Lucene search
K

80 matches found

CVE
CVE
added 2025/01/07 4:18 p.m.48 views

CVE-2024-8361

In SiWx91x devices, CVE-2024-8361 describes a DoS caused by SHA2/224 producing a 256-bit hash instead of 224 bits, triggering a software assertion. The issue is documented across multiple sources (NVD, Red Hat, CVE listing). Affected component is the SHA2/224 implementation; root cause is incorre...

7.5CVSS7.5AI score0.0041EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/07 12:0 a.m.7 views

PT-2025-3698 · Siwx91X · Siwx91X

Name of the Vulnerable Software and Affected Versions: SiWx91x devices affected versions not specified Description: The issue is related to the SHA2/224 algorithm, which returns a hash of 256 bits instead of 224 bits. This incorrect hash length triggers a software assertion, causing a Denial of...

7.5CVSS7AI score0.0041EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/07/24 1:20 p.m.10 views

kernel: ext4: fix double-free of blocks due to wrong extents moved_len

A vulnerability was found in the Linux kernel. This issue occurs in the ext4 function, in ext4moveextents, where an error in updating the movedlen variable can lead to double-free of blocks and corrupt block accounting. This could lead to crashes or undefined behavior...

7.8CVSS7.2AI score0.00266EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/07/16 2:34 a.m.5 views

SUSE CVE-2024-40992

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix responder length checking for UD request packets According to the IBA specification: If a UD request packet is detected with an invalid length, the request shall be an invalid request and it shall be silently droppe...

5.5CVSS7.7AI score0.00268EPSS
Exploits0References10
CNNVD
CNNVD
added 2024/07/10 12:0 a.m.4 views

StringBuilder for Node.js Security Vulnerability

StringBuilder for Node.js is a simple and fast in-memory string generator for Node.js by Magic Len Personal Developer. A security vulnerability exists in StringBuilder for Node.js, which stems from an incorrect calculation of the memory length and is susceptible to out-of-bounds reads, which can...

9.1CVSS6.5AI score0.00822EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/05/17 12:0 a.m.3 views

Tor Arti 安全漏洞

Tor Arti is a project of the Tor team to generate embeddable, production-quality implementations of the Tor anonymization protocol in the Rust programming language. A security vulnerability exists in Tor Arti versions prior to 1.2.3, which stems from a message length error...

6.2CVSS6.4AI score0.00186EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/17 12:0 a.m.5 views

Tor Arti 安全漏洞

Tor Arti is a project of the Tor team to generate embeddable, production-quality implementations of the Tor anonymization protocol in the Rust programming language. A security vulnerability exists in Tor Arti versions prior to 1.2.3, which stems from a message length error...

7.3CVSS6.4AI score0.00298EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/04/17 9:43 a.m.26 views

CVE-2024-26824 crypto: algif_hash - Remove bogus SGL free on zero-length error path

In the Linux kernel, the following vulnerability has been resolved: crypto: algifhash - Remove bogus SGL free on zero-length error path When a zero-length message is hashed by algifhash, and an error is triggered, it tries to free an SG list that was never allocated in the first place. Fix this b...

6.7AI score0.00228EPSS
Exploits0References3
OSV
OSV
added 2024/03/02 9:59 p.m.8 views

CVE-2023-52580 net/core: Fix ETH_P_1588 flow dissector

In the Linux kernel, the following vulnerability has been resolved: net/core: Fix ETHP1588 flow dissector When a PTP ethernet raw frame with a size of more than 256 bytes followed by a 0xff pattern is sent to skbflowdissect, nhoff value calculation is wrong. For example: hdr-messagelength takes t...

5.5CVSS5.7AI score0.00225EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/11/15 1:57 a.m.2 views

SUSE CVE-2023-47360

Videolan VLC prior to version 3.0.20 contains an Integer underflow that leads to an incorrect packet length...

7.5CVSS6.9AI score0.00907EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/11/07 12:0 a.m.7 views

CVE-2023-47360

Videolan VLC prior to version 3.0.20 contains an Integer underflow that leads to an incorrect packet length...

7.1AI score0.00907EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:45 a.m.3 views

SUSE CVE-2012-3405

The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library aka glibc 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFYSOURCE format-string protection mechanism and cause a denial of service segmentati...

5CVSS7.1AI score0.02087EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:25 a.m.3 views

SUSE CVE-2018-13785

In libpng 1.6.34, a wrong calculation of rowfactor in the pngcheckchunklength function pngrutil.c may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service...

3.3CVSS8.9AI score0.0447EPSS
Exploits0References23
CNNVD
CNNVD
added 2022/12/18 12:0 a.m.5 views

drachtio-server 安全漏洞

drachtio-server is a drachtio open source SIP server built on the sofia SIP stack. A security vulnerability exists in drachtio-server prior to version 0.8.20, which stems from a vulnerability that allows remote attackers to cause a denial of service via a long message in a TCP request that result...

7.5CVSS7.4AI score0.01152EPSS
Exploits1References3
OSV
OSV
added 2022/11/18 3:34 p.m.6 views

SUSE-SU-2022:4084-1 Security update for nodejs16

This update for nodejs16 fixes the following issues: - Update to LTS versino 16.18.1. - CVE-2022-43548: Fixed DNS rebinding in --inspect via invalid octal IP address bsc1205119. - Update to LTS version 16.18.0: http: throw error on content-length mismatch stream: add ReadableByteStream.tee deps:...

8.1CVSS8.2AI score0.14024EPSS
Exploits0References3
OSV
OSV
added 2022/11/15 4:10 p.m.10 views

SUSE-SU-2022:4003-1 Security update for nodejs16

This update for nodejs16 fixes the following issues: - Update to LTS versino 16.18.1: - CVE-2022-43548: Fixed DNS rebinding in --inspect via invalid octal IP address bsc1205119. - Update to LTS version 16.18.0: http: throw error on content-length mismatch stream: add ReadableByteStream.tee deps:...

8.1CVSS8.2AI score0.14024EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/07/12 12:0 a.m.4 views

Softing Secure Integration Server 数字错误漏洞

Softing Secure Integration Server is a secure integration server from Softing Germany. It provides a powerful OPC UA data integration layer and supports interface abstraction, aggregation, data preprocessing, and security supervision. A numeric error vulnerability exists in Softing Secure...

7.5CVSS7.3AI score0.01324EPSS
Exploits0References8
CNNVD
CNNVD
added 2022/05/02 12:0 a.m.6 views

Qualcomm 缓冲区错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc., and are from time to time fabricated on the surface of semiconductor wafers. A security vulnerability exists in several Qualcomm products that...

7.8CVSS7.5AI score0.00626EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/03/07 12:0 a.m.5 views

Qualcomm 芯片 缓冲区错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc., and is manufactured from time to time on the surface of semiconductor wafers. A security vulnerability exists in a number of Qualcomm products...

7.8CVSS7.3AI score0.00182EPSS
Exploits0References8
CNNVD
CNNVD
added 2022/01/11 12:0 a.m.6 views

Red Hat Ceph Storage 授权问题漏洞

Red Hat Ceph Storage is a suite of scalable, open software-defined storage platforms from Red Hat USA. An authorization issue vulnerability exists in Red Hat Ceph Storage, where an attacker can exploit the fact that the key length is incorrectly passed in the encryption algorithm to create a...

6.5CVSS6.8AI score0.00436EPSS
Exploits0References16
Rows per page
Query Builder