Lucene search
K

21 matches found

Cvelist
Cvelist
added 2026/06/25 6:14 p.m.30 views

CVE-2026-56790 CANBoat - Off-by-One Global Buffer Overflow in searchForPgn()

CANBoat through 6.22, fixed in commit a5a22b7, contains an off-by-one global buffer overflow in the searchForPgn function in analyzer/pgn.c that allows remote attackers to crash the application. Attackers can deliver a crafted NMEA-2000 message with an out-of-range PGN value over CAN bus or...

7.3CVSS0.00215EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.12 views

PT-2026-52553

Name of the Vulnerable Software and Affected Versions CANBoat versions prior to 6.23 Description An off-by-one global buffer overflow exists in the searchForPgn function within the analyzer/pgn.c file. A remote attacker can trigger an out-of-bounds array access and cause a denial of service,...

7.3CVSS6.1AI score0.00215EPSS
Exploits0References8
NVD
NVD
added 2025/12/24 11:15 a.m.8 views

CVE-2023-54021

In the Linux kernel, the following vulnerability has been resolved: ext4: set goal start correctly in ext4mbnormalizerequest We need to set acgex to notify the goal start used in ext4mbfindbygoal. Set acgex instead of acfex in ext4mbnormalizerequest. Besides we should assure goal start is in rang...

0.00165EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.9 views

PT-2025-52978

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue was identified in the Linux kernel related to the ext4 filesystem. The problem involves incorrectly setting the goal start in the ext4 mb normalize request function. Specificall...

7.8CVSS6.4AI score0.00465EPSS
Exploits2References899
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.3 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989213)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989213 advisory. In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in diAlloc Currently there is not check against the agno of th...

7.8CVSS6.2AI score0.00255EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-28256

Malicious code in bioql PyPI...

2.9CVSS6.4AI score0.00276EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2025/05/24 3:30 a.m.10 views

SCSIR has a Potential Unsound Issue in WriteSameCommand

In groupnumber in the scsir crate 0.2.0 for Rust, there can be an overflow because a hardware device may expect a small number of bits e.g., 5 bits for group number...

9.8CVSS7AI score0.00276EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2025/05/24 3:30 a.m.3 views

GHSA-CM3G-QM4H-XM6M SCSIR has a Potential Unsound Issue in WriteSameCommand

In groupnumber in the scsir crate 0.2.0 for Rust, there can be an overflow because a hardware device may expect a small number of bits e.g., 5 bits for group number...

2.9CVSS7.3AI score0.00276EPSS
Exploits1References4
OSV
OSV
added 2025/05/24 3:15 a.m.5 views

CVE-2025-48756

In groupnumber in the scsir crate 0.2.0 for Rust, there can be an overflow because a hardware device may expect a small number of bits e.g., 5 bits for group number...

9.8CVSS5.9AI score
Exploits0References2
NVD
NVD
added 2025/05/24 3:15 a.m.13 views

CVE-2025-48756

In groupnumber in the scsir crate 0.2.0 for Rust, there can be an overflow because a hardware device may expect a small number of bits e.g., 5 bits for group number...

9.8CVSS0.00276EPSS
Exploits1References2
CVE
CVE
added 2025/05/24 12:0 a.m.54 views

CVE-2025-48756

The CVE-2025-48756 entry concerns the scsir crate (Rust) version 0.2.0, where the function group_number can overflow when a hardware device expects a small number of bits (for example 5) to represent the group number. This is the stated root cause and aligns with the NVD description. The availabl...

9.8CVSS7.2AI score0.00276EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2025/05/24 12:0 a.m.5 views

Rust 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation in the United States. A security vulnerability exists in Rust that stems from a possible overflow in groupnumber, where a hardware device may expect a small number of bits to be used to represent a group number...

2.9CVSS6.6AI score0.00276EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/05/24 12:0 a.m.14 views

CVE-2025-48756

In groupnumber in the scsir crate 0.2.0 for Rust, there can be an overflow because a hardware device may expect a small number of bits e.g., 5 bits for group number...

2.9CVSS0.00276EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/05/24 12:0 a.m.4 views

PT-2025-22833

Name of the Vulnerable Software and Affected Versions scsir crate version 0.2.0 Description The issue arises from an overflow in the group number due to a potential mismatch between the expected number of bits by a hardware device, typically a small number such as 5 bits, and the actual value...

9.8CVSS5.9AI score0.00276EPSS
Exploits1References9
Vulnrichment
Vulnrichment
added 2025/05/24 12:0 a.m.8 views

CVE-2025-48756

In groupnumber in the scsir crate 0.2.0 for Rust, there can be an overflow because a hardware device may expect a small number of bits e.g., 5 bits for group number...

2.9CVSS7.2AI score0.00276EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.7 views

kernel: ext4: allow ext4_get_group_info() to fail

In the Linux kernel, the following vulnerability has been resolved: ext4: allow ext4getgroupinfo to fail Previously, ext4getgroupinfo would treat an invalid group number as BUG, since in theory it should never happen. However, if a malicious attaker or fuzzer modifies the superblock via the block...

5.5CVSS6.8AI score0.00145EPSS
Exploits0References5
OSV
OSV
added 2024/05/21 4:15 p.m.1 views

DEBIAN-CVE-2023-52805

In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in diAlloc Currently there is not check against the agno of the iag while allocating new inodes to avoid fragmentation problem. Added the check which is required...

7.8CVSS5.4AI score0.00255EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2013/03/25 12:0 a.m.39 views

Firebird Relational Database CNCT Group Number Buffer Overflow Vulnerability (Windows)

This host is running Firebird server and is prone to buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: gbfirebirdcnctnumbofvulnwin.nasl 7552 2017-10-24 13:00:36Z cfischer $ Firebird Relational Database CNCT Group Number Buffer Overflow Vulnerability Windows Authors: Antu Sanadi...

6.8CVSS0.2AI score0.42166EPSS
Exploits6References4
0day.today
0day.today
added 2013/03/09 12:0 a.m.71 views

Firebird Relational Database CNCT Group Number Buffer Overflow

This Metasploit module exploits a vulnerability in Firebird SQL Server. A specially crafted packet can be sent which will overwrite a pointer allowing the attacker to control where data is read from. Shortly, following the controlled read, the pointer is called resulting in code execution. The...

6.8CVSS0.2AI score0.42166EPSS
Exploits6
Packet Storm
Packet Storm
added 2013/03/08 12:0 a.m.31 views

Firebird Relational Database CNCT Group Number Buffer Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Firebird Relational Database CNCT Gro...

6.8CVSS0.8AI score0.42166EPSS
Exploits6
Rows per page
Query Builder