Lucene search
+L

133 matches found

Microsoft CVE
Microsoft CVE
added 2026/06/27 8:10 a.m.17 views

concurrent-ruby: `ReentrantReadWriteLock` read-count overflow grants a write lock without exclusivity

...

5.5CVSS5.8AI score0.00106EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:5 a.m.2 views

dm log: fix out-of-bounds write due to region_count overflow

...

7CVSS6.1AI score0.00127EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2026-53059

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm log: fix out-of-bounds write due to regioncount overflow The local variable regioncount in createlogcontext is declared as unsigned int 32-bit, but...

6.3CVSS5.9AI score0.00127EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/24 4:30 p.m.34 views

CVE-2026-53059 dm log: fix out-of-bounds write due to region_count overflow

In the Linux kernel, the following vulnerability has been resolved: dm log: fix out-of-bounds write due to regioncount overflow The local variable regioncount in createlogcontext is declared as unsigned int 32-bit, but dmsectordivup returns sectort 64-bit. When a device-mapper target has a...

0.00127EPSS
Exploits0References8
CVE
CVE
added 2026/06/24 4:30 p.m.18 views

CVE-2026-53059

CVE-2026-53059 affects the Linux kernel device-mapper log (dm_log) component. The root cause is an integer overflow: region_count is 32-bit, while dm_sector_div_up() returns 64-bit, so a large ti->len with a small region_size can overflow UINT_MAX. This truncation leads to undersized bitsets a...

6.3CVSS5.8AI score0.00127EPSS
Exploits0References11
OSV
OSV
added 2026/06/24 4:30 p.m.2 views

CVE-2026-53059 dm log: fix out-of-bounds write due to region_count overflow

In the Linux kernel, the following vulnerability has been resolved: dm log: fix out-of-bounds write due to regioncount overflow The local variable regioncount in createlogcontext is declared as unsigned int 32-bit, but dmsectordivup returns sectort 64-bit. When a device-mapper target has a...

6.3CVSS5.8AI score0.00127EPSS
Exploits0References14
OSV
OSV
added 2026/06/24 3:42 p.m.3 views

CVE-2026-54905 concurrent-ruby: `ReentrantReadWriteLock` read-count overflow grants a write lock without exclusivity

concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::ReentrantReadWriteLock can incorrectly grant a write lock after one thread acquires the read lock 32,768 times. The lock stores a thread's local read and write hold counts in one integer. The low 15 bits are used...

2CVSS5.9AI score0.00106EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.12 views

PT-2026-51953

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An integer overflow exists in the device-mapper log dm log component. The region count local variable in the create log context function is declared as a 32-bit unsigned integer, while t...

6.3CVSS5.9AI score0.00127EPSS
Exploits0References20
OSV
OSV
added 2026/06/19 8:47 p.m.8 views

GHSA-WV3X-4VXV-WHPP Concurrent Ruby: `ReentrantReadWriteLock` read-count overflow grants a write lock without exclusivity

Summary Concurrent::ReentrantReadWriteLock can incorrectly grant a write lock after one thread acquires the read lock 32,768 times. The lock stores a thread's local read and write hold counts in one integer. The low 15 bits are used for the read hold count, and bit 15 is used as WRITELOCKHELD...

2CVSS5.9AI score0.00106EPSS
Exploits0References2
OSV
OSV
added 2026/06/17 8:17 p.m.45 views

DEBIAN-CVE-2026-55199

libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authentication denial of service vulnerability in the SSHMSGEXTINFO handler in src/packet.c that allows a malicious SSH server to cause a client CPU exhaustion loop by sending a crafted extension count value. A malicious server can s...

7.5CVSS5.3AI score0.00408EPSS
Exploits1References1
NVD
NVD
added 2026/06/17 8:17 p.m.29 views

CVE-2026-55199

libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authentication denial of service vulnerability in the SSHMSGEXTINFO handler in src/packet.c that allows a malicious SSH server to cause a client CPU exhaustion loop by sending a crafted extension count value. A malicious server can s...

8.2CVSS0.00408EPSS
Exploits1References3
OSV
OSV
added 2026/06/17 6:44 p.m.2 views

CVE-2026-55199 libssh2 - Pre-Authentication DoS via SSH_MSG_EXT_INFO Handler

libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authentication denial of service vulnerability in the SSHMSGEXTINFO handler in src/packet.c that allows a malicious SSH server to cause a client CPU exhaustion loop by sending a crafted extension count value. A malicious server can s...

8.2CVSS7.1AI score0.00408EPSS
Exploits1References6
OSV
OSV
added 2026/06/16 4:58 a.m.11 views

MGASA-2026-0215 Updated libsndfile packages fix security vulnerabilities

CVE-2025-52194 A buffer overflow vulnerability exists in libsndfile version 1.2.2 and potentially earlier versions when processing malformed IRCAM audio files. The vulnerability occurs in the ircamreadheader function at src/ircam.c:164 during sample rate processing, leading to memory corruption a...

8.2CVSS5.8AI score0.00585EPSS
Exploits3References2
NVD
NVD
added 2026/06/15 6:16 p.m.17 views

CVE-2026-6039

LibreOffice can import drawings in the DXF format used by CAD software. A heap buffer overflow existed when importing a DXF polyline. The point count taken from the file was truncated to a 16-bit value when the point buffer was sized, while the full count was used to fill it, so a polyline whose...

6.9CVSS0.00157EPSS
Exploits0References1
OSV
OSV
added 2026/05/19 6:9 p.m.10 views

CLSA-2026-1779214181 vim: Fix of 4 CVEs

CVE-2022-3278: fix crash when using NUL in buffer that uses :source; don't get a next line when skipping over NL in evalnextnonblank eval.c, upstream patch 9.0.0552 - CVE-2023-48234: fix overflow when getting count for normal z command; break out of nvzet count loop when n LONGMAX/10 normal.c,...

6.8CVSS6.6AI score0.0082EPSS
Exploits1References1
OSV
OSV
added 2026/05/07 3:37 p.m.9 views

USN-8259-1 openexr vulnerabilities

Quang Luong discovered that OpenEXR incorrectly handled sample count accumulation when processing deep scan line image files. An attacker could possibly use this issue to cause OpenEXR to crash, resulting in a denial of service, or execute arbitrary code. CVE-2026-27622 It was discovered that...

8.8CVSS6.2AI score0.00482EPSS
Exploits4References4
Debian CVE
Debian CVE
added 2026/05/06 11:32 a.m.42 views

CVE-2025-71292

In the Linux kernel, the following vulnerability has been resolved: jfs: nlink overflow in jfsrename If nlink is maximal for a directory -1 and inside that directory you perform a rename for some child directory not moving from the parent, then the nlink of the first directory is first incremente...

5.5CVSS5.8AI score0.00128EPSS
Exploits0
OSV
OSV
added 2026/05/06 11:32 a.m.1 views

CVE-2025-71292 jfs: nlink overflow in jfs_rename

In the Linux kernel, the following vulnerability has been resolved: jfs: nlink overflow in jfsrename If nlink is maximal for a directory -1 and inside that directory you perform a rename for some child directory not moving from the parent, then the nlink of the first directory is first incremente...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References11
CVE
CVE
added 2026/05/06 7:40 a.m.23 views

CVE-2026-43075

The CVE-2026-43075 issue affects the Linux kernel’s ocfs2 filesystem code. A corrupted ocfs2 filesystem mounted on a loop device could trigger an out-of-bounds write in ocfs2_write_end_inline during a copy_file_range splice fallback, caused by trusting on-disk id_count to fit inline data. The roo...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References8Affected Software1
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.13 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an overflow in the nlink function of the jfs file system’s jfsrename function. This vulnerability may...

5.5CVSS5.9AI score0.00128EPSS
Exploits0References1
Rows per page
Query Builder