Lucene search
K

294 matches found

RedHat Linux
RedHat Linux
added 2026/07/02 12:3 a.m.4 views

netty: io.netty/netty-codec-compression: io.netty/netty-codec: Netty: Denial of Service via excessive memory allocation in LZ4FrameDecoder

A flaw was found in Netty, an asynchronous, event-driven network application framework. A remote attacker can exploit this vulnerability by sending a specially crafted LZ4 compressed data stream. This can cause the Lz4FrameDecoder to allocate a large amount of memory up to 32 MB per block before...

7.5CVSS5.9AI score0.00429EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.11 views

PT-2026-55477

Name of the Vulnerable Software and Affected Versions Algernon version 1.17.8 Description On Windows hosts using the NTFS filesystem, an unauthenticated client can retrieve the raw source code of server-side scripts such as .lua, .tl, .po2, .amber, or .frm located on public paths. This occurs...

8.7CVSS6.1AI score0.00077EPSS
Exploits0References4
OSV
OSV
added 2026/06/30 12:0 a.m.16 views

MAL-2026-6695 Malicious code in ts-bn-proto (npm)

Malicious npm package published as part of a coordinated DeFi-themed infostealer campaign. ts-bn-proto embeds an infostealer payload directly in index.js with a base64-encoded C2 address data-stream.space, executed at install time via a postinstall hook. The payload harvests cryptocurrency wallet...

6.3AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/29 6:4 a.m.7 views

Malicious code in poly-kelly (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d3df5266b6e9d9347844e4e054ab744aad9517c6f55df4e68e6c6815e843da7 On npm install, the package's postinstall script reads the homepage field from package.json set to...

5.9AI score
Exploits0References5
Cvelist
Cvelist
added 2026/06/28 1:32 a.m.39 views

CVE-2026-58052 7-Zip - Mark-of-the-Web Bypass via RAR5 Alternate Data Stream Name Collision

7-Zip for Windows through 26.02 fails to preserve the Mark-of-the-Web when extracting a crafted RAR5 archive, because its guard that suppresses an archive-supplied Zone.Identifier stream matches the exact name 'Zone.Identifier' while a RAR5 STM record named ':Zone.Identifier:$DATA' is not matched...

4.8CVSS0.00119EPSS
Exploits0References3
OSV
OSV
added 2026/06/23 4:11 p.m.7 views

MAL-2026-6317 Malicious code in ts-bn-lint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e591f0b407bc22e3abe20da9207df2d2922f75d98ab97aaa62557ca88b8fc349 [email protected] is a credential harvester disguised as a TypeScript/lint utility. index.js defines decodeStr which base64-decodes all operationally...

5.9AI score
Exploits0References2
Cvelist
Cvelist
added 2026/06/22 4:10 p.m.32 views

CVE-2026-53571 Vite: `server.fs.deny` bypass on Windows alternate paths

Vite is a frontend tooling framework for JavaScript. Prior to 8.0.16, 7.3.5, and 6.4.3, the contents of files that are specified by server.fs.deny can be returned to the browser on Windows. Vite’s dev server denies direct access to sensitive files through server.fs.deny, including entries such as...

8.2CVSS0.00393EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.16 views

PT-2026-49574

Name of the Vulnerable Software and Affected Versions Vite versions prior to 8.0.16 Vite versions prior to 7.3.5 Vite versions prior to 6.4.3 Description On Windows, the development server fails to correctly normalize NTFS Alternate Data Streams ADS path forms and 8.3 short name compatibility pat...

8.2CVSS5.8AI score0.00393EPSS
Exploits2References7
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.14 views

PT-2026-47112

OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opj jp2 read header may lead to OOB heap memory write when the data stream p stream is too short and p image is not initialized...

7.5CVSS5.5AI score
Exploits0References4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not skip unrelated mode changes during DSC validation. Starting with the commit 17ce8a6907f7 drm/amd/display: Add dsc pre-validation in atomic check, amdgpu resets the modeChanged flag to false when recomputin...

7.8CVSS5.7AI score0.00135EPSS
Exploits0References1
Mageia
Mageia
added 2026/05/16 6:17 a.m.16 views

Updated dpkg packages fix security vulnerabilities

It was discovered that dpkg-deb a component of dpkg, the Debian package management system does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service infinite loop spinning the CPU...

7.5CVSS5.8AI score0.00418EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/07 2:21 a.m.19 views

SUSE CVE-2026-31747

In the Linux kernel, the following vulnerability has been resolved: comedi: me4000: Fix potential overrun of firmware buffer me4000xilinxdownload loads the firmware that was requested by requestfirmware. It is possible for it to overrun the source buffer because it blindly trusts the file format...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/01 2:14 p.m.11 views

EUVD-2026-26561

In the Linux kernel, the following vulnerability has been resolved: comedi: medaq: Fix potential overrun of firmware buffer me2600xilinxdownload loads the firmware that was requested by requestfirmware. It is possible for it to overrun the source buffer because it blindly trusts the file format. ...

5.8AI score0.00129EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.6 views

PT-2026-36383

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A buffer overrun can occur in the me2600 xilinx download function when loading firmware requested by request firmware. The function reads a data stream length into the file length variab...

7.8CVSS5.6AI score0.00129EPSS
Exploits0References19
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.17 views

PT-2026-36002

Name of the Vulnerable Software and Affected Versions B1 Free Archiver version 1.5.86 Description An issue exists where files extracted from downloaded archives bypass Windows Mark of the Web MotW protections. The software fails to propagate the Zone.Identifier alternate data stream—a mechanism...

5.5AI score0.00334EPSS
Exploits0References4
CVE
CVE
added 2026/04/24 5:58 p.m.46 views

CVE-2026-42037

Axios 1.0.0–1.15.0/1.15.0x suffer a CRLF injection in the FormDataPart constructor (lib/helpers/formDataToStream.js) where value.type is interpolated into multipart part Content-Type headers without CRLF sanitization. An attacker controlling the .type of a Blob/File-like object can inject arbitra...

5.3CVSS5.6AI score0.0024EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/24 4:34 p.m.4 views

CVE-2026-31537

A flaw was found in the Linux kernel's Server Message Block SMB server. An attacker could exploit this vulnerability by triggering an immediate empty send operation, which would corrupt the stream of reassembled data transfer messages. This corruption could lead to data integrity issues or...

5.5CVSS5.6AI score0.00121EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/24 2:30 p.m.7 views

EUVD-2026-25430

In the Linux kernel, the following vulnerability has been resolved: smb: server: make use of smbdirectsocket.sendio.bcredits It turns out that our code will corrupt the stream of reassabled data transfer messages when we trigger an immendiate empty send. In order to fix this we'll have a single...

5.5AI score0.00121EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/24 2:30 p.m.35 views

CVE-2026-31537 smb: server: make use of smbdirect_socket.send_io.bcredits

In the Linux kernel, the following vulnerability has been resolved: smb: server: make use of smbdirectsocket.sendio.bcredits It turns out that our code will corrupt the stream of reassabled data transfer messages when we trigger an immendiate empty send. In order to fix this we'll have a single...

0.00121EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.12 views

PT-2026-34889

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw in the SMB server implementation causes corruption of the stream of reassembled data transfer messages when an immediate empty send is triggered. This occurs due to the improper...

5.5CVSS5.3AI score0.00121EPSS
Exploits0References15
Rows per page
Query Builder