Lucene search
K

152 matches found

RedhatCVE
RedhatCVE
added 2026/06/26 12:18 a.m.7 views

CVE-2026-53170

A flaw was found in the Linux kernel's accel/ethosu driver. A local attacker could exploit a vulnerability where DMA commands with uninitialized length are not properly handled. By omitting a specific DMA length setup command and issuing a DMA start command, a user could bypass bounds checks,...

8.8CVSS6.1AI score0.00137EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/22 1:16 p.m.3 views

Security Bulletin: Vulnerability in Undici affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Undici has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabilit...

9.8CVSS7.2AI score0.0115EPSS
Exploits0Affected Software2
OSV
OSV
added 2026/06/11 4:55 p.m.4 views

MGASA-2026-0197 Updated gnupg2 packages fix security vulnerabilities

CVE-2025-68973, armorfilter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. CVE-2026-24882, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC key...

8.4CVSS7.3AI score0.00447EPSS
Exploits2References6
Vulnrichment
Vulnrichment
added 2026/04/10 3:24 a.m.2 views

CVE-2026-5188 Integer underflow in X.509 SAN parsing in wolfSSL

An integer underflow issue exists in wolfSSL when parsing the Subject Alternative Name SAN extension of X.509 certificates. A malformed certificate can specify an entry length larger than the enclosing sequence, causing the internal length counter to wrap during parsing. This results in incorrect...

2.3CVSS5.8AI score0.00135EPSS
Exploits0References1
NVD
NVD
added 2026/03/30 10:16 p.m.5 views

CVE-2026-33952

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, an unvalidated authlength field read from the network triggers a WINPRASSERT failure in rtsreadauthverifiernochecks, causing any FreeRDP client connecting through a malicious RDP Gateway to crash with SIGABR...

6.5CVSS0.00271EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/27 3:56 p.m.3 views

Improper Handling of Length Parameter Inconsistency

Overview ecdsa is an easy-to-use implementation of ECDSA cryptography Elliptic Curve Digital Signature Algorithm, implemented purely in Python, released under the MIT license. Affected versions of this package are vulnerable to Improper Handling of Length Parameter Inconsistency due to improper...

6.9CVSS5.9AI score0.00476EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/03/12 12:0 a.m.9 views

RHEL 9 : postgresql (RHSA-2026:4475)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4475 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL missing validation of...

8.8CVSS6.3AI score0.01208EPSS
Exploits3References8
OSV
OSV
added 2026/03/06 12:41 p.m.9 views

OESA-2026-1494 postgresql security update

PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine a...

8.8CVSS6.3AI score0.01208EPSS
Exploits3References5
Cvelist
Cvelist
added 2026/03/04 11:32 p.m.34 views

CVE-2026-2835 HTTP Request Smuggling via HTTP/1.0 and Transfer-Encoding Misparsing

An HTTP Request Smuggling vulnerability CWE-444 has been found in Pingora's parsing of HTTP/1.0 and Transfer-Encoding requests. The issue occurs due to improperly allowing HTTP/1.0 request bodies to be close-delimited and incorrect handling of multiple Transfer-Encoding values, allowing attackers...

9.3CVSS0.00707EPSS
Exploits0References1
Snyk
Snyk
added 2026/02/24 1:44 a.m.5 views

Buffer Access with Incorrect Length Value

Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

9.8CVSS5.7AI score0.00461EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/04 12:0 a.m.8 views

PT-2026-6314

Name of the Vulnerable Software and Affected Versions Espressif Internet of Things IOT Development Framework versions 5.1.6 through 5.5.2 Description The Espressif Internet of Things IOT Development Framework contains a flaw in the WPS Wi-Fi Protected Setup Enrollee implementation. Malformed...

6.3CVSS5.6AI score0.00213EPSS
Exploits0References12
CVE
CVE
added 2026/01/27 9:8 p.m.23 views

CVE-2026-24738

Concisely, the Go library github.com/gmrtd/gmrtd’s ReadFile() is vulnerable to Denial of Service from unbounded TLV lengths before v0.17.2. Multiple sources (SUSE, Red Hat, OSV, CVE lists, GHSA advisory, Snyk) describe that ReadFile could accept TLVs up to 4 GB, causing uncontrolled memory and CP...

6.5CVSS5.8AI score0.00265EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 9 : nss-3.79.0-17.el9 (AXSA:2023-5231:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5231:02 advisory. nss: Arbitrary memory write via PKCS 12 CVE-2023-0767 Bug Fixes: In FIPS mode, nss should reject RSASSA-PSS salt lengths larger than the output size of the...

8.8CVSS8.1AI score0.00817EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.5 views

MiracleLinux 4 : libtasn1-2.3-3.AXS4.1 (AXSA:2012-480:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-480:01 advisory. This is the ASN.1 library used in GNUTLS. More up to date information can be found at http://www.gnu.org/software/gnutls and http://www.gnutls.org Security...

5CVSS7.6AI score0.0446EPSS
Exploits1References2
OSV
OSV
added 2026/01/13 2:52 p.m.5 views

GHSA-67RJ-PJG6-PQ59 Jervis Has a SHA-256 Hex String Padding Bug

Vulnerability https://github.com/samrocketman/jervis/blob/157d2b63ffa5c4bb1d8ee2254950fd2231de2b05/src/main/groovy/net/gleske/jervis/tools/SecurityIO.groovyL622-L626 padLeft32, '0' should be padLeft64, '0'. SHA-256 produces 32 bytes = 64 hex characters. Impact Inconsistent hash lengths when leadi...

8.7CVSS7AI score0.00147EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.5 views

MiracleLinux 8 : thunderbird-128.7.0-1.el8_10.ML.1 (AXSA:2025-9663:03)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-9663:03 advisory. firefox: thunderbird: Memory safety bugs fixed in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7 CVE-2025-1017 firefox:...

9.8CVSS7.2AI score0.01276EPSS
Exploits0References11
OSV
OSV
added 2026/01/05 12:47 p.m.2 views

SUSE-SU-2026:0027-1 Security update for python3

This update for python3 fixes the following issues: - CVE-2025-12084: cpython: Fixed quadratic algorithm in xml.dom.minidom leading to denial of service bsc1254997 - CVE-2025-13836: Fixed default Content-Lenght read amount from HTTP response bsc1254400 - CVE-2025-13837: Fixed plistlib module deni...

7.5CVSS7.1AI score0.01525EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/11/12 12:0 a.m.3 views

Fujitsu iRMC 安全漏洞

Fujitsu iRMC is an integrated remote management controller from Fujitsu Japan. A security vulnerability exists in the Fujitsu iRMC that stems from improper handling of usernames up to 16 characters in length, which could lead to Redfish/WebUI access issues...

7.5CVSS6.7AI score0.00238EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2012-0104

Malware in sbrugna...

4.3CVSS7.4AI score0.03198EPSS
Exploits1References20
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2000-0994

Malware in sbrugna...

5CVSS6.4AI score0.01137EPSS
Exploits0References3
Rows per page
Query Builder