Lucene search
K

77 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.22.0, urbselectinterface could free the device’s MS config upon an error, but subsequent code still dereferenced it, resulting in a use after free in libusbudevselectinterface. This vulnerability has been fixed in...

8.7CVSS5.9AI score0.00467EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.12 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.22.0, the URBDRC client used server-supplied interface numbers as array indices without bounds checks, resulting in a out-of-bounds read in libusbudevselectinterface. This vulnerability has been fixed in version...

9.1CVSS5.3AI score0.00489EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/06 6:43 p.m.8 views

CVE-2026-23679

A flaw was found in libusb. An attacker can provide a specially crafted Universal Serial Bus USB configuration descriptor to applications using libusb. This malformed descriptor can lead to a null pointer dereference, causing the application to crash and resulting in a denial of service. This...

6.9CVSS5.1AI score0.00184EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/06/06 6:43 p.m.9 views

CVE-2026-47104

A flaw was found in libusb. This out-of-bounds read vulnerability allows a local attacker, particularly in virtualized environments utilizing USB passthrough, to trigger a denial of service. By providing a malformed USB descriptor, the attacker can cause the software to read beyond its allocated...

5.5CVSS5.2AI score0.0013EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/05/30 12:0 a.m.16 views

Linux Distros Unpatched Vulnerability : CVE-2026-23679

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libusb before version 1.0.30 contains a NULL pointer dereference vulnerability that allows attackers to crash applications by supplying a malformed USB...

6.9CVSS6.1AI score0.00184EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/29 1:22 a.m.14 views

SUSE CVE-2026-23679

libusb before version 1.0.30 contains a NULL pointer dereference vulnerability that allows attackers to crash applications by supplying a malformed USB configuration descriptor where an interface claims bNumEndpoints greater than zero but is followed by a class-specific descriptor whose bLength...

6.9CVSS5.9AI score0.00184EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.13 views

SUSE CVE-2026-47104

libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed USB descriptor whose bLength equals size minus one, causing the bounds check to use the original buffer...

5.5CVSS5.9AI score0.0013EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-47104

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of...

5.5CVSS5.5AI score0.0013EPSS
Exploits0References4
OSV
OSV
added 2026/05/27 2:17 p.m.7 views

DEBIAN-CVE-2026-47104

libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed USB descriptor whose bLength equals size minus one, causing the bounds check to use the original buffer...

5.5CVSS5.9AI score0.0013EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 2:17 p.m.19 views

CVE-2026-47104

libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed USB descriptor whose bLength equals size minus one, causing the bounds check to use the original buffer...

5.5CVSS0.0013EPSS
Exploits0References5
OSV
OSV
added 2026/05/27 2:17 p.m.7 views

UBUNTU-CVE-2026-47104

libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed USB descriptor whose bLength equals size minus one, causing the bounds check to use the original buffer...

5.5CVSS5.9AI score0.0013EPSS
Exploits0References6
OSV
OSV
added 2026/05/27 2:16 p.m.9 views

DEBIAN-CVE-2026-23679

libusb before version 1.0.30 contains a NULL pointer dereference vulnerability that allows attackers to crash applications by supplying a malformed USB configuration descriptor where an interface claims bNumEndpoints greater than zero but is followed by a class-specific descriptor whose bLength...

5.5CVSS5.9AI score0.00184EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 2:16 p.m.14 views

CVE-2026-23679

libusb before version 1.0.30 contains a NULL pointer dereference vulnerability that allows attackers to crash applications by supplying a malformed USB configuration descriptor where an interface claims bNumEndpoints greater than zero but is followed by a class-specific descriptor whose bLength...

6.9CVSS0.00184EPSS
Exploits0References5
OSV
OSV
added 2026/05/27 2:16 p.m.9 views

UBUNTU-CVE-2026-23679

libusb before version 1.0.30 contains a NULL pointer dereference vulnerability that allows attackers to crash applications by supplying a malformed USB configuration descriptor where an interface claims bNumEndpoints greater than zero but is followed by a class-specific descriptor whose bLength...

6.9CVSS5.9AI score0.00184EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/05/27 1:21 p.m.9 views

CVE-2026-23679 libusb < 1.0.30 NULL Pointer Dereference in parse_interface()

libusb before version 1.0.30 contains a NULL pointer dereference vulnerability that allows attackers to crash applications by supplying a malformed USB configuration descriptor where an interface claims bNumEndpoints greater than zero but is followed by a class-specific descriptor whose bLength...

6.9CVSS5.9AI score0.00184EPSS
Exploits0References5
CVE
CVE
added 2026/05/27 1:21 p.m.40 views

CVE-2026-23679

CVE-2026-23679 affects libusb 0 but is followed by a class-specific descriptor whose bLength exceeds the remaining buffer, causing an early return without allocating the endpoint array. Exploitation vectors include providing crafted descriptors via libusb_get_active_config_descriptor or libusb_g...

6.9CVSS5.9AI score0.00184EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/05/27 1:21 p.m.45 views

CVE-2026-23679 libusb < 1.0.30 NULL Pointer Dereference in parse_interface()

libusb before version 1.0.30 contains a NULL pointer dereference vulnerability that allows attackers to crash applications by supplying a malformed USB configuration descriptor where an interface claims bNumEndpoints greater than zero but is followed by a class-specific descriptor whose bLength...

6.9CVSS0.00184EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/05/27 1:21 p.m.15 views

CVE-2026-23679

libusb before version 1.0.30 contains a NULL pointer dereference vulnerability that allows attackers to crash applications by supplying a malformed USB configuration descriptor where an interface claims bNumEndpoints greater than zero but is followed by a class-specific descriptor whose bLength...

6.9CVSS5.9AI score0.00184EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/27 1:20 p.m.48 views

CVE-2026-47104 libusb < 1.0.30 Out-of-Bounds Read in parse_iad_array()

libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed USB descriptor whose bLength equals size minus one, causing the bounds check to use the original buffer...

5.1CVSS0.0013EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/27 1:20 p.m.7 views

CVE-2026-47104 libusb < 1.0.30 Out-of-Bounds Read in parse_iad_array()

libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed USB descriptor whose bLength equals size minus one, causing the bounds check to use the original buffer...

5.1CVSS5.9AI score0.0013EPSS
Exploits0References5
Rows per page
Query Builder