Lucene search
K

232 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Qemu

An “off-by-one” error was detected in QEMU’s KVM Xen guest support. A malicious guest could exploit this flaw to trigger out-of-bounds heap accesses in the QEMU process through the emulated Xen physdev hypercall interface, resulting in a denial of service or potential memory corruption...

6.5CVSS7.1AI score0.00143EPSS
Exploits0References2
OSV
OSV
added 2026/05/28 2:52 p.m.6 views

SUSE-SU-2026:21912-1 Security update for qemu

This update for qemu fixes the following issues - CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto bsc1255400. - CVE-2026-0665: out-of-bounds heap access can lead to a denial of service or potential memory corruption bsc1256484. - CVE-2026-2243: incorrect bounds check leads to heap...

7.4CVSS6.9AI score0.00143EPSS
Exploits1References13
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.21 views

Canonical Ubuntu Linux 安全漏洞

Canonical Ubuntu Linux is a Linux operating system developed by the British company Canonical. The Canonical Ubuntu Linux versions 6.8, 6.17, and 7.0 have security vulnerabilities. These vulnerabilities stem from an incorrect calculation of the internal buffer size, which may lead to out-of-bound...

7.8CVSS5.9AI score0.00107EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Blender

A missing bounds check in the image loader used in Blender 3.x and 2.93.8 leads to out-of-bounds heap access, allowing an attacker to cause denial of service, memory corruption, or potentially code execution...

7.8CVSS7.2AI score0.0113EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Qemu

A out-of-bounds heap buffer access issue was identified in the ARM Generic Interrupt Controller emulator of QEMU, as of and including qemu 4.2.0 on the aarch64 platform. The issue arises because, when writing an interrupt ID to the controller’s memory area, it is not masked to be 4 bits wide. Thi...

6CVSS6.7AI score0.00323EPSS
Exploits0References2
NVD
NVD
added 2026/05/19 7:16 p.m.15 views

CVE-2026-33642

Kitty is a cross-platform GPU based terminal. In versions 0.46.2 and below, the handlecomposecommand function in kitty/graphics.c performs bounds validation on composition offsets using unsigned 32-bit arithmetic that is subject to integer wrapping, potentially leading to Heap Buffer...

9.9CVSS0.00286EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.7 views

Open vSwitch 安全漏洞

Open vSwitch is a virtual switch developed as part of the Collaborative Project. There is a security vulnerability in Open vSwitch. This vulnerability arises when configuring conntrack streams that use FTP auxiliary programs. A remote attacker can send a specially crafted FTP stream, resulting in...

5.9CVSS5.8AI score0.00405EPSS
Exploits0References2
NVD
NVD
added 2026/04/24 3:16 p.m.6 views

CVE-2026-31570

In the Linux kernel, the following vulnerability has been resolved: can: gw: fix OOB heap access in cgwcsumcrc8rel cgwcsumcrc8rel correctly computes bounds-safe indices via calcidx: int from = calcidxcrc8-fromidx, cf-len; int to = calcidxcrc8-toidx, cf-len; int res = calcidxcrc8-resultidx, cf-len...

8.8CVSS0.00262EPSS
Exploits0References8
OSV
OSV
added 2026/04/24 2:35 p.m.1 views

CVE-2026-31570 can: gw: fix OOB heap access in cgw_csum_crc8_rel()

In the Linux kernel, the following vulnerability has been resolved: can: gw: fix OOB heap access in cgwcsumcrc8rel cgwcsumcrc8rel correctly computes bounds-safe indices via calcidx: int from = calcidxcrc8-fromidx, cf-len; int to = calcidxcrc8-toidx, cf-len; int res = calcidxcrc8-resultidx, cf-len...

8.8CVSS5.8AI score0.00262EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/04/24 2:35 p.m.33 views

CVE-2026-31570 can: gw: fix OOB heap access in cgw_csum_crc8_rel()

In the Linux kernel, the following vulnerability has been resolved: can: gw: fix OOB heap access in cgwcsumcrc8rel cgwcsumcrc8rel correctly computes bounds-safe indices via calcidx: int from = calcidxcrc8-fromidx, cf-len; int to = calcidxcrc8-toidx, cf-len; int res = calcidxcrc8-resultidx, cf-len...

8.8CVSS0.00262EPSS
Exploits0References8
EUVD
EUVD
added 2026/04/24 2:35 p.m.7 views

EUVD-2026-25463

In the Linux kernel, the following vulnerability has been resolved: can: gw: fix OOB heap access in cgwcsumcrc8rel cgwcsumcrc8rel correctly computes bounds-safe indices via calcidx: int from = calcidxcrc8-fromidx, cf-len; int to = calcidxcrc8-toidx, cf-len; int res = calcidxcrc8-resultidx, cf-len...

5.5AI score0.00262EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.6 views

PT-2026-34922

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds heap access exists in the cgw csum crc8 rel function. Although the function calculates bounds-safe indices using calc idx, it incorrectly uses raw signed 8-bit fields fo...

8.8CVSS5.3AI score0.00262EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.6 views

PT-2026-54041

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-19 Description An off-by-one error exists in morphology validation, which allows out-of-bounds heap buffer reads. An attacker can trigger a heap buffer overflow by providing incorrect morphology parameters,...

7.1CVSS6.2AI score0.00128EPSS
Exploits1References27
Vulnrichment
Vulnrichment
added 2026/04/09 6:45 p.m.2 views

CVE-2026-34971 Wasmtime miscompiled guest heap access enables sandbox escape on aarch64 Cranelift

Wasmtime is a runtime for WebAssembly. From 32.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Cranelift compilation backend contains a bug on aarch64 when performing a certain shape of heap accesses which means that the wrong address is accessed. When combined with explicit bounds checks a...

9CVSS6AI score0.00319EPSS
Exploits0References1
RustSec
RustSec
added 2026/04/09 12:0 p.m.8 views

Miscompiled guest heap access enables sandbox escape on aarch64 Cranelift

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-jhxm-h53p-jm7w For more information see the GitHub-hosted security advisory...

9CVSS5.9AI score0.00319EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/30 9:43 p.m.9 views

CVE-2026-33985 FreeRDP: ClearCodec Glyph Cache Count Desync - Heap OOB Read

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, pixel data from adjacent heap memory is rendered to screen, potentially leaking sensitive data to the attacker. This issue has been patched in version 3.24.2...

5.9CVSS5.8AI score0.00205EPSS
Exploits0References2
NVD
NVD
added 2026/02/18 9:16 p.m.10 views

CVE-2026-0665

An off-by-one error was found in QEMU's KVM Xen guest support. A malicious guest could use this flaw to trigger out-of-bounds heap accesses in the QEMU process via the emulated Xen physdev hypercall interface, leading to a denial of service or potential memory corruption...

6.5CVSS0.00143EPSS
Exploits0References2
OSV
OSV
added 2026/02/18 9:16 p.m.13 views

UBUNTU-CVE-2026-0665

An off-by-one error was found in QEMU's KVM Xen guest support. A malicious guest could use this flaw to trigger out-of-bounds heap accesses in the QEMU process via the emulated Xen physdev hypercall interface, leading to a denial of service or potential memory corruption...

6.5CVSS5.8AI score0.00143EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/02/18 12:0 a.m.12 views

QEMU 安全漏洞

QEMU Quick Emulator is a simulation software for processors developed by Fabrice Bellard from France. This software features high speed and cross-platform capabilities. QEMU has a security vulnerability, which stems from a minor error in the KVM Xen client support. This error may lead to...

6.5CVSS7.1AI score0.00143EPSS
Exploits0References2
OSV
OSV
added 2026/02/13 1:15 p.m.8 views

OESA-2026-1352 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: An "off by one" bug has been discovered in QEMU's KVM Xen guest support. A malicious client could exploit this vulnerability to trigger an out-of-bounds heap access in the QEMU process vi...

6.5CVSS5.3AI score0.00143EPSS
Exploits0References2
Rows per page
Query Builder