Lucene search
K

6 matches found

OSV
OSV
added 2026/06/25 10:14 p.m.3 views

GHSA-Q4H4-GMJ2-QVW2 golang.org/x/crypto: Invoking byte arithmetic causes underflow and panic

An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs...

7.5CVSS6AI score0.00359EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/05/22 2:31 a.m.66 views

CVE-2026-46597 Invoking byte arithmetic causes underflow and panic in golang.org/x/crypto/ssh

An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs...

0.00359EPSS
Exploits0References4
Snyk
Snyk
added 2026/02/24 1:50 a.m.3 views

Off-by-one Error

Overview Affected versions of this package are vulnerable to Off-by-one Error in CastDoubleToInt calculations. An attacker can cause the application to crash or become unresponsive by supplying a malicious SVG file. Remediation A fix was pushed into the master branch but not yet published...

8.7CVSS5.6AI score0.00594EPSS
Exploits0References2
OSV
OSV
added 2025/10/16 4:15 p.m.2 views

CVE-2025-62495

An integer overflow vulnerability exists in the QuickJS regular expression engine libregexp due to an inconsistent representation of the bytecode buffer size. The regular expression bytecode is stored in a DynBuf structure, which correctly uses a $\textsize\textt$ an unsigned type, typically...

8.8CVSS6AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2021/07/20 9:30 p.m.2 views

kernel: size_t-to-int conversion vulnerability in the filesystem layer

An out-of-bounds write flaw was found in the Linux kernel's seqfile in the Filesystem layer. This flaw allows a local attacker with a user privilege to gain access to out-of-bound memory, leading to a system crash, leak of internal kernel information and can escalate privileges. The issue results...

7.8CVSS7.1AI score0.09729EPSS
Exploits6References8
NVD
NVD
added 2018/10/29 12:29 p.m.25 views

CVE-2018-18710

An issue was discovered in the Linux kernel through 4.19. An information leak in cdromioctlselectdisc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and...

5.5CVSS6AI score0.00501EPSS
Exploits0References14
Rows per page
Query Builder