Lucene search
K

1448 matches found

RedHat Linux
RedHat Linux
added 6 days ago4 views

golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A ...

6.5CVSS6.7AI score0.00643EPSS
Exploits1References8
RedhatCVE
RedhatCVE
added 2026/06/25 6:17 p.m.4 views

CVE-2026-52968

A flaw was found in the Linux kernel's KVM Kernel-based Virtual Machine subsystem, specifically affecting s390 PCI devices. This vulnerability arises from incorrect pointer arithmetic during the indexing of the Guest Access Instruction Table GAIT, leading to out-of-bounds memory access. A local...

6.4CVSS5.8AI score0.0018EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/25 1:15 p.m.5 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB SetMap request via mapWidths indexing

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. XkbSetMapChecks declares a fixed-size stack buffer mapWidths256 indexed by key type index. The helper function CheckKeyTypes writes to this buffer at a client-controlled offset, allowing a stack buffer overflow. This...

7.8CVSS6.3AI score0.00165EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/25 11:0 a.m.4 views

golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A ...

6.5CVSS6.7AI score0.00643EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.9 views

PT-2026-52447

Name of the Vulnerable Software and Affected Versions Nokogiri versions prior to 1.19.4 Description Nokogiri is an open source XML and HTML library for the Ruby programming language. The Nokogiri::XML::NodeSet function and its alias slice performs a bounds check on the requested index using a...

8.2CVSS5.7AI score0.00331EPSS
Exploits0References3
AlmaLinux
AlmaLinux
added 2026/06/25 12:0 a.m.6 views

Important: tigervnc security update

Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients...

7.8CVSS6.1AI score0.00165EPSS
Exploits0References20
EUVD
EUVD
added 2026/06/24 6:32 p.m.3 views

EUVD-2026-38836

In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pci: fix GAIT table indexing due to double-scaling pointer arithmetic kvms390pciaifenable, kvms390pciaifdisable, and aenhostforward index the GAIT by manually multiplying the index with sizeofstruct zpcigaite. Since...

5.7AI score0.0018EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:28 p.m.6 views

CVE-2026-52968

In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pci: fix GAIT table indexing due to double-scaling pointer arithmetic kvms390pciaifenable, kvms390pciaifdisable, and aenhostforward index the GAIT by manually multiplying the index with sizeofstruct zpcigaite. Since...

5.7AI score0.0018EPSS
Exploits0References7Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/22 2:43 a.m.3 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB SetMap request via mapWidths indexing

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. XkbSetMapChecks declares a fixed-size stack buffer mapWidths256 indexed by key type index. The helper function CheckKeyTypes writes to this buffer at a client-controlled offset, allowing a stack buffer overflow. This...

7.8CVSS6.3AI score0.00165EPSS
Exploits0References7
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wc938x: fixed an issue where accessing an array was done outside the bounds of the enum value. Accessing enums using integers resulted in accessing an array outside its bounds on platforms like aarch64, where...

7.1CVSS5.7AI score0.00259EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/06/12 12:0 a.m.6 views

FreeType Contour Boundary Validation Utility

This is a FreeType contour boundary validation utility for detecting indexing and integer-limit risks. It implements a validation routine for detecting unsafe contour metadata conditions by evaluating contour counts and index boundaries against expected limits...

5.3AI score
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/11 1:40 p.m.9 views

golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A ...

6.5CVSS7AI score0.00643EPSS
Exploits1References8
Redos
Redos
added 2026/06/11 12:0 a.m.7 views

ROS-20260611-73-0002

The vulnerability of the URBDRC RDP-client-freeRDP device lies in unvalidated array indexing. Exploiting this vulnerability could allow an attacker to execute arbitrary code or cause service failures...

9.1CVSS6AI score0.00756EPSS
Exploits1
Redos
Redos
added 2026/06/11 12:0 a.m.7 views

ROS-20260611-73-0001

The vulnerability of the URBDRC RDP-client-freeRDP device lies in unvalidated array indexing. Exploiting this vulnerability could allow an attacker to execute arbitrary code or cause service failures...

9.1CVSS6AI score0.00756EPSS
Exploits1
Cvelist
Cvelist
added 2026/06/09 10:27 p.m.41 views

CVE-2026-9752 GeometryCollection with strict-winding polygon causes server crash during 2dsphere index key generation

An authorized user could trigger a server crash by running a query with a 2dsphere index on a field that stores a GeoJSON GeometryCollection containing a Polygon with a strict-winding CRS. Strict-winding polygons are intentionally unsupported for indexing, but the guard that rejects them does not...

7.1CVSS0.0027EPSS
Exploits0References1
MongoDB
MongoDB
added 2026/06/09 10:27 p.m.12 views

GeometryCollection with strict-winding polygon causes server crash during 2dsphere index key generation

An authorized user could trigger a server crash by running a query with a 2dsphere index on a field that stores a GeoJSON GeometryCollection containing a Polygon with a strict-winding CRS. Strict-winding polygons are intentionally unsupported for indexing, but the guard that rejects them does not...

7.1CVSS5.4AI score0.0027EPSS
Exploits0References1Affected Software1
Microsoft CVE
Microsoft CVE
added 2026/06/09 8:2 a.m.9 views

Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: stack buffer overflow in xkb setmap request via mapwidths indexing

...

7.8CVSS5.4AI score0.00165EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.18 views

PT-2026-48302

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An authorized user can cause a server crash by executing a query using a 2dsphere index on a field containing a GeoJSON GeometryCollection. The issue occurs when...

7.1CVSS5.5AI score0.0027EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-46263

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amd/display: Fix out-of-bounds stream encoder index v3 engid can be negative and that streamencregs can be indexed out of bounds. engid is used directly as ...

7.8CVSS7.1AI score0.0012EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/03 8:19 a.m.11 views

golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A ...

6.5CVSS6.9AI score0.00643EPSS
Exploits1References8
Rows per page
Query Builder