Lucene search
K

107 matches found

EUVD
EUVD
added 2026/04/06 6:33 p.m.5 views

EUVD-2025-209231

Cryptographic issue while copying data to a destination buffer without validating its size...

7.1CVSS6AI score0.00095EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2026/03/03 12:40 p.m.5 views

Security update for freerdp

This update for freerdp fixes the following issues: CVE-2026-22855: heap-buffer-overflow in smartcardunpacksetattribcall bsc1256721. CVE-2026-22857: heap-use-after-free in irpthreadfunc bsc1256723. CVE-2026-23533: improper validation can lead to heap buffer overflow in cleardecompressresidualdata...

7.7CVSS6.1AI score0.00756EPSS
Exploits6References24
OSV
OSV
added 2026/03/03 12:40 p.m.4 views

SUSE-SU-2026:0761-1 Security update for freerdp

This update for freerdp fixes the following issues: - CVE-2026-22855: heap-buffer-overflow in smartcardunpacksetattribcall bsc1256721. - CVE-2026-22857: heap-use-after-free in irpthreadfunc bsc1256723. - CVE-2026-23533: improper validation can lead to heap buffer overflow in...

9.8CVSS6.1AI score0.00756EPSS
Exploits6References13
RedhatCVE
RedhatCVE
added 2026/01/15 12:24 a.m.8 views

CVE-2025-71070

A reference count leak flaw was found in the Linux kernel's ublk userspace block driver subsystem. When a ublk server process exits while requests are still pending, the reference counts for those requests are not properly decremented. This leads to WARNONONCE warnings and could potentially allow...

3.3CVSS5.3AI score0.00155EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/01/14 12:26 a.m.7 views

SUSE CVE-2025-71070

In the Linux kernel, the following vulnerability has been resolved: ublk: clean up user copy references on ublk server exit If a ublk server process releases a ublk char device file, any requests dispatched to the ublk server but not yet completed will retain a ref value of UBLKREFCOUNTINIT. Befo...

6.4AI score0.00155EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/01/13 4:16 p.m.5 views

CVE-2025-71070

In the Linux kernel, the following vulnerability has been resolved: ublk: clean up user copy references on ublk server exit If a ublk server process releases a ublk char device file, any requests dispatched to the ublk server but not yet completed will retain a ref value of UBLKREFCOUNTINIT. Befo...

5.8AI score0.00155EPSS
Exploits0References10
OSV
OSV
added 2026/01/13 4:16 p.m.5 views

UBUNTU-CVE-2025-71070

In the Linux kernel, the following vulnerability has been resolved: ublk: clean up user copy references on ublk server exit If a ublk server process releases a ublk char device file, any requests dispatched to the ublk server but not yet completed will retain a ref value of UBLKREFCOUNTINIT. Befo...

5.7AI score0.00155EPSS
Exploits0References11
OSV
OSV
added 2026/01/13 3:31 p.m.6 views

CVE-2025-71070 ublk: clean up user copy references on ublk server exit

In the Linux kernel, the following vulnerability has been resolved: ublk: clean up user copy references on ublk server exit If a ublk server process releases a ublk char device file, any requests dispatched to the ublk server but not yet completed will retain a ref value of UBLKREFCOUNTINIT. Befo...

6.3AI score0.00155EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.6 views

PT-2026-2591

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s ublk subsystem related to reference counting of user copy operations. Specifically, when a ublk server process releases a ublk character device file,...

7.8CVSS6.6AI score0.00186EPSS
Exploits0References166
RedhatCVE
RedhatCVE
added 2026/01/09 10:34 a.m.5 views

CVE-2017-18411

The "addon domain conversion" feature in cPanel before 67.9999.103 can copy all MySQL databases to the new account SEC-285...

6.8CVSS6.8AI score0.00884EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:30 a.m.7 views

CVE-2023-43525

Memory corruption while copying the sound model data from user to kernel buffer during sound model register...

7.8CVSS7.2AI score0.00109EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/30 3:30 p.m.3 views

EUVD-2022-55920

In the Linux kernel, the following vulnerability has been resolved: usb: musb: Fix musbgadget.c rxstate overflow bug The usb function device call musbgadgetqueue adds the passed request to musbep::reqlist,If the request-length musbep-packetsz and isbuffermappedreq return false,the rxstate will co...

6.2AI score0.00196EPSS
Exploits0References10
NVD
NVD
added 2025/12/30 1:16 p.m.6 views

CVE-2023-54286

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace A received TKIP key may be up to 32 bytes because it may contain MIC rx/tx keys too. These are not used by iwl and copying these over overflows the...

0.00177EPSS
Exploits0References8
NVD
NVD
added 2025/10/04 4:15 p.m.10 views

CVE-2023-53582

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: ensure CLM version is null-terminated to prevent stack-out-of-bounds Fix a stack-out-of-bounds read in brcmfmac that occurs when 'buf' that is not null-terminated is passed as an argument of strreplace in...

5.5CVSS0.00146EPSS
Exploits0References7
OSV
OSV
added 2025/10/04 4:15 p.m.3 views

UBUNTU-CVE-2023-53582

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: ensure CLM version is null-terminated to prevent stack-out-of-bounds Fix a stack-out-of-bounds read in brcmfmac that occurs when 'buf' that is not null-terminated is passed as an argument of strreplace in...

5.5CVSS6AI score0.00146EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2025/08/24 4:7 p.m.4 views

CVE-2025-38662

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8365-dai-i2s: pass correct size to mt8365daisetpriv Given mt8365daisetpriv allocate privsize space to copy privdata which means we should pass mt8365i2sprivi or "struct mtkafei2spriv" instead of afepriv which ha...

5.5CVSS6.3AI score0.00151EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/08/08 11:40 p.m.6 views

SUSE CVE-2020-26241

Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. This is a Consensus vulnerability in Geth before version 1.9.17 which can be used to cause a chain-split where vulnerable nodes reject the canonical chain. Geth's pre-compiled dataCopy at 0x00...04 contract di...

7.1CVSS6.8AI score0.01081EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/08/04 4:35 p.m.3 views

xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty

A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing f...

7.8CVSS5.9AI score0.0062EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: scsi: ufs: core: bsg: Fixed a crash that occurs when the arpmb command fails. If the device does not support arpmb, a crash will occur due to the copying of user data in bsgtransportsgiofn. In cases where...

5.5CVSS6.5AI score0.00189EPSS
Exploits0References3
Snyk
Snyk
added 2025/05/29 10:36 p.m.3 views

Arbitrary File Upload

Overview gradio is a Python library for easily interacting with trained machine learning models Affected versions of this package are vulnerable to Arbitrary File Upload through the shutil.copy operation in the FileData.copytodir method. An attacker can disrupt server operations by copying large ...

7.5CVSS7AI score0.0061EPSS
Exploits1References2
Rows per page
Query Builder