Lucene search
K

24 matches found

OSV
OSV
added 2026/06/17 2:45 p.m.5 views

SUSE-SU-2026:2438-1 Security update for alloy

This update for alloy fixes the following issues Security issues: - CVE-2026-4427: github.com/jackc/pgproto3/v2: improper validation of field length allows a malicious PostgreSQL server to crash a client application via a DataRow message bsc1259919. - CVE-2026-25934: github.com/go-git/go-git/v5:...

9.1CVSS6.5AI score0.01557EPSS
Exploits1References13
CVE
CVE
added 2026/05/01 2:15 p.m.15 views

CVE-2026-43032

CVE-2026-43032 affects the Linux kernel NFC pn533/pn532 UART receive path. The root cause is that pn532_receive_buf() appends incoming bytes to dev->recv_skb and only clears the partial frame when a complete PN532 frame header is recognized, allowing a continuous invalid stream to grow the skb...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2026/03/25 7:36 p.m.3 views

CVE-2026-27889 NATS: Pre-auth remote server crash via WebSocket frame length overflow in wsRead

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Starting in version 2.2.0 and prior to versions 2.11.14 and 2.12.5, a missing sanity check on a WebSockets frame could trigger a server panic in the nats-server. This happens before authentication, and...

7.5CVSS6.4AI score0.00582EPSS
Exploits0References4
OSV
OSV
added 2026/03/25 5:7 p.m.4 views

GHSA-PQ2Q-RCW4-3HR6 NATS: Pre-auth remote server crash via WebSocket frame length overflow in wsRead

Background NATS.io is a high performance open source pub-sub distributed communication technology, built for the cloud, on-premise, IoT, and edge computing. When using WebSockets, a malicious client can trigger a server crash with crafted frames, before authentication. Problem Description A missi...

7.5CVSS6.2AI score0.00582EPSS
Exploits0References4
OSV
OSV
added 2026/03/06 7:16 a.m.5 views

ALPINE-CVE-2026-29068

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, there is a stack buffer overflow vulnerability when pjmedia-codec parses an RTP payload contain more frames than the caller-provided frames can hold. This issue has been patched in version 2.17...

7.5CVSS5.6AI score0.00314EPSS
Exploits0References1
OSV
OSV
added 2025/12/22 10:16 p.m.3 views

UBUNTU-CVE-2025-34457

wb2osz/direwolf Dire Wolf versions up to and including 1.8, prior to commit 694c954, contain a stack-based buffer overflow vulnerability in the function kissrecbyte located in src/kissframe.c. When processing crafted KISS frames that reach the maximum allowed frame length MAXKISSLEN, the function...

8.7CVSS6.2AI score0.00468EPSS
Exploits0References6
OSV
OSV
added 2025/10/06 8:15 a.m.2 views

UBUNTU-CVE-2025-59730

When decoding a frame for a SANM file ANIM v0 variant, the decoded data can be larger than the buffer allocated for it. Frames encoded with codec 48 can specify their resolution width x height. A buffer of appropriate size is allocated depending on the resolution. This codec can encode the frame...

5.7CVSS6AI score0.00149EPSS
Exploits0References3
OSV
OSV
added 2025/06/25 6:15 p.m.7 views

CVE-2025-5828

Autel MaxiCharger AC Wallbox Commercial wLength Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authentication is not required to...

6.8CVSS6.3AI score0.00295EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/01 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from exceeding the maximum value of a stack frame...

7.8CVSS6.5AI score0.0033EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2024/01/25 9:43 a.m.4 views

kernel: IGB driver inadequate buffer size for frames larger than MTU

A flaw was found in igbconfigurerxring in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel. An overflow of the contents from a packet that is too large will overflow into the kernel's ring buffer, leading to a system integrity issue...

7.5CVSS6.7AI score0.00544EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/12/12 10:58 a.m.4 views

kernel: IGB driver inadequate buffer size for frames larger than MTU

A flaw was found in igbconfigurerxring in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel. An overflow of the contents from a packet that is too large will overflow into the kernel's ring buffer, leading to a system integrity issue...

7.5CVSS6.7AI score0.00544EPSS
Exploits0References5
OSV
OSV
added 2023/08/09 3:30 p.m.3 views

GHSA-496J-2RQ6-J6CC Excessive Iteration in gRPC

gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption ...

7.5CVSS7.2AI score0.00412EPSS
Exploits0References5
OSV
OSV
added 2023/08/09 1:15 p.m.7 views

AZL-27911 CVE-2023-33953 affecting package grpc 1.42.0-11

gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption ...

7.5CVSS7.2AI score0.00412EPSS
Exploits0References1
OSV
OSV
added 2023/08/09 1:15 p.m.1 views

DEBIAN-CVE-2023-33953

gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption ...

7.5CVSS7.8AI score0.00412EPSS
Exploits0References1
OSV
OSV
added 2023/08/09 1:15 p.m.2 views

UBUNTU-CVE-2023-33953

gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption ...

7.5CVSS7.2AI score0.00412EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/03/28 1:50 a.m.4 views

SUSE CVE-2023-25667

TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, integer overflow occurs when 2^31 = numframes height width channels 2^32, for example Full HD screencast of at least 346 frames. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...

7.5CVSS7.2AI score0.00305EPSS
Exploits0References3
OSV
OSV
added 2023/03/25 12:15 a.m.8 views

AZL-35312 CVE-2023-25667 affecting package tensorflow for versions less than 2.11.1-1

TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, integer overflow occurs when 2^31 = numframes height width channels 2^32, for example Full HD screencast of at least 346 frames. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...

7.5CVSS6.7AI score0.00305EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 6:11 a.m.6 views

SUSE CVE-2007-2893

Heap-based buffer overflow in the bxne2kc::rxframe function in iodev/ne2k.cc in the emulated NE2000 device in Bochs 2.3 allows local users of the guest operating system to write to arbitrary memory locations and gain privileges on the host operating system via vectors that cause TXCNT register...

7.2CVSS7.5AI score0.00461EPSS
Exploits0References3
OSV
OSV
added 2022/07/24 7:15 p.m.2 views

UBUNTU-CVE-2021-46829

GNOME GdkPixbuf aka GDK-PixBuf before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c compositeframe. This overflow is controllable and could be abused for code execution, especially on 32-bit systems...

7.8CVSS7.4AI score0.00748EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2014:0760-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.04154EPSS
Exploits2References2
Rows per page
Query Builder