Lucene search
+L

256 matches found

AlpineLinux
AlpineLinux
added 2026/07/08 2:55 p.m.12 views

CVE-2026-49147

App::Ack versions through 3.10.0 for Perl print unsanitised terminal escape sequences from filenames in several output modes. When ack prints a filename whose basename contains terminal control bytes such as ANSI escape sequences, those bytes reach the terminal unchanged. Version 3.10.0 added a...

7.5CVSS5.9AI score0.00329EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in the persistentcachereadentryv3 function in libfreerdp/cache/persistent.c, persistent-bmpSize was updated before winpralignedrecalloc. If realloc fails, bmpSize is inflated while bmpData points to the old...

7.1CVSS6.2AI score0.001EPSS
Exploits0References3
OSV
OSV
added 2026/06/20 6:27 p.m.4 views

CVE-2026-56340 vLLM - Denial of Service via Unvalidated Multimodal Embeddings

vLLM versions = 0.10.2 and 0.13.0 are missing sparse tensor validation in multimodal embeddings processing. Because PyTorch disables sparse tensor invariant checks by default, an attacker can submit crafted embedding requests with malformed negative or out-of-bounds tensor indices, when the...

8.7CVSS6AI score0.00352EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/17 8:14 a.m.8 views

firefox: Memory safety bugs fixed in Firefox ESR 115.36, Firefox ESR 140.11 and Firefox 151

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.35, Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these...

8.8CVSS5.8AI score0.00429EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/09 8:16 a.m.12 views

firefox: thunderbird: Memory safety bugs fixed in Thunderbird ESR 140.10.1 and Thunderbird 150.0.1

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort som...

8.8CVSS6.1AI score0.00316EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2026-46117

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/mana: Remove user triggerable WARNON in manaibcreateqprss Sashiko points out that the user can specify WQs sharing the same CQ as a part of the uAPI and th...

7.8CVSS7.1AI score0.00129EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.23 views

PT-2026-44240

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A flaw exists in the RDMA mana component where a user can specify Work Queues WQs sharing the same Completion Queue CQ as part of the user API. This action triggers a WARN ON condition with...

9.8CVSS5.9AI score0.00513EPSS
Exploits7References336
EUVD
EUVD
added 2026/05/27 12:57 p.m.21 views

EUVD-2026-32427

In the Linux kernel, the following vulnerability has been resolved: md/md-llbitmap: skip reading rdevs that are not insync When reading bitmap pages from member disks, the code iterates through all rdevs and attempts to read from the first available one. However, it only checks for raiddisk...

5.8AI score0.00127EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-45985

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: don't set EXT4GETBLOCKSCONVERT when splitting before submitting I/O When allocating blocks during within-EOF DIO and writeback with dioreadnolock enabled,...

5.5CVSS6.1AI score0.00123EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in lz4

LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4write32 related to LZ4compressdestSize, affecting applications that call LZ4compressfast with a large input. This issue can also lead to data corruption. NOTE: The vendor states that “only a few specific/rare uses of the API are at risk.”...

8.1CVSS7.3AI score0.09116EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/20 2:54 a.m.12 views

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corrupti...

7.5CVSS5.9AI score0.00513EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/19 9:52 p.m.9 views

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort som...

7.5CVSS6.1AI score0.00375EPSS
Exploits0References6
CVE
CVE
added 2026/05/19 12:30 p.m.35 views

CVE-2026-8974

CVE-2026-8974 concerns memory-safety bugs in Thunderbird 140.10 and Thunderbird 150 that could enable arbitrary code execution; fixes are available in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11. Multiple vendor advisories (e.g., openSUSE SUSE 10813-1, Slackware advis...

8.8CVSS6AI score0.00332EPSS
Exploits0References5Affected Software2
NVD
NVD
added 2026/05/16 4:16 p.m.24 views

CVE-2020-37239

libbabl 0.1.62 contains a broken double free detection vulnerability that allows attackers to bypass memory safety checks by exploiting signature overwriting in freed chunks. Attackers can call bablfree twice on the same pointer without triggering detection, as libc's malloc metadata overwrites...

9.8CVSS0.00459EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/05/06 11:41 a.m.7 views

thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and w...

9.8CVSS5.9AI score0.00329EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-43044

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: caam - fix DMA corruption on long hmac keys When a key longer than block size is supplied, it is copied and then hashed into the real key. The memory...

7.8CVSS6.3AI score0.0012EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/01 3:48 p.m.7 views

EUVD-2026-26664

Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel an...

7.8CVSS5.9AI score0.00148EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/01 12:0 a.m.5 views

EUVD-2026-26689

miaofng/uds-c commit e506334e270d77b20c0bc259ac6c7d8c9b702b7a 2016-10-05 contains a stack buffer overflow in senddiagnosticrequest. A 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 receives memcpy at offset 1+pidlength with payloadlength bytes. MAXUDSREQUESTPAYLOADLENGTH=7, so 1+2+7=10 exceeds...

8.8CVSS6AI score0.00254EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2026/04/23 4:38 p.m.5 views

Security update for go1.26-openssl

This update for go1.26-openssl fixes the following issues: Update to go1.26.2 bsc1255111. CVE-2026-27140: cmd/go: trust layer bypass when using cgo and SWIG bsc1261653. CVE-2026-27143: cmd/compile: possible memory corruption after bound check elimination bsc1261654. CVE-2026-27144: cmd/compile:...

7.5CVSS5.6AI score0.00621EPSS
Exploits0References44
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-35344

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The dd utility in uutils coreutils suppresses errors during file truncation operations by unconditionally calling Result::ok on truncation attempts. While...

3.3CVSS5.6AI score0.00115EPSS
Exploits0References3
Rows per page
Query Builder