Lucene search
K

1351 matches found

RedhatCVE
RedhatCVE
added 2026/06/26 9:25 p.m.8 views

CVE-2026-57437

A flaw was found in Nokogiri, an XML and HTML library for Ruby. This vulnerability occurs when an application directly constructs an XPathContext and allows its associated document to be garbage collected while the context is still in use. An attacker could potentially exploit this by causing the...

6.3CVSS5.6AI score0.00312EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/23 7:29 a.m.4 views

redis: RESTORE invalid memory access may allow remote code execution

A flaw was found in Redis. An authenticated attacker with permission to execute the RESTORE command can send a crafted serialized payload that may lead to an invalid memory access due to an improper validation of the serialized values. This flaw can cause the server to crash and may allow arbitra...

8.8CVSS6.1AI score0.02995EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/22 3:58 p.m.6 views

EUVD-2026-38301

The Advanced Linux Sound Architecture ALSA library before 1.2.16.1 contains a double-free vulnerability in parsedef in src/conf.c that allows attackers to corrupt memory by supplying maliciously crafted ALSA configuration text. When parsing nested compound or array configuration blocks, parsedef...

7CVSS5.9AI score0.00138EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/22 6:26 a.m.5 views

redis: RESTORE invalid memory access may allow remote code execution

A flaw was found in Redis. An authenticated attacker with permission to execute the RESTORE command can send a crafted serialized payload that may lead to an invalid memory access due to an improper validation of the serialized values. This flaw can cause the server to crash and may allow arbitra...

8.8CVSS6.1AI score0.02995EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix invalid dereference of sblvbptr I encounter issues when placing an lkbsb on the stack and having the sblvbptr field point to a dangling pointer, without using DLMLKFVALBLK. This will cause a crash with the following...

5.5CVSS5.8AI score0.00155EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.7 views

Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2025-40263)

In the Linux kernel, the following vulnerability has been resolved: Input: croseckeyb - fix an invalid memory access If croseckeybregistermatrix isn't called due to buttonsswitchesonly in croseckeybprobe, ckdev-idev remains NULL. An invalid memory access is observed in croseckeybprocess when...

5.9AI score0.00167EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/15 10:18 a.m.12 views

redis: RESTORE invalid memory access may allow remote code execution

A flaw was found in Redis. An authenticated attacker with permission to execute the RESTORE command can send a crafted serialized payload that may lead to an invalid memory access due to an improper validation of the serialized values. This flaw can cause the server to crash and may allow arbitra...

8.8CVSS6AI score0.02995EPSS
Exploits0References6
OSV
OSV
added 2026/06/11 12:3 p.m.5 views

RLSA-2026:23229 Important: redis security update

Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, ...

8.8CVSS6.3AI score0.02995EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/11 10:5 a.m.7 views

Important: Red Hat Security Advisory: valkey security update

An update for valkey is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

8.8CVSS6.7AI score0.02995EPSS
Exploits4References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:23 p.m.16 views

CVE-2026-25589

RedisBloom is a probabilistic data structures module for Redis. In all versions of RedisBloom before 2.8.20, the module does not properly validate serialized values processed through the Redis RESTORE command. An authenticated attacker with permission to execute RESTORE on a server with the...

8.8CVSS6AI score0.01331EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/03 10:1 a.m.13 views

CVE-2025-59606

Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion during secure data initialization...

7.8CVSS5.8AI score0.00075EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/02 12:31 a.m.10 views

EUVD-2025-210021

Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion during secure data initialization...

7.8CVSS5.8AI score0.00075EPSS
Exploits0References2
NVD
NVD
added 2026/06/01 11:16 p.m.9 views

CVE-2025-59606

Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion during secure data initialization...

7.8CVSS0.00075EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/01 10:5 p.m.11 views

CVE-2025-59606

Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion during secure data initialization...

7.8CVSS5.8AI score0.00075EPSS
Exploits0References2
CVE
CVE
added 2026/06/01 10:5 p.m.27 views

CVE-2025-59606

The CVE-2025-59606 entry describes a memory corruption flaw triggered by writing to invalid memory locations caused by heap exhaustion during secure data initialization. The CVSS 3.1 vector indicates a local, low-privilege, no-user-interaction exposure with high impact to confidentiality, integri...

7.8CVSS5.8AI score0.00075EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.13 views

PT-2026-45631

Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion during secure data initialization...

7.8CVSS5.8AI score0.00075EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/27 10:42 p.m.10 views

CVE-2026-45974

A flaw was found in the Linux kernel's btrfs filesystem. The btrfsquotaenable function contains a logic error where it attempts to access an invalid memory location if a specific key is not found during a search operation. This incorrect handling of search results can lead to invalid leaf access,...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/27 8:47 p.m.9 views

CVE-2026-46016

A flaw was found in the Linux kernel's remoteproc xlnx component. This vulnerability occurs when the system attempts to process an Inter-Processor Interrupt IPI message without properly verifying its contents. An attacker could exploit this by causing the system to access an invalid memory...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/27 12:39 p.m.14 views

CVE-2026-45838

A flaw was found in the Linux kernel. Specifically, within the Berkeley Packet Filter BPF component, an error in the cgroupstoragegetnextkey function's end-of-list detection mechanism can cause the system to read from an invalid memory location. This incorrect handling may lead to internal map...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/26 12:0 a.m.8 views

CVE-2026-48688

FastNetMon Community Edition through 1.2.9 contains multiple out-of-bounds reads in the BGP MPREACHNLRI IPv6 attribute decoder. The function decodempreachipv6 in src/bgpprotocol.cpp contains a TODO comment at line 156 explicitly acknowledging 'we should add sanity checks to avoid reads after...

5.9AI score0.00283EPSS
Exploits0References4
Rows per page
Query Builder