385 matches found
CVE-2026-13149
The CVE-2026-13149 entry concerns the library brace-expansion up to version 5.0.6. The vulnerability is in the expand() function, which exhibits exponential-time complexity proportional to the number of consecutive non-expanding '{}' brace groups. This allows an attacker to craft input that cause...
PT-2026-52323
In the Linux kernel, the following vulnerability has been resolved: ipv6: sit: reload inner IPv6 header after GSO offloads ipip6 tunnel xmit caches the inner IPv6 header pointer at function entry and continues using it after iptunnel handle offloads. For GSO skbs, iptunnel handle offloads calls s...
Astra Linux – Vulnerability in Nasm
In Netwide Assembler NASM 2.15rc0, a heap-based buffer over-read occurs due to a malicious .asm file during the call to settextfree from expandonesmacro in asm/preproc.c...
Astra Linux – Vulnerability in node-brace-expansion
A vulnerability was discovered in the juliangruber brace-expansion library, up to versions 1.1.11/2.0.1/3.0.0/4.0.0. This issue has been identified as problematic. The affected function is the “expand” function of the file index.js. Manipulation of this function leads to inefficient use of regula...
JLSEC-2026-596
An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in expandsmacro in modules/preprocs/nasm/nasm-pp.c...
JLSEC-2026-587
An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in expandmmacparams in modules/preprocs/nasm/nasm-pp.c...
JLSEC-2026-595
An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in expandmmacro in modules/preprocs/nasm/nasm-pp.c...
CVE-2026-41207
The netty incubator codec.bhttp is a java language binary http parser. Prior to version 0.0.21.Final, HKDFexpand returns non-NULL on failure. The byte is filled with zeros and has no way to distinguish success from failure. Since this output is used as HKDF key material for the response AEAD, a...
CVE-2026-41207
The netty incubator codec.bhttp is a java language binary http parser. Prior to version 0.0.21.Final, HKDFexpand returns non-NULL on failure. The byte is filled with zeros and has no way to distinguish success from failure. Since this output is used as HKDF key material for the response AEAD, a...
CVE-2026-41207 netty-incubator-codec-ohttp's HPKEContext operations may produce empty byte[] on failures
The netty incubator codec.bhttp is a java language binary http parser. Prior to version 0.0.21.Final, HKDFexpand returns non-NULL on failure. The byte is filled with zeros and has no way to distinguish success from failure. Since this output is used as HKDF key material for the response AEAD, a...
netty-incubator-codec-ohttp 安全特征问题漏洞
netty-incubator-codec-ohttp is an application developed by the Netty community. Versions prior to 0.0.21.Final of netty-incubator-codec-ohttp contain a security vulnerability. This vulnerability arises from returning a non-empty value when HKDF-expand fails, which may lead to the use of a key wit...
Insecure Randomness
Overview Affected versions of this package are vulnerable to Insecure Randomness due to the HKDFexpand and EVPHPKECTXexport functions returning a zero-filled byte array on failure, which is then used as key material for AEAD encryption. An attacker can predict and exploit the deterministic,...
Insecure Randomness
Overview Affected versions of this package are vulnerable to Insecure Randomness due to the HKDFexpand and EVPHPKECTXexport functions returning a zero-filled byte array on failure, which is then used as key material for AEAD encryption. An attacker can predict and exploit the deterministic,...
Insecure Randomness
Overview Affected versions of this package are vulnerable to Insecure Randomness due to the HKDFexpand and EVPHPKECTXexport functions returning a zero-filled byte array on failure, which is then used as key material for AEAD encryption. An attacker can predict and exploit the deterministic,...
GHSA-F659-372H-6X3X netty-incubator-codec-ohttp's HPKEContext operations may produce empty byte[] on failures
HKDFexpand: returns non-NULL on failure. The byte is filled with zeros and has no way to distinguish success from failure. Since this output is used as HKDF key material for the response AEAD, a failure silently produces an all-zero key. When EVPHPKECTXexport fails it also returns an empty byte...
RXSA-2026:3488 Moderate: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: smc: Use skdstget and dstdevrcu in smcclcprfxmatch CVE-2025-40168 kernel: ipv6: BUG in pskbexpandhead as part of calipsoskbuffsetattr CVE-2025-71085 kernel: Linux kernel: Denial of Servic...
CVE-2026-42199
Grid is a data structure grid for rust. From version 0.17.0 to before version 1.0.1, an integer overflow in Grid::expandrows can corrupt the relationship between the grid’s logical dimensions and its backing storage. After the internal invariant is broken, the safe API get may invoke getunchecked...
CVE-2026-42199
Grid is a data structure grid for rust. From version 0.17.0 to before version 1.0.1, an integer overflow in Grid::expandrows can corrupt the relationship between the grid’s logical dimensions and its backing storage. After the internal invariant is broken, the safe API get may invoke getunchecked...
CVE-2026-42199
Grid is a data structure grid for rust. From version 0.17.0 to before version 1.0.1, an integer overflow in Grid::expandrows can corrupt the relationship between the grid’s logical dimensions and its backing storage. After the internal invariant is broken, the safe API get may invoke getunchecked...
EUVD-2026-28834
Grid is a data structure grid for rust. From version 0.17.0 to before version 1.0.1, an integer overflow in Grid::expandrows can corrupt the relationship between the grid’s logical dimensions and its backing storage. After the internal invariant is broken, the safe API get may invoke getunchecked...