22 matches found
CVE-2026-32849
NetBSD prior to commit ec8451e contains a signed integer overflow vulnerability in the cryptodevop function in sys/opencrypto/cryptodev.c where the local variable iovlen is declared as a signed int but assigned from an unsigned cop-dstlen value, causing undefined behavior when cop-dstlen exceeds...
EUVD-2025-2597
Malicious code in bioql PyPI...
CVE-2025-38201
CVE-2025-38201 affects the Linux kernel netfilter nft_set_pipapo. The issue arises when resizing hashtables in netfilter, where WARN_ON_ONCE can trigger if GFP flags allow high bucket counts; the fix clamps the maximum map bucket size to INT_MAX. The vulnerability is described as local-attack-vec...
CVE-2025-21648
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: clamp maximum hashtable size to INTMAX Use INTMAX as maximum size for the conntrack hashtable. Otherwise, it is possible to hit WARNONONCE in kvmallocnodenoprof when resizing hashtable because GFPNOWARN is...
CVE-2025-21648 netfilter: conntrack: clamp maximum hashtable size to INT_MAX
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: clamp maximum hashtable size to INTMAX Use INTMAX as maximum size for the conntrack hashtable. Otherwise, it is possible to hit WARNONONCE in kvmallocnodenoprof when resizing hashtable because GFPNOWARN is...
CVE-2025-21648 netfilter: conntrack: clamp maximum hashtable size to INT_MAX
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: clamp maximum hashtable size to INTMAX Use INTMAX as maximum size for the conntrack hashtable. Otherwise, it is possible to hit WARNONONCE in kvmallocnodenoprof when resizing hashtable because GFPNOWARN is...
CVE-2023-52868
In the Linux kernel, the following vulnerability has been resolved: thermal: core: prevent potential string overflow The dev-id value comes from idaalloc so it's a number between zero and INTMAX. If it's too high then these sprintfs will overflow...
CVE-2024-26819
CVE-2024-26819 is rejected/not used; this entry does not represent an active vulnerability.
CVE-2023-52429
dmtablecreate in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to in alloctargets allocate more than INTMAX bytes, and crash, because of a missing check for struct dmioctl.targetcount...
Design/Logic Flaw
dmtablecreate in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to in alloctargets allocate more than INTMAX bytes, and crash, because of a missing check for struct dmioctl.targetcount...
CVE-2023-52429
dmtablecreate in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to in alloctargets allocate more than INTMAX bytes, and crash, because of a missing check for struct dmioctl.targetcount...
Design/Logic Flaw
The aprwrite function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using aprwrite or aprputs, such as with modluas r:puts function. Modules compiled and distributed separately from Apache HTTP Server that use t...
CVE-2020-12651
SecureCRT before 8.7.2 allows remote attackers to execute arbitrary code via an Integer Overflow and a Buffer Overflow because a banner can trigger a line number to CSI functions that exceeds INTMAX...
Huawei EulerOS: Security Advisory for polkit (EulerOS-SA-2019-2314)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.3.0 : polkit (EulerOS-SA-2019-2314)
According to the version of the polkit packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - A flaw was found in PolicyKit aka polkit 0.115 that allows a user with a uid greater than INTMAX to successfully execute...
Warning! Unprivileged Linux Users With UID > INT_MAX Can Execute Any Command
Hold tight, this may blow your mind… A low-privileged user account on most Linux operating systems with UID value anything greater than 2147483647 can execute any systemctl command unauthorizedly—thanks to a newly discovered vulnerability. The reported vulnerability actually resides in PolicyKit...
CVE-2018-19788
A flaw was found in PolicyKit aka polkit 0.115 that allows a user with a uid greater than INTMAX to successfully execute any systemctl command...
CVE-2018-19788
A flaw was found in PolicyKit aka polkit 0.115 that allows a user with a uid greater than INTMAX to successfully execute any systemctl command...
CVE-2018-19788
A flaw was found in PolicyKit aka polkit 0.115 that allows a user with a uid greater than INTMAX to successfully execute any systemctl command...
CVE-2018-19788
A flaw was found in PolicyKit aka polkit 0.115 that allows a user with a uid greater than INTMAX to successfully execute any systemctl command...