Lucene search
+L

1715 matches found

RedHat Linux
RedHat Linux
added 2026/02/26 4:25 a.m.8 views

kernel: Linux kernel: Use-after-free in teql queueing discipline can lead to privilege escalation

A flaw was found in the Linux kernel's networking component. A local attacker with low privileges could exploit a design issue in the teql queueing discipline, which is responsible for managing network traffic. By sending specially crafted network packets, an attacker could trigger a use-after-fr...

7.8CVSS6AI score0.00134EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/02/25 9:16 p.m.7 views

CVE-2026-26271

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a buffer overread in freerdpimagecopyfromicondata libfreerdp/codec/color.c can be triggered by crafted RDP Window Icon TSICONINFO data. The bug is reachable over the network when a client processes icon data...

6.9CVSS6AI score0.00242EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/02/25 12:28 a.m.6 views

kernel: Linux kernel ALSA USB audio driver: Buffer overflow leading to information disclosure and denial of service

A flaw was found in the ALSA USB audio driver of the Linux kernel. This vulnerability, a buffer overflow, occurs when the size of the Pulse-Code Modulation PCM stream data packets exceeds the maximum allowed by the USB descriptor. A local attacker could exploit this by providing specially crafted...

6.1AI score0.00222EPSS
Exploits0References5
NVD
NVD
added 2026/02/18 2:16 p.m.6 views

CVE-2025-33236

NVIDIA NeMo Framework contains a vulnerability where malicious data created by an attacker could cause code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...

7.8CVSS0.00175EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/18 1:55 p.m.35 views

CVE-2025-33236

NVIDIA NeMo Framework contains a vulnerability where malicious data created by an attacker could cause code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...

7.8CVSS0.00175EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/18 12:0 a.m.8 views

Bosch Rexroth IndraWorks 安全漏洞

Bosch Rexroth IndraWorks is a general engineering framework software developed by the German company Bosch Rexroth. Bosch Rexroth IndraWorks has a security vulnerability that stems from deserialization issues when parsing specially crafted files containing malicious serialized data, which may lea...

8.8CVSS7.4AI score0.00369EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/13 1:31 a.m.9 views

CVE-2025-67433

A heap buffer overflow in the processRequest function of Open TFTP Server MultiThreaded v1.7 allows attackers to cause a Denial of Service DoS via a crafted DATA packet...

7.5CVSS5.8AI score0.00391EPSS
Exploits0References1
NVD
NVD
added 2026/02/12 8:16 p.m.10 views

CVE-2025-67433

A heap buffer overflow in the processRequest function of Open TFTP Server MultiThreaded v1.7 allows attackers to cause a Denial of Service DoS via a crafted DATA packet...

7.5CVSS0.00391EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/12 12:0 a.m.6 views

PT-2026-7890

Name of the Vulnerable Software and Affected Versions Open TFTP Server MultiThreaded version 1.7 Description A heap buffer overflow exists in the processRequest function of Open TFTP Server MultiThreaded. This issue can be triggered by sending a crafted DATA packet, potentially leading to a Denia...

5.7AI score0.00391EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/02/12 12:0 a.m.4 views

CVE-2025-67433

A heap buffer overflow in the processRequest function of Open TFTP Server MultiThreaded v1.7 allows attackers to cause a Denial of Service DoS via a crafted DATA packet...

6.1AI score0.00391EPSS
Exploits0References3
CVE
CVE
added 2026/02/12 12:0 a.m.15 views

CVE-2025-67433

CVE-2025-67433 affects Open TFTP Server MultiThreaded v1.7. A heap buffer overflow in the processRequest() function can be triggered by crafted DATA packets, leading to Denial of Service. No remediation details are provided in the connected documents.

7.5CVSS5.8AI score0.00391EPSS
Exploits0References3
EUVD
EUVD
added 2026/02/03 7:26 p.m.8 views

EUVD-2025-206666

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . Prior to versions 3.4.1, 3.3.1, and 2.6.11, a heap buffer overflow exists in the Fast-DDS DATAFRAG receive path. An un authenticated sender can transmit a single malformed RTPS...

9.2CVSS5.9AI score0.00483EPSS
Exploits0References4
OSV
OSV
added 2026/02/03 4:32 p.m.6 views

CLSA-2026-1770136337 Fix CVE(s): CVE-2026-22796

SECURITY UPDATE: DoS by providing specially crafted PKCS7 data for signature verification - debian/patches/CVE-2026-22796.patch: ensure ASN1 types are checked before use - CVE-2026-22796...

5.3CVSS6.6AI score0.00502EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/02/02 12:0 a.m.6 views

EulerOS 2.0 SP13 : haproxy (EulerOS-SA-2026-1211)

According to the versions of the haproxy package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Inefficient algorithm complexity in mjson in HAProxy allows remote attackers to cause a denial of service via specially crafted JSON...

7.5CVSS7.1AI score0.00524EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/27 3:52 p.m.10 views

CVE-2026-22796

A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a denial of service DoS by providing specially crafted PKCS7 data to an application that performs signature verification. The vulnerability occurs because the application accesses an ASN1TYPE union...

5.9CVSS5.8AI score0.00502EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2026/01/23 2:47 a.m.7 views

CVE-2025-11002

7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this product is required to exploit this vulnerability but attack vectors may vary depending on...

7.8CVSS8AI score0.00517EPSS
Exploits1
CNNVD
CNNVD
added 2026/01/17 12:0 a.m.7 views

Absolute Secure Access security vulnerability

Absolute Secure Access is an application developed by Absolute Corporation. It provides secure service edge SSE services optimized for both mixed and mobile work environments. Versions of Absolute Secure Access prior to 14.20 contained a security vulnerability that could cause server crashes if...

7.5CVSS5.8AI score0.00281EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001076)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001076 advisory. The sctpsfootb function in net/sctp/smstatefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to...

10CVSS6.6AI score0.09144EPSS
Exploits0References26
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000845)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000845 advisory. net/ceph/authx.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly validate auth replies, which allows remote attackers to cause a denial of...

7.1CVSS6.3AI score0.04881EPSS
Exploits1References14
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.3 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002268)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002268 advisory. net/ceph/authx.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly validate auth replies, which allows remote attackers to cause a denial of...

7.1CVSS6.3AI score0.04881EPSS
Exploits1References14
Rows per page
Query Builder