Lucene search
+L

70 matches found

cvelist
cvelist
added 2026/06/25 8:38 a.m.36 views

CVE-2026-53173 accel/ethosu: fix OOB write in ethosu_gem_cmdstream_copy_and_validate()

In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: fix OOB write in ethosugemcmdstreamcopyandvalidate The command stream parsing loop increments the index variable a second time when a 64-bit command word is encountered bit 14 set, but does not re-check the loop bou...

7.8CVSS0.00129EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/06/05 7:34 p.m.9 views

CVE-2026-49140

Nanobot prior to version 0.2.1 contains a denial of service vulnerability in the Matrix channel media download handler that allows authenticated room members to exhaust process memory and bandwidth by sending media events with missing or invalid size metadata. Attackers can send multiple concurre...

5.3CVSS5.5AI score0.00268EPSS
Exploits0References1
euvd
euvd
added 2026/06/01 7:54 p.m.12 views

EUVD-2026-33760

Nanobot prior to version 0.2.1 contains a denial of service vulnerability in the Matrix channel media download handler that allows authenticated room members to exhaust process memory and bandwidth by sending media events with missing or invalid size metadata. Attackers can send multiple concurre...

5.3CVSS5.8AI score0.00268EPSS
Exploits0References4
cvelist
cvelist
added 2026/06/01 7:54 p.m.33 views

CVE-2026-49140 Nanobot < 0.2.1 Denial of Service via Matrix Media Download Handler

Nanobot prior to version 0.2.1 contains a denial of service vulnerability in the Matrix channel media download handler that allows authenticated room members to exhaust process memory and bandwidth by sending media events with missing or invalid size metadata. Attackers can send multiple concurre...

5.3CVSS0.00268EPSS
Exploits0References4
osv
osv
added 2026/06/01 7:54 p.m.2 views

CVE-2026-49140 Nanobot < 0.2.1 Denial of Service via Matrix Media Download Handler

Nanobot prior to version 0.2.1 contains a denial of service vulnerability in the Matrix channel media download handler that allows authenticated room members to exhaust process memory and bandwidth by sending media events with missing or invalid size metadata. Attackers can send multiple concurre...

5.3CVSS6AI score0.00268EPSS
Exploits0References7
ptsecurity
ptsecurity
added 2026/06/01 12:0 a.m.16 views

PT-2026-45562

Nanobot prior to version 0.2.1 contains a denial of service vulnerability in the Matrix channel media download handler that allows authenticated room members to exhaust process memory and bandwidth by sending media events with missing or invalid size metadata. Attackers can send multiple concurre...

5.3CVSS5.8AI score0.00268EPSS
Exploits0References5
euvd
euvd
added 2026/05/06 12:30 p.m.12 views

EUVD-2026-27732

In the Linux kernel, the following vulnerability has been resolved: drm/buddy: Prevent BUGON by validating rounded allocation When DRMBUDDYCONTIGUOUSALLOCATION is set, the requested size is rounded up to the next power-of-two via rounduppowoftwo. Similarly, for non-contiguous allocations with lar...

5.7AI score0.00127EPSS
Exploits0References5
nvd
nvd
added 2026/05/06 12:16 p.m.7 views

CVE-2026-43169

In the Linux kernel, the following vulnerability has been resolved: drm/buddy: Prevent BUGON by validating rounded allocation When DRMBUDDYCONTIGUOUSALLOCATION is set, the requested size is rounded up to the next power-of-two via rounduppowoftwo. Similarly, for non-contiguous allocations with lar...

5.5CVSS0.00127EPSS
Exploits0References4
cvelist
cvelist
added 2026/05/06 11:27 a.m.31 views

CVE-2026-43169 drm/buddy: Prevent BUG_ON by validating rounded allocation

In the Linux kernel, the following vulnerability has been resolved: drm/buddy: Prevent BUGON by validating rounded allocation When DRMBUDDYCONTIGUOUSALLOCATION is set, the requested size is rounded up to the next power-of-two via rounduppowoftwo. Similarly, for non-contiguous allocations with lar...

0.00127EPSS
Exploits0References4
redhatcve
redhatcve
added 2026/05/06 6:16 a.m.10 views

CVE-2026-33813

A flaw was found in golang.org/x/image. A remote attacker could exploit this vulnerability by providing a specially crafted WEBP image with an invalid, large size. This could cause the application to panic and crash on 32-bit platforms, leading to a Denial of Service DoS...

7.5CVSS5.8AI score0.0034EPSS
Exploits0References6
vulnrichment
vulnrichment
added 2026/04/30 8:8 a.m.5 views

CVE-2026-35547 Heap overflow in libnv

When processing the header of an incoming message, libnv failed to properly validate the message size. The lack of validation allows a malicious program to write outside the bounds of a heap allocation. This can trigger a crash or system panic, and it may be possible for an unprivileged user to...

5.2AI score0.00316EPSS
Exploits0References1
ubuntucve
ubuntucve
added 2026/04/21 8:16 p.m.7 views

CVE-2026-33813

Parsing a WEBP image with an invalid, large size panics on 32-bit platforms...

7.5CVSS5.8AI score0.0034EPSS
Exploits0References3
euvd
euvd
added 2026/04/21 7:21 p.m.11 views

EUVD-2026-24247

Parsing a WEBP image with an invalid, large size panics on 32-bit platforms...

5.8AI score0.0034EPSS
Exploits0References3
cve
cve
added 2026/04/21 7:21 p.m.25 views

CVE-2026-33813

CVE-2026-33813 affects decoding of WEBP images in golang.org/x/image. The issue occurs when parsing a WEBP image with an invalid, large size on 32-bit platforms, causing a panic. Connected sources corroborate that this is a panic condition specific to large/invalid sizes on 32-bit architectures; ...

7.5CVSS5.8AI score0.0034EPSS
Exploits0References4Affected Software1
debiancve
debiancve
added 2026/04/21 7:21 p.m.9 views

CVE-2026-33813

Parsing a WEBP image with an invalid, large size panics on 32-bit platforms...

7.5CVSS5.3AI score0.0034EPSS
Exploits0
ptsecurity
ptsecurity
added 2026/04/21 12:0 a.m.11 views

PT-2026-34050

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Parsing a WEBP image with an invalid, large size causes a panic on 32-bit platforms. Recommendations At the moment, there is no information about a newer version...

7.5CVSS5.8AI score0.0034EPSS
Exploits0References108
redhat
redhat
added 2026/04/15 10:20 a.m.3 views

golang.org/x/image: golang: golang.org/x/image: Denial of Service via malformed WEBP image parsing

A flaw was found in golang.org/x/image. A remote attacker could exploit this vulnerability by providing a specially crafted WEBP image with an invalid, large size. This could cause the application to panic and crash on 32-bit platforms, leading to a Denial of Service DoS...

7.5CVSS6.9AI score0.0034EPSS
Exploits0References7
susecve
susecve
added 2026/03/05 6:51 a.m.10 views

SUSE CVE-2026-23238

In the Linux kernel, the following vulnerability has been resolved: romfs: check sbsetblocksize return value romfsfillsuper ignores the return value of sbsetblocksize, which can fail if the requested block size is incompatible with the block device's configuration. This can be triggered by settin...

5.5CVSS5.7AI score0.00189EPSS
Exploits0References3
astralinux
astralinux
added 2026/01/27 5:1 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix use-after-free bug The bug can be triggered by sending a single amdgpugemuserptrioctl to the AMDGPU DRM driver on any ASICs with an invalid address and size. The bug was reported by Joonkyo Jung . For example the...

5.5CVSS6.2AI score0.00225EPSS
Exploits0References3
cvelist
cvelist
added 2025/11/12 9:56 p.m.8 views

CVE-2025-40200 Squashfs: reject negative file sizes in squashfs_read_inode()

In the Linux kernel, the following vulnerability has been resolved: Squashfs: reject negative file sizes in squashfsreadinode Syskaller reports a "WARNING in ovlcopyupfile" in overlayfs. This warning is ultimately caused because the underlying Squashfs file system returns a file with a negative...

0.00193EPSS
Exploits0References8
Rows per page
Query Builder