Lucene search
+L

4 matches found

cve
cve
added 2026/06/05 3:17 p.m.34 views

CVE-2026-48101

The CVE-2026-48101 entry concerns 7-Zip (versions 9.21–26.00) with an uninitialized heap memory disclosure in the UEFI capsule (.scap) parser. The OpenCapsule function allocates a heap buffer sized by attacker-supplied CapsuleImageSize (up to 1 GiB) without zero-initialization, then fills it via ...

6.5CVSS5.7AI score0.00277EPSS
Exploits1References1Affected Software1
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

A issue was discovered in the Linux kernel through version 5.19.8. In the file drivers/firmware/efi/capsule-loader.c, there is a race condition that leads to a use-after-free situation...

4.7CVSS6.6AI score0.00199EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/04/21 12:0 a.m.14 views

PT-2026-46970

Name of the Vulnerable Software and Affected Versions 7-Zip versions 9.21 through 26.00 Description An uninitialized memory disclosure exists in the UEFI capsule .scap parser. The OpenCapsule function allocates a heap buffer based on an attacker-declared CapsuleImageSize up to 1 GiB without...

7.8CVSS5.6AI score0.00277EPSS
Exploits1References33
osv
osv
added 2023/01/10 8:10 p.m.17 views

USN-5791-3 linux-azure-5.4, linux-azure-fde vulnerabilities

It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-20421 David Leadbeater...

7.8CVSS7AI score0.01429EPSS
Exploits3References12
Rows per page
Query Builder