Lucene search
K

29 matches found

osv
osv
added 2026/04/25 8:50 a.m.8 views

CLSA-2026-1776878817 squid: Fix of 13 CVEs

CVE-2018-1000027: fix NULL pointer dereference in clientFollowXForwardedForCheck for transactions without a client connection - CVE-2018-19131: fix XSS via X.509 certificate fields rendered unescaped in SSL error pages - CVE-2019-12520: prevent cache poisoning by suppressing URL userinfo from...

9.8CVSS6.8AI score0.74477EPSS
Exploits2References1
susecve
susecve
added 2026/04/25 1:36 a.m.7 views

SUSE CVE-2026-31664

In the Linux kernel, the following vulnerability has been resolved: xfrm: clear trailing padding in buildpolexpire buildexpire clears the trailing padding bytes of struct xfrmuserexpire after setting the hard field via memsetafter, but the analogous function buildpolexpire does not do this for...

5.5CVSS5.4AI score0.00114EPSS
Exploits0References12
nvd
nvd
added 2026/04/24 3:16 p.m.4 views

CVE-2026-31612

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate EaNameLength in smb2getea smb2getea reads eareq-EaNameLength from the client request and passes it directly to strncmp as the comparison length without verifying that the length of the name really is the size of t...

7.5CVSS0.00415EPSS
Exploits0References7
osv
osv
added 2026/04/24 3:16 p.m.4 views

DEBIAN-CVE-2026-31614

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix off-by-8 bounds check in checkwsleas The bounds check uses u8 ea + nlen + 1 + vlen as the end of the EA name and value, but eadata sits at offset sizeofstruct smb2filefulleainfo = 8 from ea, not at offset 0. The...

7.1CVSS5.2AI score0.00126EPSS
Exploits0References1
cvelist
cvelist
added 2026/04/24 2:42 p.m.31 views

CVE-2026-31614 smb: client: fix off-by-8 bounds check in check_wsl_eas()

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix off-by-8 bounds check in checkwsleas The bounds check uses u8 ea + nlen + 1 + vlen as the end of the EA name and value, but eadata sits at offset sizeofstruct smb2filefulleainfo = 8 from ea, not at offset 0. The...

0.00126EPSS
Exploits0References6
attackerkb
attackerkb
added 2026/04/24 2:42 p.m.4 views

CVE-2026-31614

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix off-by-8 bounds check in checkwsleas The bounds check uses u8 ea + nlen + 1 + vlen as the end of the EA name and value, but eadata sits at offset sizeofstruct smb2filefulleainfo = 8 from ea, not at offset 0. The...

7.1CVSS5.2AI score0.00126EPSS
Exploits0References7Affected Software1
cve
cve
added 2026/04/24 2:42 p.m.21 views

CVE-2026-31612

The CVE-2026-31612 entry concerns ksmbd in the Linux kernel. The vulnerability arises in smb2_get_ea(): the code reads EaNameLength from the client request and passes it directly to strncmp() as the comparison length without validating that the name length matches the input buffer size. The publi...

7.5CVSS5.4AI score0.00415EPSS
Exploits0References7Affected Software1
alpinelinux
alpinelinux
added 2026/04/09 2:41 p.m.3 views

CVE-2026-34757

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.0.9 to before 1.6.57, passing a pointer obtained from pnggetPLTE, pnggettRNS, or pnggethIST back into the corresponding setter on the same...

5.1CVSS6AI score0.00195EPSS
Exploits1References6
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-37238

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00324EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 2:2 a.m.8 views

CVE-2023-33049

Transient DOS in Multi-Mode Call Processor due to UE failure because of heap leakage...

7.5CVSS7AI score0.00324EPSS
Exploits0References1
amazon
amazon
added 2025/03/06 12:0 a.m.12 views

Medium: php8.2

Issue Overview: The upstream advisory describes this issue as follows: A memory-related vulnerability in PHP's filter handling system, particularly when processing input with convert.quoted-printable-decode filters, leads to a segmentation fault. This vulnerability is triggered through specific...

9.8CVSS8.4AI score0.02286EPSS
Exploits6
attackerkb
attackerkb
added 2024/07/02 7:15 p.m.2 views

CVE-2022-25479

Vulnerability in Realtek RtsPer driver for PCIe Card Reader RtsPer.sys before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader RtsUer.sys before 10.0.22000.31274 allows for the leakage of kernel memory from both the stack and the heap...

6.1CVSS5.3AI score0.00631EPSS
Exploits1References5
nvd
nvd
added 2024/02/06 6:15 a.m.30 views

CVE-2023-33049

Transient DOS in Multi-Mode Call Processor due to UE failure because of heap leakage...

7.5CVSS7.5AI score0.00324EPSS
Exploits0References1
prion
prion
added 2024/02/06 6:15 a.m.27 views

Heap overflow

Transient DOS in Multi-Mode Call Processor due to UE failure because of heap leakage...

5CVSS7.2AI score0.00324EPSS
Exploits0References1
cvelist
cvelist
added 2024/02/06 5:46 a.m.30 views

CVE-2023-33049 Improper Release of Memory Before Removing Last Reference in Multi-Mode Call Processor

Transient DOS in Multi-Mode Call Processor due to UE failure because of heap leakage...

7.5CVSS7.7AI score0.00324EPSS
Exploits0References1
cve
cve
added 2024/02/06 5:46 a.m.89 views

CVE-2023-33049

CVE-2023-33049 is described across multiple connected records as a transient DoS in the Qualcomm Multi‑Mode Call Processor caused by a heap leakage/ improper memory release, leading to UE failure. The vulnerability is associated with Qualcomm closed‑source components; CVSSv3.1 flags a network att...

7.5CVSS7.5AI score0.00324EPSS
Exploits0References1Affected Software1
ptsecurity
ptsecurity
added 2024/02/06 12:0 a.m.7 views

PT-2024-12384 · Unknown · Multi-Mode Call Processor

Name of the Vulnerable Software and Affected Versions: Multi-Mode Call Processor affected versions not specified Description: The issue is related to a Transient Denial of Service DOS in the Multi-Mode Call Processor. This occurs due to a UE failure caused by heap leakage. Recommendations: At the...

7.5CVSS6.8AI score0.00324EPSS
Exploits0References4
nvd
nvd
added 2023/03/27 10:15 p.m.21 views

CVE-2023-0179

A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution...

7.8CVSS8.3AI score0.01944EPSS
Exploits5References4
osv
osv
added 2023/03/27 10:15 p.m.5 views

AZL-25932 CVE-2023-0179 affecting package kernel for versions less than 5.15.107.1-2

A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution...

7.8CVSS7.2AI score0.01944EPSS
Exploits5References1
osv
osv
added 2022/05/10 8:15 p.m.1 views

DEBIAN-CVE-2022-20008

In mmcblkreadsingle of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card that triggers errors, with no additional execution privileges needed. User interaction is not needed for...

4.6CVSS6.4AI score0.00361EPSS
Exploits0References1
Rows per page
Query Builder