Lucene search
+L

598 matches found

osv
osv
added 2026/07/01 2:16 p.m.3 views

UBUNTU-CVE-2026-53356

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Fix phys BO pread/pwrite with offset sgpage returns struct page pointer not void so the scaling of pread/pwrite is wrong for phys BO and wrong parts of BO would be accessed if non-zero offset is used. Last impacted...

5.7AI score0.00164EPSS
Exploits0References11
nessus
nessus
added 2026/06/30 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-56786

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RTKLIB through 2.4.3 contains an out-of-bounds write vulnerability in decodetype1033 function that fails to clamp length counters to destination buffer size,...

9.8CVSS6.5AI score0.00422EPSS
Exploits1References3
vulnrichment
vulnrichment
added 2026/06/25 6:12 p.m.6 views

CVE-2026-56787 RTKLIB 2.4.3 - Off-by-One Out-of-Bounds Read in decode_ssr3 via RTCM3 SSR Message

RTKLIB through 2.4.3 contains an off-by-one out-of-bounds read vulnerability in the decodessr3 function at src/rtcm3.c:1446 that allows remote attackers to trigger a global buffer overflow via crafted RTCM3 SSR messages with attacker-controlled signal mode fields. Remote attackers can exploit thi...

6.9CVSS6.2AI score0.00325EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.13 views

PT-2026-52549

Name of the Vulnerable Software and Affected Versions RTKLIB versions prior to 2.4.4 Description An out-of-bounds write occurs in the decode type1033 function because length counters are not clamped to the destination buffer size. This allows an overflow of up to 191 bytes into fixed 64-byte...

9.8CVSS6.5AI score0.00422EPSS
Exploits1References6
github
github
added 2026/06/19 8:46 p.m.6 views

Python Liquid: Infinite loop when parsing malformed `{% case %}` tags

Impact Given a malformed % case % tag without associated % when % or % else % block, and no terminating % endcase % tag, Python Liquid hangs in an infinite loop at parse time. This allows malicious template authors to craft templates for a denial of service attack. Patches The issue is fixed in...

7.1CVSS5.8AI score0.00451EPSS
Exploits0References2Affected Software1
packetstormnews
packetstormnews
added 2026/06/02 12:0 a.m.12 views

Learn from Your Mistakes: Tree-Like Self-Play for Secure Code LLMs

While Large Language Models LLMs excel in code generation, they remain prone to replicating subtle yet critical vulnerabilities endemic to their training data. Current alignment techniques, such as Supervised Fine-Tuning SFT and Reinforcement Learning RL, typically apply coarse-grained optimizati...

5.9AI score
Exploits0
ptsecurity
ptsecurity
added 2026/05/28 12:0 a.m.20 views

PT-2026-44316

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the xfrm AH implementation where the system fails to account for Extended Sequence Number ESN high bits in asynchronous callbacks. When ESN is enabled, the asynchronou...

9.1CVSS5.9AI score0.00514EPSS
Exploits9References293
euvd
euvd
added 2026/05/27 12:56 p.m.17 views

EUVD-2026-32411

In the Linux kernel, the following vulnerability has been resolved: EDAC/versalnet: Fix devicenode leak in mcprobe ofparsephandle returns a devicenode reference that must be released with ofnodeput. The original code never freed r5corenode on any exit path, causing a memory leak. Fix this by usin...

5.8AI score0.00121EPSS
Exploits0References3
packetstormnews
packetstormnews
added 2026/05/26 12:0 a.m.14 views

HammerSim: A System-Level Tool to Model RowHammer

Modern architecture research relies on simulators to evaluate system security, yet analyzing emerging hardware vulnerabilities like RowHammer requires full-system visibility. As RowHammer vulnerabilities worsen with continuous technology scaling, existing simulators lack the system-level models...

5.8AI score
Exploits0
astralinux
astralinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in ffmpeg

A issue was discovered in the function filterframe in libavfilter/vflenscorrection.c in Ffmpeg 4.2.1. This issue allows attackers to cause a Denial of Service or other unspecified impacts due to a division by zero...

8.8CVSS7.1AI score0.01136EPSS
Exploits1References2
packetstormnews
packetstormnews
added 2026/05/06 12:0 a.m.10 views

Fundamental Limitations of Post-Quantum Cryptographic Architectures

Modern lattice-based cryptography, particularly the learning with errors paradigm, relies on injecting artificial noise to secure data against quantum adversaries. This study systematically examines the theoretical and physical boundaries of this noise-reliant model across four interconnected...

5.8AI score
Exploits0
ptsecurity
ptsecurity
added 2026/05/01 12:0 a.m.15 views

PT-2026-36418

In the Linux kernel, the following vulnerability has been resolved: spi: amlogic: spifc-a4: unregister ECC engine on probe failure and remove callback aml sfc probe registers the on-host NAND ECC engine, but teardown was missing from both probe unwind and remove-time cleanup. Add a devm cleanup...

5.8AI score0.00121EPSS
Exploits0References4
packetstormnews
packetstormnews
added 2026/04/27 12:0 a.m.12 views

AgentVisor: Defending LLM Agents against Prompt Injection Via Semantic Virtualization

Large Language Model LLM agents are increasingly used to automate complex workflows, but integrating untrusted external data with privileged execution exposes them to severe security risks, particularly direct and indirect prompt injection. Existing defenses face significant challenges in balanci...

5.7AI score
Exploits0
ptsecurity
ptsecurity
added 2026/04/27 12:0 a.m.8 views

PT-2026-35495

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the EDAC/mc component where the error path ordering in the edac mc alloc function is incorrect. When the mci-pvt info allocation fails, the system calls put device,...

7.8CVSS5.2AI score0.00132EPSS
Exploits0References119
redhat
redhat
added 2026/04/24 10:14 a.m.11 views

libpng: LIBPNG out-of-bounds read in png_image_read_composite

An out of bounds read vulnerability has been discovered in libpng. This vulnerability is in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger...

7.1CVSS6.2AI score0.00299EPSS
Exploits2References8
redhat
redhat
added 2026/04/23 4:7 p.m.10 views

libpng: LIBPNG out-of-bounds read in png_image_read_composite

An out of bounds read vulnerability has been discovered in libpng. This vulnerability is in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger...

7.1CVSS6.5AI score0.00299EPSS
Exploits2References8
redhat
redhat
added 2026/04/22 3:44 p.m.8 views

libpng: LIBPNG out-of-bounds read in png_image_read_composite

An out of bounds read vulnerability has been discovered in libpng. This vulnerability is in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger...

7.1CVSS5.6AI score0.00299EPSS
Exploits2References8
redhat
redhat
added 2026/04/22 1:51 p.m.8 views

libpng: LIBPNG out-of-bounds read in png_image_read_composite

An out of bounds read vulnerability has been discovered in libpng. This vulnerability is in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger...

7.1CVSS6.3AI score0.00299EPSS
Exploits2References8
schneier
schneier
added 2026/04/13 10:10 a.m.10 views

AI Chatbots and Trust

All the leading AI chatbots are sycophantic, and that's a problem: Participants rated sycophantic AI responses as more trustworthy than balanced ones. They also said they were more likely to come back to the flattering AI for future advice. And critically ­ they couldn't tell the difference betwe...

5.8AI score
Exploits0
osv
osv
added 2026/03/24 4:21 p.m.10 views

JLSEC-2026-6 LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portabl...

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing...

7.1CVSS6.3AI score0.00299EPSS
Exploits2References8
Rows per page
Query Builder