Lucene search
K

7 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Firefox and Thunderbird

When UpdateRegExpStatics attempted to access initialStringHeap, it might have already been garbage collected before entering the function. This could potentially lead to a exploitable crash. This vulnerability affects Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2...

6.5CVSS6.8AI score0.00554EPSS
Exploits0References2
CVE
CVE
added 2026/06/18 5:6 p.m.13 views

CVE-2026-48984

pam_usb for Linux (affected: v0.9.1 and earlier) has a memory handling flaw where xfree() frees buffers without zeroing contents, potentially leaving sensitive data (including one-time pad bytes) in freed heap memory. On systems with use-after-free or heap inspection capabilities, this could perm...

4.7CVSS5.6AI score0.00109EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/18 5:6 p.m.17 views

CVE-2026-48984 pam_usb: xfree() does not call explicit_bzero — sensitive cryptographic material may linger in freed heap

pamusb provides hardware authentication for Linux using ordinary removable media. In versions 0.9.1 and below, the xfree memory release helper in calls free without first zeroing the buffer contents, releasing heap-allocated buffers containing sensitive data — including one-time pad bytes read fr...

4.7CVSS0.00109EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/16 3:54 p.m.5 views

libpng: libpng: Arbitrary code execution due to use-after-free vulnerability

A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...

7.5CVSS6.5AI score0.01052EPSS
Exploits1References10
Microsoft CVE
Microsoft CVE
added 2026/06/07 8:2 a.m.9 views

HTML::Entities versions before 3.84 for Perl read freed heap memory in _decode_entities

...

7.5CVSS5.4AI score0.0031EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/05/04 3:58 p.m.8 views

libpng: libpng: Arbitrary code execution due to use-after-free vulnerability

A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...

7.5CVSS6.8AI score0.01052EPSS
Exploits1References10
Cvelist
Cvelist
added 2025/08/08 11:27 p.m.13 views

CVE-2025-46709 GPU DDK - Security fix for PP-171570 can lead to an uninitialised pointer dereference and memory leak

Possible memory leak or kernel exceptions caused by reading kernel heap data after free or NULL pointer dereference kernel exception...

0.00312EPSS
Exploits0References1
Rows per page
Query Builder