Lucene search
K

1463 matches found

RedHat Linux
RedHat Linux
added 3 days ago6 views

Important: Red Hat Security Advisory: xorg-x11-server-Xwayland security update

An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

7.8CVSS6.8AI score0.00165EPSS
Exploits0References10
Cvelist
Cvelist
added 6 days ago28 views

CVE-2026-59162 Excelize: Negative shared-string index causes panic in GetCellValue and GetRows

Excelize is a Go language library for reading and writing Microsoft Excel spreadsheets. Prior to 2.11.0, Excelize parses shared-string cell values with strconv.Atoi and checks only the upper bound before indexing the shared string slice, allowing an XLSX file containing a shared-string cell with ...

6.9CVSS0.00524EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/07/01 11:30 a.m.5 views

golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A ...

6.5CVSS6.7AI score0.00643EPSS
Exploits1References8
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:11 a.m.3 views

KVM: s390: pci: fix GAIT table indexing due to double-scaling pointer arithmetic

...

7.1CVSS6.1AI score0.00131EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/25 6:17 p.m.4 views

CVE-2026-52968

A flaw was found in the Linux kernel's KVM Kernel-based Virtual Machine subsystem, specifically affecting s390 PCI devices. This vulnerability arises from incorrect pointer arithmetic during the indexing of the Guest Access Instruction Table GAIT, leading to out-of-bounds memory access. A local...

7.1CVSS5.8AI score0.00131EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2026/06/25 2:31 p.m.6 views

CVE-2026-57235

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::NodeSet and its alias slice checked the requested index against the node set's bounds using a 32-bit-truncated copy of the index. A large negative index could pass the check and then...

8.2CVSS5.8AI score0.00331EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/25 1:15 p.m.6 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB SetMap request via mapWidths indexing

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. XkbSetMapChecks declares a fixed-size stack buffer mapWidths256 indexed by key type index. The helper function CheckKeyTypes writes to this buffer at a client-controlled offset, allowing a stack buffer overflow. This...

7.8CVSS6.3AI score0.00165EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/25 11:0 a.m.4 views

golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A ...

6.5CVSS6.7AI score0.00643EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.9 views

PT-2026-52447

Name of the Vulnerable Software and Affected Versions Nokogiri versions prior to 1.19.4 Description Nokogiri is an open source XML and HTML library for the Ruby programming language. The Nokogiri::XML::NodeSet function and its alias slice performs a bounds check on the requested index using a...

8.2CVSS5.7AI score0.00331EPSS
Exploits0References3
AlmaLinux
AlmaLinux
added 2026/06/25 12:0 a.m.8 views

Important: tigervnc security update

Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients...

7.8CVSS6.1AI score0.00165EPSS
Exploits0References20
EUVD
EUVD
added 2026/06/24 6:32 p.m.3 views

EUVD-2026-38836

In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pci: fix GAIT table indexing due to double-scaling pointer arithmetic kvms390pciaifenable, kvms390pciaifdisable, and aenhostforward index the GAIT by manually multiplying the index with sizeofstruct zpcigaite. Since...

5.7AI score0.00131EPSS
Exploits0References7
NVD
NVD
added 2026/06/24 5:17 p.m.8 views

CVE-2026-52968

In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pci: fix GAIT table indexing due to double-scaling pointer arithmetic kvms390pciaifenable, kvms390pciaifdisable, and aenhostforward index the GAIT by manually multiplying the index with sizeofstruct zpcigaite. Since...

7.1CVSS0.00131EPSS
Exploits0References6
OSV
OSV
added 2026/06/24 4:28 p.m.3 views

CVE-2026-52968 KVM: s390: pci: fix GAIT table indexing due to double-scaling pointer arithmetic

In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pci: fix GAIT table indexing due to double-scaling pointer arithmetic kvms390pciaifenable, kvms390pciaifdisable, and aenhostforward index the GAIT by manually multiplying the index with sizeofstruct zpcigaite. Since...

7.1CVSS5.8AI score0.00131EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:28 p.m.6 views

CVE-2026-52968

In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pci: fix GAIT table indexing due to double-scaling pointer arithmetic kvms390pciaifenable, kvms390pciaifdisable, and aenhostforward index the GAIT by manually multiplying the index with sizeofstruct zpcigaite. Since...

5.7AI score0.00131EPSS
Exploits0References7Affected Software1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: tpm2-sessions: Fixed an out-of-range indexing issue in namesize. namesize does not have any range checks; it simply indexes using TPMALGID, which could lead to memory corruption in extreme cases. The issue is addressed by only...

6.4AI score0.00166EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/22 2:43 a.m.5 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB SetMap request via mapWidths indexing

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. XkbSetMapChecks declares a fixed-size stack buffer mapWidths256 indexed by key type index. The helper function CheckKeyTypes writes to this buffer at a client-controlled offset, allowing a stack buffer overflow. This...

7.8CVSS6.3AI score0.00165EPSS
Exploits0References7
OSV
OSV
added 2026/06/19 12:3 a.m.10 views

RLSA-2026:26610 Important: xorg-x11-server security, bug fix, and enhancement update

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fixes: xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution du...

7.8CVSS5.7AI score0.00165EPSS
Exploits0References10
Packet Storm News
Packet Storm News
added 2026/06/12 12:0 a.m.9 views

FreeType Contour Boundary Validation Utility

This is a FreeType contour boundary validation utility for detecting indexing and integer-limit risks. It implements a validation routine for detecting unsafe contour metadata conditions by evaluating contour counts and index boundaries against expected limits...

5.3AI score
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/11 1:40 p.m.10 views

golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A ...

6.5CVSS7AI score0.00643EPSS
Exploits1References8
Redos
Redos
added 2026/06/11 12:0 a.m.9 views

ROS-20260611-73-0001

The vulnerability of the URBDRC RDP-client-freeRDP device lies in unvalidated array indexing. Exploiting this vulnerability could allow an attacker to execute arbitrary code or cause service failures...

9.1CVSS6AI score0.00756EPSS
Exploits1
Rows per page
Query Builder