Lucene search
+L

307 matches found

OSV
OSV
added 2026/04/24 3:16 p.m.4 views

DEBIAN-CVE-2026-31612

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate EaNameLength in smb2getea smb2getea reads eareq-EaNameLength from the client request and passes it directly to strncmp as the comparison length without verifying that the length of the name really is the size of t...

7.5CVSS5.5AI score0.00415EPSS
Exploits0References1
NVD
NVD
added 2026/04/24 3:16 p.m.6 views

CVE-2026-31612

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate EaNameLength in smb2getea smb2getea reads eareq-EaNameLength from the client request and passes it directly to strncmp as the comparison length without verifying that the length of the name really is the size of t...

7.5CVSS0.00415EPSS
Exploits0References7
OSV
OSV
added 2026/04/24 2:42 p.m.2 views

CVE-2026-31614 smb: client: fix off-by-8 bounds check in check_wsl_eas()

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix off-by-8 bounds check in checkwsleas The bounds check uses u8 ea + nlen + 1 + vlen as the end of the EA name and value, but eadata sits at offset sizeofstruct smb2filefulleainfo = 8 from ea, not at offset 0. The...

7.1CVSS6.2AI score0.00126EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/04/24 2:42 p.m.35 views

CVE-2026-31612 ksmbd: validate EaNameLength in smb2_get_ea()

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate EaNameLength in smb2getea smb2getea reads eareq-EaNameLength from the client request and passes it directly to strncmp as the comparison length without verifying that the length of the name really is the size of t...

7.5CVSS0.00415EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/04/24 2:42 p.m.4 views

CVE-2026-31612

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate EaNameLength in smb2getea smb2getea reads eareq-EaNameLength from the client request and passes it directly to strncmp as the comparison length without verifying that the length of the name really is the size of t...

7.5CVSS5.5AI score0.00415EPSS
Exploits0References7Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.22 views

PT-2026-34964

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the ksmbd module, the smb2 get ea function reads the EaNameLength variable from a client request and passes it to strncmp as the comparison length without verifying if the name length...

9.8CVSS5.2AI score0.00525EPSS
Exploits0References351
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.6 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013469)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013469 advisory. An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an out-of-bounds re...

7.1CVSS5.8AI score0.00545EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.5 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013702)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013702 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: refuse to create ea block when umounted The ea block expansion need to access sroot while i...

5.5AI score0.00177EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.7 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-010745)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010745 advisory. An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an out-of-bounds re...

7.1CVSS6.7AI score0.00545EPSS
Exploits1References3
NVD
NVD
added 2026/03/27 2:16 p.m.4 views

CVE-2026-32695

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 3.6.11 and 3.7.0-ea.2, Traefik's Knative provider builds router rules by interpolating user-controlled values into backtick-delimited rule expressions without escaping. In live cluster validation, Knative rules.hosts was...

7.7CVSS0.00463EPSS
Exploits1References7
OSV
OSV
added 2026/03/27 1:47 p.m.6 views

CVE-2026-32695 Traefik has Knative Ingress Rule Injection that Allows Host Restriction Bypass

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 3.6.11 and 3.7.0-ea.2, Traefik's Knative provider builds router rules by interpolating user-controlled values into backtick-delimited rule expressions without escaping. In live cluster validation, Knative rules.hosts was...

6.3CVSS5.9AI score0.00463EPSS
Exploits1References9
OSV
OSV
added 2026/03/20 3:43 p.m.7 views

GHSA-G3HG-J4JV-CWFR Traefik Affected by BasicAuth Middleware Timing Attack Allows Username Enumeration

Summary There is a potential vulnerability in Traefik's BasicAuth middleware that allows username enumeration via a timing attack. When a submitted username exists, the middleware performs a bcrypt password comparison taking 166ms. When the username does not exist, the response returns immediatel...

6.3CVSS5.9AI score0.00385EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2026/03/20 10:1 a.m.5 views

CVE-2026-32305

Traefik is an HTTP reverse proxy and load balancer. Versions 2.11.40 and below, 3.0.0-beta1 through 3.6.11, and 3.7.0-ea.1 are vulnerable to mTLS bypass through the TLS SNI pre-sniffing logic related to fragmented ClientHello packets. When a TLS ClientHello is fragmented across multiple records,...

7.8CVSS5.8AI score0.00405EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/01/15 12:25 a.m.5 views

SUSE CVE-2025-68806

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix buffer validation by including null terminator size in EA length The smb2setea function, which handles Extended Attributes EA, was performing buffer validation checks that incorrectly omitted the size of the null...

6.7AI score0.00168EPSS
Exploits0References3
OSV
OSV
added 2026/01/13 4:16 p.m.6 views

AZL-74312 CVE-2025-68806 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix buffer validation by including null terminator size in EA length The smb2setea function, which handles Extended Attributes EA, was performing buffer validation checks that incorrectly omitted the size of the null...

5.7AI score0.00168EPSS
Exploits0References1
OSV
OSV
added 2026/01/13 4:16 p.m.10 views

UBUNTU-CVE-2025-68806

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix buffer validation by including null terminator size in EA length The smb2setea function, which handles Extended Attributes EA, was performing buffer validation checks that incorrectly omitted the size of the null...

5.8AI score0.00168EPSS
Exploits0References28
CVE
CVE
added 2026/01/13 3:29 p.m.23 views

CVE-2025-68806

CVE-2025-68806 affects the Linux kernel ksmbd’s handling of Extended Attributes (EA). The root cause is a buffer validation flaw in smb2_set_ea where the null terminator’s size (+1) was not included in EaNameLength, leading to incorrect buffer size checks. The patch fixes validation by adding +1 ...

6.2AI score0.00168EPSS
Exploits0References5
OSV
OSV
added 2026/01/13 3:29 p.m.4 views

CVE-2025-68806 ksmbd: fix buffer validation by including null terminator size in EA length

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix buffer validation by including null terminator size in EA length The smb2setea function, which handles Extended Attributes EA, was performing buffer validation checks that incorrectly omitted the size of the null...

6.5AI score0.00168EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/01/09 10:41 a.m.11 views

CVE-2022-26147

The Quectel RG502Q-EA modem before 2022-02-23 allow OS Command Injection...

10CVSS7.1AI score0.02548EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2025/12/31 12:26 a.m.5 views

SUSE CVE-2023-54305

In the Linux kernel, the following vulnerability has been resolved: ext4: refuse to create ea block when umounted The ea block expansion need to access sroot while it is already set as NULL when umount is triggered. Refuse this request to avoid panic...

5.5CVSS6.5AI score0.00177EPSS
Exploits0References7
Rows per page
Query Builder