Lucene search
K

14 matches found

SUSE CVE
SUSE CVE
added 2026/06/09 2:20 a.m.11 views

SUSE CVE-2026-48111

7-Zip is a file archiver with a high compression ratio. Versions 9.21 through 26.00 contain an off-by-one out-of-bounds read vulnerability in the ParseDepedencyExpression function of the UEFI firmware image parserCPP/7zip/Archive/UefiHandler.cpp. The function validates an attacker-controlled opco...

3.3CVSS5.4AI score0.00225EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/06/08 7:59 p.m.9 views

CVE-2026-40215

A race condition in OpenVPN 2.6.0 through 2.6.19 and 2.7alpha1 through 2.7.1 allows remote attackers to potentially cause a server crash or leak heap memory via a use-after-free triggered during TLS session promotion...

6.1CVSS5.5AI score0.00309EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/06/05 4:9 p.m.43 views

CVE-2026-48111 GHSL-2026-121 7-Zip UEFI DEPEX OOB Read

7-Zip is a file archiver with a high compression ratio. Versions 9.21 through 26.00 contain an off-by-one out-of-bounds read vulnerability in the ParseDepedencyExpression function of the UEFI firmware image parserCPP/7zip/Archive/UefiHandler.cpp. The function validates an attacker-controlled opco...

4.3CVSS0.00225EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux

A out-of-bounds memory read flaw was discovered in the Qualcomm IPC router protocol within the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, resulting in a system crash or the leakage of internal kernel information. The greatest threat posed ...

7.1CVSS6.7AI score0.0072EPSS
Exploits1References2
OSV
OSV
added 2026/04/12 7:16 p.m.6 views

UBUNTU-CVE-2026-40386

In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs...

7.1CVSS5.8AI score0.0014EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/09 3:3 p.m.2 views

CVE-2025-14551 Senstive information disclosure was affecting subiquity

In Ubuntu, Subiquity version 24.04.4 could leak sensitive user credentials during crash reporting. Upon installation failure, if a user submitted a bug report to Launchpad, Subiquity could include certain user credentials, such as the user's plaintext Wi-Fi password, in the attached logs...

6.9CVSS5.8AI score0.00278EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/01/19 3:14 a.m.7 views

kernel: smb: client: Fix use-after-free in cifs_fill_dirent

A use-after-free flaw was found in cifsfilldirent in fs/cifs/readdir.c in smb client in the Linux Kernel. This flaw could allow an attacker to crash the system due to race problem. This vulnerability could even lead to a kernel information leak problem...

7CVSS5.8AI score0.00181EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/02/20 12:31 p.m.10 views

kernel: OOB Access in smb2_dump_detail

An out-of-bounds read vulnerability was found in smb2dumpdetail in fs/smb/client/smb2ops.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information...

7.1CVSS7.2AI score0.0043EPSS
Exploits1References5
OSV
OSV
added 2023/12/08 5:15 p.m.3 views

UBUNTU-CVE-2023-6606

An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information...

7.1CVSS6.6AI score0.00526EPSS
Exploits1References20
OSV
OSV
added 2023/11/30 10:15 p.m.6 views

CVE-2023-5908

KEPServerEX is vulnerable to a buffer overflow which may allow an attacker to crash the product being accessed or leak information...

9.1CVSS6.1AI score
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/06/09 2:32 a.m.7 views

SUSE CVE-2023-3141

A use-after-free flaw was found in r592remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak...

6.1CVSS6.1AI score0.00437EPSS
Exploits0References26
SUSE CVE
SUSE CVE
added 2023/02/15 4:46 a.m.5 views

SUSE CVE-2017-7813

Inside the JavaScript parser, a cast of an integer to a narrower type can result in data read from outside the buffer being parsed. This usually results in a non-exploitable crash, but can leak a limited amount of information from memory if it matches JavaScript identifier syntax. This...

8.2CVSS8.6AI score0.01617EPSS
Exploits1References4
Microsoft CVE
Microsoft CVE
added 2022/08/03 7:0 a.m.6 views

A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. This flaw allows a local attacker to crash the system or leak internal kernel information.

...

7.1CVSS7.3AI score0.00304EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2020/03/31 8:15 p.m.8 views

ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled

A heap-based buffer over-read was discovered in ImageMagick in the way it selects an individual threshold for each pixel based on the range of intensity values in its local neighborhood due to a width of zero mishandle error. Applications compiled against ImageMagick libraries that accept...

8.8CVSS5.9AI score0.03133EPSS
Exploits1References4
Rows per page
Query Builder