Lucene search
+L

91 matches found

redhat
redhat
added 2026/07/06 3:20 a.m.9 views

net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME

A flaw was found in the net package of Go golang, specifically when using the LookupCNAME function with the cgo DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name CNAME response. This can trigger a double-free of C memory, leading to a crash and a Denial of...

7.5CVSS7.1AI score0.00813EPSS
Exploits0References8
euvd
euvd
added 2026/05/07 9:30 p.m.24 views

EUVD-2026-28419

When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash...

5.8AI score0.00813EPSS
Exploits0References5
nvd
nvd
added 2026/05/07 8:16 p.m.26 views

CVE-2026-33811

When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash...

7.5CVSS0.00813EPSS
Exploits0References38
attackerkb
attackerkb
added 2026/05/07 7:41 p.m.12 views

CVE-2026-33811

When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash...

5.8AI score0.00813EPSS
Exploits0References5Affected Software1
cvelist
cvelist
added 2026/05/07 7:41 p.m.61 views

CVE-2026-33811 Crash when handling long CNAME response in net

When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash...

0.00813EPSS
Exploits0References4
redhatcve
redhatcve
added 2026/04/22 6:16 p.m.5 views

CVE-2026-31468

A flaw was found in the Linux kernel's vfio/pci dma-buf feature. An issue in the error handling of the vfiopcicorefeaturedmabuf function can lead to a double free of allocated memory. This can occur under specific conditions, such as file descriptor exhaustion, potentially causing system...

7.8CVSS5.3AI score0.0012EPSS
Exploits0References4
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-12655

Malware in sbrugna...

7.5CVSS7.6AI score0.00745EPSS
Exploits0References2
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2002-0839

Malware in sbrugna...

7.5CVSS6.2AI score0.02829EPSS
Exploits0References5
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-53409

Malicious code in bioql PyPI...

7.8CVSS7.3AI score0.00217EPSS
Exploits0References7
nessus
nessus
added 2025/08/12 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-5914

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been identified in the libarchive library, specifically within the archivereadformatrarseekdata function. This flaw involves an integer...

7.8CVSS7.1AI score0.00326EPSS
Exploits2References2
debiancve
debiancve
added 2025/08/11 10:54 p.m.5 views

CVE-2025-55158

Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1406, when processing nested tuples during Vim9 script import operations, an error during evaluation can trigger a double-free in Vim’s internal typed value typvalT management. Specifically, the cleartv...

8.8CVSS5.6AI score0.00351EPSS
Exploits0
vulnrichment
vulnrichment
added 2025/07/23 7:57 p.m.5 views

CVE-2025-8058

The regcomp function in the GNU C library version from 2.4 to 2.41 is subject to a double free if some previous allocation fails. It can be accomplished either by a malloc failure or by using an interposed malloc that injects random malloc failures. The double free can allow buffer manipulation...

5.9CVSS6.4AI score0.00158EPSS
Exploits0References2
nessus
nessus
added 2025/06/27 12:0 a.m.4 views

SUSE SLED15 / SLES15 Security Update : libwebp (SUSE-SU-2025:01639-2)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:01639-2 advisory. - CVE-2016-9969: freeing of uninitialized memory pointer in SetFrame of AnimEncoder can lead to double free bsc1136199...

7.5CVSS7.3AI score0.01355EPSS
Exploits1References4
osv
osv
added 2025/06/16 12:0 p.m.4 views

RUSTSEC-2025-0044 Four unique double-free vulnerabilities triggered via safe APIs

The crate slice-ring-buffer was developed as a fork of slice-deque to continue maintenance and provide security patches, since the latter has been officially unmaintained RUSTSEC-2020-0158. While slice-ring-buffer has addressed some previously reported memory safety issues inherited from its fork...

7.9AI score
Exploits0References3
alpinelinux
alpinelinux
added 2025/06/09 8:15 p.m.2 views

CVE-2025-5914

A vulnerability has been identified in the libarchive library, specifically within the archivereadformatrarseekdata function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enablin...

9.8CVSS8.2AI score0.00326EPSS
Exploits2References27
cvelist
cvelist
added 2025/06/09 7:53 p.m.40 views

CVE-2025-5914 Libarchive: double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c

A vulnerability has been identified in the libarchive library, specifically within the archivereadformatrarseekdata function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enablin...

7.8CVSS0.00326EPSS
Exploits2References32
vulnrichment
vulnrichment
added 2025/06/09 7:53 p.m.3 views

CVE-2025-5914 Libarchive: double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c

A vulnerability has been identified in the libarchive library, specifically within the archivereadformatrarseekdata function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enablin...

7.8CVSS5AI score0.00326EPSS
Exploits2References32
osv
osv
added 2025/06/09 7:53 p.m.4 views

CVE-2025-5914 Libarchive: double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c

A vulnerability has been identified in the libarchive library, specifically within the archivereadformatrarseekdata function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enablin...

7.8CVSS7AI score0.00326EPSS
Exploits2References38
cvelist
cvelist
added 2025/05/27 12:29 p.m.54 views

CVE-2025-5262

A double-free could have occurred in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 139 and Thunderbird 128.11...

0.00375EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2025/04/08 12:0 a.m.4 views

PT-2025-21128

Name of the Vulnerable Software and Affected Versions: crossbeam-channel affected versions not specified Description: The issue is related to a race condition in the internal Channel type's Drop method in the crossbeam-channel rust crate. This could lead to a double-free, resulting in memory...

6.5CVSS6.1AI score0.00484EPSS
Exploits0References49
Rows per page
Query Builder