Lucene search
K

1685 matches found

CVE
CVE
added 2026/05/01 2:15 p.m.17 views

CVE-2026-43017

CVE-2026-43017 concerns the Linux kernel Bluetooth MGMT mesh path. It fixes missing validation of adv_data_len in mesh_send, which could allow out-of-bounds access in queued commands. The description and connected advisories indicate: affected software is the Linux kernel; root cause is failure t...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/05/01 2:15 p.m.29 views

CVE-2026-31779 wifi: iwlwifi: mvm: fix potential out-of-bounds read in iwl_mvm_nd_match_info_handler()

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix potential out-of-bounds read in iwlmvmndmatchinfohandler The memcpy function assumes the dynamic array notif-matches is at least as large as the number of bytes to copy. Otherwise, results-matches may...

8.1CVSS0.00271EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/01 2:14 p.m.10 views

EUVD-2026-26565

In the Linux kernel, the following vulnerability has been resolved: bridge: brndsend: validate ND option lengths brndsend walks ND options according to option-provided lengths. A malformed option can make the parser advance beyond the computed option span or use a too-short source LLADDR option...

5.8AI score0.00123EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/01 2:14 p.m.11 views

EUVD-2026-26561

In the Linux kernel, the following vulnerability has been resolved: comedi: medaq: Fix potential overrun of firmware buffer me2600xilinxdownload loads the firmware that was requested by requestfirmware. It is possible for it to overrun the source buffer because it blindly trusts the file format. ...

5.8AI score0.00129EPSS
Exploits0References8
CVE
CVE
added 2026/05/01 2:14 p.m.17 views

CVE-2026-31747

CVE-2026-31747 affects the Linux kernel code path for comedi me4000 firmware loading. The vulnerability arises when me4000_xilinx_download() blindly trusts the firmware file format and reads a header length from the first 4 bytes into file_length, then reads data from offset 16 of length file_len...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/05/01 2:14 p.m.29 views

CVE-2026-31738 vxlan: validate ND option lengths in vxlan_na_create

In the Linux kernel, the following vulnerability has been resolved: vxlan: validate ND option lengths in vxlannacreate vxlannacreate walks ND options according to option-provided lengths. A malformed option can make the parser advance beyond the computed option span or use a too-short source LLAD...

0.00123EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/01 1:55 p.m.6 views

EUVD-2026-26505

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix missing validation of ticket length in non-XDR key preparsing In rxrpcpreparse, there are two paths for parsing key payloads: the XDR path for large payloads and the non-XDR path for payloads = 28 bytes. While the XDR...

5.8AI score0.00129EPSS
Exploits0References5
CVE
CVE
added 2026/05/01 12:0 a.m.30 views

CVE-2026-42484

Hashcat v7.1.2 contains a heap-based buffer overflow in the PKZIP hash parser’s hex_to_binary function. When data_type_enum

9.8CVSS6.4AI score0.00444EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/05/01 12:0 a.m.33 views

CVE-2026-42477

A heap-based out-of-bounds read vulnerability in RWObjReader::read in the OBJ file parser in Open CASCADE Technology OCCT V800rc5 allows user-assisted attackers to cause a denial of service or obtain sensitive information by persuading a victim to open a crafted OBJ file. The issue occurs because...

0.00104EPSS
Exploits0References1
CVE
CVE
added 2026/05/01 12:0 a.m.10 views

CVE-2026-37541

CVE-2026-37541 affects OVMS3 3.3.005. A buffer overflow in canformat_gvret.cpp occurs due to improper validation of the GVRET length field in binary data, enabling remote attackers to cause a denial of service or possibly achieve arbitrary code execution through crafted GVRET frames. Documentatio...

10CVSS6.3AI score0.00678EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/01 12:0 a.m.5 views

CVE-2026-42469

Buffer overflow vulnerability in Open Vehicle Monitoring System 3 OVMS3 3.3.005. In canformatcanswitch.cpp the parser does not properly validate a CANswitch DLC value, allowing remote attackers to cause a denial of service or possibly execute arbitrary code via crafted CANswitch frames...

8.6CVSS6.3AI score0.00356EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.6 views

PT-2026-36434

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Bluetooth MGMT component where the mesh send function fails to verify that the bytes provided for the flexible adv data array match the embedded adv data len field...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of ticket length validation in the non-XDR key resolution path. This vulnerability may...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References1
CVE
CVE
added 2026/04/29 6:53 p.m.12 views

CVE-2026-7426

The CVE-2026-7426 entry concerns the IPv6 Router Advertisement handling in FreeRTOS-Plus-TCP. Insufficient validation of the prefix length field in Router Advertisement processing allows memory corruption (heap buffer overflow) on the affected stack when processing RA messages. Affected versions ...

8.1CVSS5.9AI score0.00246EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/04/29 2:23 p.m.68 views

CLSA-2026-1777462768 cups: Fix of CVE-2023-4504

CVE-2023-4504: validate PPD PostScript input length to prevent heap-based buffer overflow in raster-interpret.c...

7CVSS6AI score0.00663EPSS
Exploits2References1
CNNVD
CNNVD
added 2026/04/29 12:0 a.m.12 views

FreeRTOS-Plus-TCP 缓冲区错误漏洞

FreeRTOS-Plus-TCP is an extensible, open-source TCP/IP stack designed for use with FreeRTOS. Versions prior to V4.2.6 and V4.4.1 of FreeRTOS-Plus-TCP contained a buffer error vulnerability. This vulnerability stemmed from insufficient validation of the prefix length field during IPv6 router...

8.1CVSS6AI score0.00246EPSS
Exploits0References1
NVD
NVD
added 2026/04/28 7:37 p.m.19 views

CVE-2026-6238

The deprecated functions nsprintrrf, nsprintrr and fpnquery in the GNU C Library version 2.0.1 to version 2.43 fail to validate the RDATA content against the RDATA length in a DNS response when processing A6, CERT, LOC, TKEY or TSIG records, which may allow an attacker to craft a DNS response,...

6.5CVSS0.00311EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/28 4:43 p.m.3 views

CVE-2026-6238

The deprecated functions nsprintrrf, nsprintrr and fpnquery in the GNU C Library version 2.0.1 to version 2.43 fail to validate the RDATA content against the RDATA length in a DNS response when processing A6, CERT, LOC, TKEY or TSIG records, which may allow an attacker to craft a DNS response,...

6.5CVSS5.8AI score0.00311EPSS
Exploits0References3Affected Software1
RedHat Linux
RedHat Linux
added 2026/04/28 6:49 a.m.9 views

freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow

A flaw was found in FreeRDP. A malicious server can exploit a vulnerability in FastGlyph parsing, which improperly trusts data length without sufficient validation. This can lead to a client-side global buffer overflow, resulting in a denial of service DoS due to a crash. For this vulnerability t...

7.5CVSS5.5AI score0.00481EPSS
Exploits1References10
ATTACKERKB
ATTACKERKB
added 2026/04/27 2:56 a.m.4 views

CVE-2026-3868

An improper handling of the length parameter inconsistency vulnerability has been identified in Moxa’s Secure Router. Because of improper validation of length parameters in the HTTPS management interface, an unauthenticated remote attacker could send specially crafted requests that trigger a buff...

8.7CVSS5.9AI score0.00368EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder