
added 2026/06/02 12:0 a.m.12 views

Learn from Your Mistakes: Tree-Like Self-Play for Secure Code LLMs

While Large Language Models LLMs excel in code generation, they remain prone to replicating subtle yet critical vulnerabilities endemic to their training data. Current alignment techniques, such as Supervised Fine-Tuning SFT and Reinforcement Learning RL, typically apply coarse-grained optimizati...

5.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.20 views

PT-2026-44316

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the xfrm AH implementation where the system fails to account for Extended Sequence Number ESN high bits in asynchronous callbacks. When ESN is enabled, the asynchronou...

9.1CVSS5.9AI score0.00514EPSS
Exploits9References293
EUVD
EUVD
added 2026/05/27 12:56 p.m.17 views

EUVD-2026-32411

In the Linux kernel, the following vulnerability has been resolved: EDAC/versalnet: Fix devicenode leak in mcprobe ofparsephandle returns a devicenode reference that must be released with ofnodeput. The original code never freed r5corenode on any exit path, causing a memory leak. Fix this by usin...

5.8AI score0.00121EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2026/05/26 12:0 a.m.14 views

HammerSim: A System-Level Tool to Model RowHammer

Modern architecture research relies on simulators to evaluate system security, yet analyzing emerging hardware vulnerabilities like RowHammer requires full-system visibility. As RowHammer vulnerabilities worsen with continuous technology scaling, existing simulators lack the system-level models...

5.8AI score
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in ffmpeg

A issue was discovered in the function filterframe in libavfilter/vflenscorrection.c in Ffmpeg 4.2.1. This issue allows attackers to cause a Denial of Service or other unspecified impacts due to a division by zero...

8.8CVSS7.1AI score0.01136EPSS
Exploits1References2
Packet Storm News
Packet Storm News
added 2026/05/06 12:0 a.m.10 views

Fundamental Limitations of Post-Quantum Cryptographic Architectures

Modern lattice-based cryptography, particularly the learning with errors paradigm, relies on injecting artificial noise to secure data against quantum adversaries. This study systematically examines the theoretical and physical boundaries of this noise-reliant model across four interconnected...

5.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.15 views

PT-2026-36418

In the Linux kernel, the following vulnerability has been resolved: spi: amlogic: spifc-a4: unregister ECC engine on probe failure and remove callback aml sfc probe registers the on-host NAND ECC engine, but teardown was missing from both probe unwind and remove-time cleanup. Add a devm cleanup...

5.8AI score0.00121EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2026/04/27 12:0 a.m.12 views

AgentVisor: Defending LLM Agents against Prompt Injection Via Semantic Virtualization

Large Language Model LLM agents are increasingly used to automate complex workflows, but integrating untrusted external data with privileged execution exposes them to severe security risks, particularly direct and indirect prompt injection. Existing defenses face significant challenges in balanci...

5.7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.8 views

PT-2026-35495

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the EDAC/mc component where the error path ordering in the edac mc alloc function is incorrect. When the mci-pvt info allocation fails, the system calls put device,...

7.8CVSS5.2AI score0.00132EPSS
Exploits0References119
RedHat Linux
RedHat Linux
added 2026/04/24 10:14 a.m.11 views

libpng: LIBPNG out-of-bounds read in png_image_read_composite

An out of bounds read vulnerability has been discovered in libpng. This vulnerability is in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger...

7.1CVSS6.2AI score0.00299EPSS
Exploits2References8
RedHat Linux
RedHat Linux
added 2026/04/23 4:7 p.m.10 views

libpng: LIBPNG out-of-bounds read in png_image_read_composite

An out of bounds read vulnerability has been discovered in libpng. This vulnerability is in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger...

7.1CVSS6.5AI score0.00299EPSS
Exploits2References8
RedHat Linux
RedHat Linux
added 2026/04/22 3:44 p.m.8 views

libpng: LIBPNG out-of-bounds read in png_image_read_composite

An out of bounds read vulnerability has been discovered in libpng. This vulnerability is in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger...

7.1CVSS5.6AI score0.00299EPSS
Exploits2References8
RedHat Linux
RedHat Linux
added 2026/04/22 1:51 p.m.8 views

libpng: LIBPNG out-of-bounds read in png_image_read_composite

An out of bounds read vulnerability has been discovered in libpng. This vulnerability is in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger...

7.1CVSS6.3AI score0.00299EPSS
Exploits2References8
Schneier on Security
Schneier on Security
added 2026/04/13 10:10 a.m.10 views

AI Chatbots and Trust

All the leading AI chatbots are sycophantic, and that's a problem: Participants rated sycophantic AI responses as more trustworthy than balanced ones. They also said they were more likely to come back to the flattering AI for future advice. And critically ­ they couldn't tell the difference betwe...

5.8AI score
Exploits0
OSV
OSV
added 2026/03/24 4:21 p.m.10 views

JLSEC-2026-6 LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl...

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing...

7.1CVSS6.3AI score0.00299EPSS
Exploits2References8
AstraLinux
AstraLinux
added 2026/03/03 9:29 a.m.3 views

Astra Linux – Vulnerability in libpng1.6

LIBPNG is a reference library used in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.52, there was an out-of-bounds read vulnerability in libpng’s simplified API, allowing for reading of up to 10^12 bytes beyond the...

7.1CVSS6.4AI score0.00299EPSS
Exploits2References3
Rows per page
Query Builder