Lucene search
K

101 matches found

RedhatCVE
RedhatCVE
added 4 days ago6 views

CVE-2026-57451

A flaw in Vim allows an attacker to cause a Denial of Service DoS via an application crash. If a user opens a maliciously crafted undo file, an out-of-bounds read is triggered in the gettextprops function due to missing length validation on property counts. Mitigation Users are advised to avoid...

6.1CVSS5.8AI score0.00113EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: NFC: nci: Bounds check for struct nfctarget arrays While running with CONFIGFORTIFYSOURCE=y, syzkaller reported the following issue: memcpy: A field-spanning write was detected size 129 of the single field “target-sensfres” at...

7.1CVSS5.6AI score0.00236EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: kheaders: Use an array declaration instead of a char. Under CONFIGFORTIFYSOURCE, memcpy will check the size of the destination and source buffers. Defining kernelheadersdata as “char” would trigger this check. Since these address...

5.8AI score0.00191EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo structure has a flexible array member named options, which is protected by the countedbyoptionslen attribute. The compiler uses this information to...

5.5CVSS5.6AI score0.00124EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ipvs: fixed an undefined behavior due to uninitialized stack access in ipvsprotocolinit. Under certain kernel configurations when building with Clang/LLVM, the compiler does not generate a return or jump as the terminator...

5.5CVSS6.5AI score0.00224EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/12 2:32 a.m.13 views

SUSE CVE-2026-11793

A stack buffer overflow flaw was found in 389 Directory Server. The checkPrefix function in pw.c copies an attacker-controlled algorithm ID into a 256-byte stack buffer without bounds checking when parsing reversible-encrypted attribute values. An attacker with Directory Manager privileges can...

4.9CVSS5.7AI score0.00282EPSS
Exploits0References3
OSV
OSV
added 2026/06/09 2:16 p.m.9 views

DEBIAN-CVE-2026-11793

A stack buffer overflow flaw was found in 389 Directory Server. The checkPrefix function in pw.c copies an attacker-controlled algorithm ID into a 256-byte stack buffer without bounds checking when parsing reversible-encrypted attribute values. An attacker with Directory Manager privileges can...

4.9CVSS5.7AI score0.00282EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 2:16 p.m.12 views

CVE-2026-11793

A stack buffer overflow flaw was found in 389 Directory Server. The checkPrefix function in pw.c copies an attacker-controlled algorithm ID into a 256-byte stack buffer without bounds checking when parsing reversible-encrypted attribute values. An attacker with Directory Manager privileges can...

4.9CVSS0.00282EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/09 1:11 p.m.10 views

EUVD-2026-35423

A stack buffer overflow flaw was found in 389 Directory Server. The checkPrefix function in pw.c copies an attacker-controlled algorithm ID into a 256-byte stack buffer without bounds checking when parsing reversible-encrypted attribute values. An attacker with Directory Manager privileges can...

4.9CVSS5.7AI score0.00282EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2026/06/03 12:0 a.m.12 views

samba security update

4.19.4-16.0.1 - s3: winbindd: winbinddpam: fix leak in extractpacvrfysigs Orabug: 36518285 - s3:passdb: Do not leak memory in pdbtdb Orabug: 36371377 - Gluster volumes not accessible via Samba due to missing samba-vfs-glusterfs in OL8 Orabug: 30205755 4.19.4-16 - resolves: RHEL-156322 - Fix...

9.8CVSS5.8AI score0.12797EPSS
Exploits7
RedhatCVE
RedhatCVE
added 2026/05/28 6:39 p.m.14 views

CVE-2026-46149

A flaw was found in the Linux kernel's SCSI target subsystem. This vulnerability, a buffer overflow, occurs in the tgptgpmembersshow function when processing long iSCSI IQN names. An attacker could potentially exploit this by providing a specially crafted input, leading to the disclosure of...

7.1CVSS6AI score0.00139EPSS
Exploits0References4
NVD
NVD
added 2026/05/28 10:16 a.m.16 views

CVE-2026-46149

In the Linux kernel, the following vulnerability has been resolved: scsi: target: configfs: Bound snprintf return in tgptgpmembersshow targettgptgpmembersshow formats LUN paths with snprintf into a 256-byte stack buffer, then will memcpy curlen bytes from that buffer. snprintf returns the length...

7.1CVSS0.00139EPSS
Exploits0References8
OSV
OSV
added 2026/05/28 10:16 a.m.5 views

UBUNTU-CVE-2026-46149

In the Linux kernel, the following vulnerability has been resolved: scsi: target: configfs: Bound snprintf return in tgptgpmembersshow targettgptgpmembersshow formats LUN paths with snprintf into a 256-byte stack buffer, then will memcpy curlen bytes from that buffer. snprintf returns the length...

7.1CVSS5.7AI score0.00139EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/28 9:36 a.m.36 views

CVE-2026-46149 scsi: target: configfs: Bound snprintf() return in tg_pt_gp_members_show()

In the Linux kernel, the following vulnerability has been resolved: scsi: target: configfs: Bound snprintf return in tgptgpmembersshow targettgptgpmembersshow formats LUN paths with snprintf into a 256-byte stack buffer, then will memcpy curlen bytes from that buffer. snprintf returns the length...

7.1CVSS0.00139EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/05/22 2:19 a.m.10 views

SUSE CVE-2026-44071

Netatalk 3.1.2 through 4.4.2 is compiled without FORTIFYSOURCE, which disables built-in buffer overflow detection at runtime, potentially allowing a remote attacker to cause a minor denial of service via memory errors that would otherwise be caught and safely terminated by runtime protection...

3.7CVSS6AI score0.00335EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/21 1:5 p.m.14 views

CVE-2026-44071

A flaw was found in Netatalk. This issue arises because the software is compiled without FORTIFYSOURCE, a security feature that provides built-in buffer overflow detection at runtime. A remote attacker could exploit this by triggering memory errors that would otherwise be safely handled, leading ...

3.7CVSS5.9AI score0.00335EPSS
Exploits0References2
NVD
NVD
added 2026/05/21 9:16 a.m.13 views

CVE-2026-44071

Netatalk 3.1.2 through 4.4.2 is compiled without FORTIFYSOURCE, which disables built-in buffer overflow detection at runtime, potentially allowing a remote attacker to cause a minor denial of service via memory errors that would otherwise be caught and safely terminated by runtime protection...

3.7CVSS0.00335EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/21 8:14 a.m.38 views

CVE-2026-44071 FORTIFY_SOURCE disabled

Netatalk 3.1.2 through 4.4.2 is compiled without FORTIFYSOURCE, which disables built-in buffer overflow detection at runtime, potentially allowing a remote attacker to cause a minor denial of service via memory errors that would otherwise be caught and safely terminated by runtime protection...

3.7CVSS0.00335EPSS
Exploits0References1
CVE
CVE
added 2026/05/21 8:14 a.m.20 views

CVE-2026-44071

Netatalk versions 3.1.2 through 4.4.2 are compiled without FORTIFY_SOURCE, disabling built-in runtime buffer overflow detection. This may allow a remote attacker to cause a minor denial of service via memory errors that would otherwise be detected and terminated. No exploit details or patched ver...

3.7CVSS6AI score0.00335EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/21 8:14 a.m.8 views

CVE-2026-44071 FORTIFY_SOURCE disabled

Netatalk 3.1.2 through 4.4.2 is compiled without FORTIFYSOURCE, which disables built-in buffer overflow detection at runtime, potentially allowing a remote attacker to cause a minor denial of service via memory errors that would otherwise be caught and safely terminated by runtime protection...

3.7CVSS6AI score0.00335EPSS
Exploits0References1
Rows per page
Query Builder