Lucene search
K

23 matches found

OSV
OSV
added 2026/04/29 1:21 p.m.7 views

JLSEC-2026-351

A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5FSsectlinksize of the file src/H5FSsection.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to t...

5.5CVSS3.8AI score0.00215EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992726)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992726 advisory. In the Linux kernel, the following vulnerability has been resolved: Squashfs: sanity check symbolic link size Syzkiller reports a KMSAN: uninit-value in picklink bug...

7.8CVSS6.2AI score0.00299EPSS
Exploits0References3
Rockylinux
Rockylinux
added 2025/11/21 6:13 p.m.11 views

kernel security update

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

7.8CVSS6.7AI score0.00535EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/11/12 12:0 a.m.10 views

RHEL 9 : kernel (RHSA-2025:20518)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:20518 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: isotp: fix potential CAN...

7.8CVSS7.7AI score0.00535EPSS
Exploits1References233
Tenable Nessus
Tenable Nessus
added 2025/11/12 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990817)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990817 advisory. In the Linux kernel, the following vulnerability has been resolved: Squashfs: sanity check symbolic link size Syzkiller reports a KMSAN: uninit-value in picklink bug...

7.8CVSS6.2AI score0.00299EPSS
Exploits0References3
OSV
OSV
added 2025/11/11 12:0 a.m.16 views

ALSA-2025:20518 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: isotp: fix potential CAN frame reception race in isotprcv CVE-2022-48830 kernel: soc: qcom: cmd-db: Map shared memory as WC, not WB CVE-2024-46689 kernel: Squashfs: sanity check...

7.8CVSS6.8AI score0.00535EPSS
Exploits1References225
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.5 views

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Use of Uninitialized Resource (CVE-2024-46744)

In the Linux kernel, the following vulnerability has been resolved: Squashfs: sanity check symbolic link size. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

7.8CVSS6.2AI score0.00299EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2025/09/04 1:57 a.m.4 views

HDF5 H5FSsection.c H5FS__sect_link_size heap-based overflow

...

5.5CVSS7AI score0.00215EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2025/07/08 11:34 p.m.4 views

SUSE CVE-2025-7069

A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5FSsectlinksize of the file src/H5FSsection.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to t...

5.5CVSS3.6AI score0.00215EPSS
Exploits1References3
OSV
OSV
added 2025/07/04 9:15 p.m.3 views

DEBIAN-CVE-2025-7069

A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5FSsectlinksize of the file src/H5FSsection.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to t...

5.5CVSS3.8AI score0.00215EPSS
Exploits1References1
OSV
OSV
added 2025/07/04 9:15 p.m.4 views

UBUNTU-CVE-2025-7069

A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5FSsectlinksize of the file src/H5FSsection.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to t...

5.5CVSS5.1AI score0.00215EPSS
Exploits1References7
Snyk
Snyk
added 2025/07/04 9:2 p.m.3 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the H5FSsectlinksize function. An attacker can cause a crash or denial of service by providing specially crafted input that triggers a heap-based buffer overflow. Remediation A fix was pushed into the mast...

5.5CVSS4.3AI score0.00215EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/07/04 12:0 a.m.3 views

HDF5 安全漏洞

HDF5 is a library of HDF open source . HDF5 version 1.14.6 there is a buffer overflow vulnerability , the vulnerability stems from the file src/H5FSsection.c function H5FSsectlinksize failed to correctly validate the length of the input data size , a remote attacker can use this vulnerability on...

5.5CVSS8.1AI score0.00215EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/03/14 12:0 a.m.16 views

Amazon Linux 2 : kernel, --advisory ALAS2-2024-2696 (ALAS-2024-2696)

The version of kernel installed on the remote host is prior to 4.14.355-271.569. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2696 advisory. In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proccpusetshow...

7.8CVSS6.5AI score0.00879EPSS
Exploits2References38
CNNVD
CNNVD
added 2025/02/18 12:0 a.m.4 views

DENX Software Engineering Das U-Boot 安全漏洞

DENX Software Engineering Das U-Boot is a Universal Bootloader from DENX Software Engineering, Germany. A security vulnerability exists in versions prior to DENX Software Engineering Das U-Boot 2025.01-rc1 that stems from an integer overflow in the symbolic link size calculation...

7.1CVSS8AI score0.00359EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Squashfs: sanity check for symbolic link sizes Syzkiller reports a bug named “KMSAN: uninit-value in picklink”. This issue is caused by an uninitialized page, which ultimately results from reading a corrupted symbolic link siz...

7.8CVSS6.5AI score0.00299EPSS
Exploits0References3
OSV
OSV
added 2024/10/14 8:16 p.m.12 views

CLSA-2024-1728936982 kernel: Fix of 86 CVEs

drm/amd/pm: Fix negative array index read CVE-2024-46821 - drm/amd/display: Check gpioid before used as array index CVE-2024-46818 - drm/amd/display: Check linkindex before accessing dc-links CVE-2024-46813 - drm/amd/display: Fix index may exceed array range within fpuupdatebwboundingbox...

9.1CVSS7AI score0.01219EPSS
Exploits2References1
OSV
OSV
added 2024/10/10 6:6 p.m.8 views

CLSA-2024-1728583613 Fix of 18 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-46802 - drm/amd/display: added NULL check at start of dcvalidatestream CVE-url: https://ubuntu.com/security/CVE-2024-46818 - drm/amd/display: fix sporadic multiple aux transaction failure - drm/amd/display: Check gpioid before used as array index...

7.8CVSS6.8AI score0.00299EPSS
Exploits0References1
NVD
NVD
added 2024/09/18 8:15 a.m.18 views

CVE-2024-46744

In the Linux kernel, the following vulnerability has been resolved: Squashfs: sanity check symbolic link size Syzkiller reports a "KMSAN: uninit-value in picklink" bug. This is caused by an uninitialised page, which is ultimately caused by a corrupted symbolic link size read from disk. The reason...

7.8CVSS0.00299EPSS
Exploits0References12
OSV
OSV
added 2024/09/18 8:15 a.m.3 views

UBUNTU-CVE-2024-46744

In the Linux kernel, the following vulnerability has been resolved: Squashfs: sanity check symbolic link size Syzkiller reports a "KMSAN: uninit-value in picklink" bug. This is caused by an uninitialised page, which is ultimately caused by a corrupted symbolic link size read from disk. The reason...

7.8CVSS6.2AI score0.00299EPSS
Exploits0References27
Rows per page
Query Builder