Lucene search
+L

9687 matches found

redhatcve
redhatcve
added 2026/06/25 11:6 p.m.5 views

CVE-2026-53196

A flaw was found in the Linux kernel's ioti USB serial driver. A malicious USB device, when plugged into a host running this driver, can exploit a heap overflow vulnerability in the getmanufinfo function. This occurs because the driver does not properly validate the size of data read from the...

6.8CVSS6.2AI score0.00284EPSS
Exploits0References4
nvd
nvd
added 2026/06/25 9:16 p.m.8 views

CVE-2026-6678

Integer underflow in wcPKCS7DecryptOri when handling crafted Other Recipient Info, leading to incorrect length handling during decryption...

5.3CVSS0.0019EPSS
Exploits0References3
osv
osv
added 2026/06/25 9:16 p.m.2 views

DEBIAN-CVE-2026-6678

Integer underflow in wcPKCS7DecryptOri when handling crafted Other Recipient Info, leading to incorrect length handling during decryption...

5.3CVSS5.8AI score0.0019EPSS
Exploits0References1
osv
osv
added 2026/06/25 9:16 p.m.4 views

UBUNTU-CVE-2026-6678

Integer underflow in wcPKCS7DecryptOri when handling crafted Other Recipient Info, leading to incorrect length handling during decryption...

5.3CVSS5.8AI score0.0019EPSS
Exploits0References5
euvd
euvd
added 2026/06/25 8:16 p.m.8 views

EUVD-2026-39558

Integer underflow in wcPKCS7DecryptOri when handling crafted Other Recipient Info, leading to incorrect length handling during decryption...

1CVSS5.8AI score0.0019EPSS
Exploits0References2
cvelist
cvelist
added 2026/06/25 8:16 p.m.26 views

CVE-2026-6678 Integer underflow in wc_PKCS7_DecryptOri handling crafted Other Recipient Info

Integer underflow in wcPKCS7DecryptOri when handling crafted Other Recipient Info, leading to incorrect length handling during decryption...

1CVSS0.0019EPSS
Exploits0References2
alpinelinux
alpinelinux
added 2026/06/25 8:16 p.m.7 views

CVE-2026-6678

Integer underflow in wcPKCS7DecryptOri when handling crafted Other Recipient Info, leading to incorrect length handling during decryption...

5.3CVSS5.8AI score0.0019EPSS
Exploits0References3
cve
cve
added 2026/06/25 8:16 p.m.18 views

CVE-2026-6678

CVE-2026-6678 affects wolfSSL’s wc_PKCS7_DecryptOri function. A crafted Other Recipient Info triggers an integer underflow, causing incorrect length handling during decryption. Impact is described as decryption length mismanagement; no explicit exploitation details are provided in the connected d...

5.3CVSS5.8AI score0.0019EPSS
Exploits0References3Affected Software1
osv
osv
added 2026/06/25 11:51 a.m.3 views

OPENSUSE-SU-2026:21057-1 Security update for libssh2_org

This update for libssh2org fixes the following issues - CVE-2026-55199: pre-Authentication DoS via SSHMSGEXTINFO Handler bsc1268530. - CVE-2026-55200: out-of-Bounds write via Unchecked packetlength in transport.c bsc1268531...

9.2CVSS7.4AI score0.00732EPSS
Exploits11References4
nvd
nvd
added 2026/06/25 9:16 a.m.8 views

CVE-2026-53203

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add buffer overflow check in MS getinfoioctl Add validation that the info size returned from the metric stream info query is not exceeded when checked against the allocated buffer size. If the firmware returns a size...

7.1CVSS0.00153EPSS
Exploits0References7
osv
osv
added 2026/06/25 9:16 a.m.4 views

UBUNTU-CVE-2026-53203

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add buffer overflow check in MS getinfoioctl Add validation that the info size returned from the metric stream info query is not exceeded when checked against the allocated buffer size. If the firmware returns a size...

7.1CVSS6AI score0.00153EPSS
Exploits0References7
euvd
euvd
added 2026/06/25 8:39 a.m.7 views

EUVD-2026-39194

In the Linux kernel, the following vulnerability has been resolved: rseq: Fix using an uninitialized stack variable in rseqexituserupdate There is an bug in which an uninitialized stack variable is used in rseqexituserupdate as reported by syzbot: BUG: KMSAN: kernel-infoleak in rseqsetidsgetcsadd...

5.7AI score0.00112EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53203

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add buffer overflow check in MS getinfoioctl Add validation that the info size returned from the metric stream info query is not exceeded when checked against the allocated buffer size. If the firmware returns a size...

6AI score0.00153EPSS
Exploits0References5Affected Software1
euvd
euvd
added 2026/06/25 8:39 a.m.6 views

EUVD-2026-39294

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add buffer overflow check in MS getinfoioctl Add validation that the info size returned from the metric stream info query is not exceeded when checked against the allocated buffer size. If the firmware returns a size...

6AI score0.00153EPSS
Exploits0References4
cvelist
cvelist
added 2026/06/25 8:39 a.m.34 views

CVE-2026-53203 accel/ivpu: Add buffer overflow check in MS get_info_ioctl

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add buffer overflow check in MS getinfoioctl Add validation that the info size returned from the metric stream info query is not exceeded when checked against the allocated buffer size. If the firmware returns a size...

7.1CVSS0.00153EPSS
Exploits0References4
debiancve
debiancve
added 2026/06/25 8:39 a.m.5 views

CVE-2026-53196

In the Linux kernel, the following vulnerability has been resolved: USB: serial: ioti: fix heap overflow in getmanufinfo getmanufinfo reads le16tocpuromdesc-Size bytes from the device I2C EEPROM into a buffer allocated with kmallocobj, which is sizeofstruct edgetimanufdescriptor = 10 bytes. The...

6.8CVSS5.9AI score0.00284EPSS
Exploits0
susecve
susecve
added 2026/06/25 2:19 a.m.7 views

SUSE CVE-2026-52943

In the Linux kernel, the following vulnerability has been resolved: net: skbuff: fix missing zerocopy reference in pskbcarve helpers pskbcarveinsideheader and pskbcarveinsidenonlinear both copy the old skbsharedinfo header into a new buffer via memcpy, which includes the destructorarg pointer uar...

7CVSS5.9AI score0.00238EPSS
Exploits1References12
ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.16 views

PT-2026-52586

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An integer underflow occurs in the wc PKCS7 DecryptOri function when processing specially crafted Other Recipient Info. This leads to incorrect length handling...

5.3CVSS5.7AI score0.0019EPSS
Exploits0References9
ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.16 views

PT-2026-52338

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists where an uninitialized stack variable is used within the rseq exit user update function. This occurs because the evaluation order of expressions in an initializer list is...

5.5CVSS6AI score0.00112EPSS
Exploits0References13
ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.10 views

PT-2026-52299

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the accel/ivpu component where the get info ioctl function fails to validate the info size returned from the metric stream info query against the allocated buffer size...

7.1CVSS6.2AI score0.00153EPSS
Exploits0References16
Rows per page
Query Builder