Lucene search
K

408 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/01 10:5 p.m.11 views

CVE-2026-24089

Memory corruption while processing fastboot commands with invalid input...

7.2CVSS5.8AI score0.00097EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/01 10:5 p.m.11 views

CVE-2026-24089 Improper Validation of Syntactic Correctness of Input in Kernel

Memory corruption while processing fastboot commands with invalid input...

7.2CVSS5.8AI score0.00097EPSS
Exploits0References1
CVE
CVE
added 2026/06/01 10:5 p.m.31 views

CVE-2026-24089

CVE-2026-24089 describes memory corruption that occurs when processing fastboot commands with invalid input. The NVD entry lists a CVSS v3.1 base score of 7.2 (HIGH) with physical attack vector, low attack complexity, no user interaction, requiring high privileges, and a changed scope. The impact...

7.2CVSS5.8AI score0.00097EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.14 views

PT-2026-45644

Memory corruption while processing fastboot commands with invalid input...

7.2CVSS5.8AI score0.00097EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/26 2:0 a.m.11 views

CVE-2026-9521 fraillt bitsery std_smart_ptr.h loadFromSharedState improper validation of specified type of input

A security vulnerability has been detected in fraillt bitsery up to 5.2.4. Affected is the function loadFromSharedState in the library include/bitsery/ext/stdsmartptr.h. Such manipulation leads to improper validation of specified type of input. It is possible to launch the attack remotely. The...

7.5CVSS6.6AI score0.00401EPSS
Exploits0References8
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: acpi: nfit: fixed the narrowing conversion in acpinfitctl Syzkaller reported a warning in tonfitbusuuid: “Only secondary bus families can be translated”. This warning is emitted if the argument equals NVDIMMBUSFAMILYNFIT == 0...

5.5CVSS6.4AI score0.00174EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in unrar-nonfree

RARLAB WinRAR Recovery Volume: Improper validation of array index leads to remote code execution vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability, as the targe...

7.8CVSS8.5AI score0.1308EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: bpf, testrun: Fixed an use-after-free issue in ethskbpkttype. KMSAN reported a use-after-free issue in ethskbpkttype1. The cause of the issue was that ethskbpkttype accessed data from skb that did not contain an Ethernet heade...

7.8CVSS6.4AI score0.00181EPSS
Exploits0References2
NVD
NVD
added 2026/05/19 5:16 p.m.20 views

CVE-2026-5511

In the web management interface of Archer AX72 SG v1, the network diagnostic feature improperly handles invalid user input, resulting in limited exposure of diagnostic command usage information. An authenticated attacker with administrative privileges could exploit this issue to confirm the...

4.6CVSS0.00216EPSS
Exploits0References2
Rosalinux
Rosalinux
added 2026/05/19 2:16 p.m.9 views

Advisory ROSA-SA-2026-3279

software: tomcat 9.0.37 WASP: ROSA-CHROME unaffected versions = tomcat-9.0.37-16 affected versions tomcat-9.0.37-16 CVE-ID: CVE-2026-24733 BDU-ID: None CVE-Crit: LOW CVE-DESC.: An invalid input validation vulnerability in Apache Tomcat allows a remote attacker to bypass security restrictions by...

6.5CVSS6.9AI score0.00494EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.13 views

TP-Link Archer AX72 安全漏洞

The TP-Link Archer AX72 is a Wi-Fi 6 wireless router produced by TP-Link Corporation. The TP-Link Archer AX72 SG v1 version has a security vulnerability. This vulnerability arises from the improper handling of invalid user inputs by the network diagnostic function, which may lead to limited...

4.6CVSS5.8AI score0.00216EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/13 7:33 p.m.8 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.3AI score0.00728EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/05/09 2:41 a.m.11 views

SUSE CVE-2026-43169

In the Linux kernel, the following vulnerability has been resolved: drm/buddy: Prevent BUGON by validating rounded allocation When DRMBUDDYCONTIGUOUSALLOCATION is set, the requested size is rounded up to the next power-of-two via rounduppowoftwo. Similarly, for non-contiguous allocations with lar...

5.7AI score0.00127EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/07 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-43169

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/buddy: Prevent BUGON by validating rounded allocation When DRMBUDDYCONTIGUOUSALLOCATION is set, the requested size is rounded up to the next power-of-two vi...

5.5CVSS6.1AI score0.00127EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/06 12:30 p.m.11 views

EUVD-2026-27732

In the Linux kernel, the following vulnerability has been resolved: drm/buddy: Prevent BUGON by validating rounded allocation When DRMBUDDYCONTIGUOUSALLOCATION is set, the requested size is rounded up to the next power-of-two via rounduppowoftwo. Similarly, for non-contiguous allocations with lar...

5.7AI score0.00127EPSS
Exploits0References5
NVD
NVD
added 2026/05/04 5:16 p.m.14 views

CVE-2025-47408

Memory corruption when another driver calls an IOCTL with invalid input/output buffer...

7.8CVSS0.00075EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/04 4:43 p.m.3 views

CVE-2025-47408

Memory corruption when another driver calls an IOCTL with invalid input/output buffer...

7.8CVSS5.8AI score0.00075EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/04 4:43 p.m.7 views

EUVD-2025-209633

Memory corruption when another driver calls an IOCTL with invalid input/output buffer...

7.8CVSS5.8AI score0.00075EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/04 12:0 a.m.9 views

PT-2026-36844

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Memory corruption occurs when another driver calls an IOCTL Input/Output Control, which is a device driver communication mechanism, using an invalid input or...

7.8CVSS5.8AI score0.00075EPSS
Exploits0References4
OSV
OSV
added 2026/04/30 9:40 a.m.3 views

SUSE-SU-2026:21396-1 Security update for libssh

This update for libssh fixes the following issues: - Update to version 0.11.4: - CVE-2026-0964: SCP Protocol Path Traversal in sshscppullrequest bsc1258049 - CVE-2026-0965: Possible Denial of Service when parsing unexpected configuration files bsc1258045 - CVE-2026-0966: Buffer underflow in...

8.2CVSS6.3AI score0.00582EPSS
Exploits0References15
Rows per page
Query Builder