Lucene search
K

22 matches found

NVD
NVD
added 2026/06/24 5:17 p.m.7 views

CVE-2026-53044

In the Linux kernel, the following vulnerability has been resolved: soc/tegra: cbb: Fix incorrect ARRAYSIZE in fabric lookup tables Fix incorrect ARRAYSIZE usage in fabric lookup tables which could cause out-of-bounds access during target timeout lookup...

7.1CVSS0.00124EPSS
Exploits0References3
CVE
CVE
added 2026/06/24 4:29 p.m.6 views

CVE-2026-53044

In the Linux kernel, the issue affects the soc/tegra: cbb fabric lookup tables due to incorrect ARRAY_SIZE usage. The root cause is an ARRAY_SIZE miscalculation that could lead to out-of-bounds access during target timeout lookup. This has been fixed in the referenced commits; the vulnerability i...

7.1CVSS5.7AI score0.00124EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-51938

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the soc/tegra: cbb component where the incorrect use of ARRAY SIZE in fabric lookup tables can lead to out-of-bounds access during target timeout lookup. Out-of-bounds...

7.1CVSS5.8AI score0.00124EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/13 2:42 p.m.66 views

CVE-2026-44291 protobufjs: Code generation gadget after prototype pollution

protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 7.5.6 and 8.0.2, protobufjs used plain objects with inherited prototypes for internal type lookup tables used by generated encode and decode functions. If Object.prototype had already been polluted, those lookup table...

8.1CVSS0.00499EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/12 3:1 p.m.132 views

protobuf.js: Code generation gadget after prototype pollution

Summary protobufjs used plain objects with inherited prototypes for internal type lookup tables used by generated encode and decode functions. If Object.prototype had already been polluted, those lookup tables could resolve attacker-controlled inherited properties as valid protobuf type...

8.1CVSS6AI score0.00499EPSS
Exploits0References5Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/06 10:56 p.m.9 views

CVE-2026-43241

A flaw was found in the Linux kernel component ntbhwswitchtec. This vulnerability allows an attacker to trigger an array-index-out-of-bounds access when handling the number of MW LUTs, which depends on NTB configuration. This invalid access to mwsizes can lead to a Denial of Service DoS condition...

7.1CVSS5.8AI score0.00126EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/06 12:30 p.m.12 views

EUVD-2026-27702

In the Linux kernel, the following vulnerability has been resolved: ntb: ntbhwswitchtec: Fix shift-out-of-bounds for 0 mw lut Number of MW LUTs depends on NTB configuration and can be set to zero, in such scenario rounddownpowoftwo will cause undefined behaviour and should not be performed. This...

5.8AI score0.00131EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/05/06 11:27 a.m.29 views

CVE-2026-43141 ntb: ntb_hw_switchtec: Fix shift-out-of-bounds for 0 mw lut

In the Linux kernel, the following vulnerability has been resolved: ntb: ntbhwswitchtec: Fix shift-out-of-bounds for 0 mw lut Number of MW LUTs depends on NTB configuration and can be set to zero, in such scenario rounddownpowoftwo will cause undefined behaviour and should not be performed. This...

0.00131EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-0168

Malicious code in bioql PyPI...

8.6CVSS6.4AI score0.00309EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/02/06 2:32 a.m.4 views

CVE-2025-24802

Plonky2 is a SNARK implementation based on techniques from PLONK and FRI. Lookup tables, whose length is not divisible by 26 = floornumroutedwires / 3 always include the 0 - 0 input-output pair. Thus a malicious prover can always prove that f0 = 0 for any lookup table f unless its length happens ...

8.6CVSS6.5AI score0.00309EPSS
Exploits0References1
OSV
OSV
added 2025/01/30 7:28 p.m.2 views

GHSA-HJ49-H7FQ-PX5H Soundness issue with Plonky2 look up tables

Impact Lookup tables, whose length is not divisible by 26 = floornumroutedwires / 3 always include the 0 - 0 input-output pair. Thus a malicious prover can always prove that f0 = 0 for any lookup table f unless its length happens to be divisible by 26. The cause of problem is that the...

8.6CVSS8.4AI score0.00309EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/01/30 7:28 p.m.7 views

Soundness issue with Plonky2 look up tables

Impact Lookup tables, whose length is not divisible by 26 = floornumroutedwires / 3 always include the 0 - 0 input-output pair. Thus a malicious prover can always prove that f0 = 0 for any lookup table f unless its length happens to be divisible by 26. The cause of problem is that the...

8.6CVSS6.6AI score0.00309EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/01/30 7:20 p.m.6 views

CVE-2025-24802 Soundness issue with Plonky2 look up tables

Plonky2 is a SNARK implementation based on techniques from PLONK and FRI. Lookup tables, whose length is not divisible by 26 = floornumroutedwires / 3 always include the 0 - 0 input-output pair. Thus a malicious prover can always prove that f0 = 0 for any lookup table f unless its length happens ...

8.6CVSS6.4AI score0.00309EPSS
Exploits0References5
CVE
CVE
added 2025/01/30 7:20 p.m.52 views

CVE-2025-24802

Summary of CVE-2025-24802 (Plonky2) : The vulnerability stems from padding zeroes in the LookupTableGate mechanism in Plonky2, where lookup tables whose length is not divisible by 26 (computed as floor(num_routed_wires/3)) will always include the 0 -> 0 input-output pair. This allows a malicio...

8.6CVSS8.4AI score0.00309EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/01/30 7:20 p.m.5 views

CVE-2025-24802 Soundness issue with Plonky2 look up tables

Plonky2 is a SNARK implementation based on techniques from PLONK and FRI. Lookup tables, whose length is not divisible by 26 = floornumroutedwires / 3 always include the 0 - 0 input-output pair. Thus a malicious prover can always prove that f0 = 0 for any lookup table f unless its length happens ...

8.6CVSS8.4AI score0.00309EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/01/30 7:20 p.m.16 views

CVE-2025-24802 Soundness issue with Plonky2 look up tables

Plonky2 is a SNARK implementation based on techniques from PLONK and FRI. Lookup tables, whose length is not divisible by 26 = floornumroutedwires / 3 always include the 0 - 0 input-output pair. Thus a malicious prover can always prove that f0 = 0 for any lookup table f unless its length happens ...

8.6CVSS0.00309EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/01/21 12:18 p.m.6 views

CVE-2025-21661 gpio: virtuser: fix missing lookup table cleanups

In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix missing lookup table cleanups When a virtuser device is created via configfs and the probe fails due to an incorrect lookup table, the table is not removed. This prevents subsequent probe attempts from...

6AI score0.00172EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2024/11/20 3:49 a.m.6 views

SUSE CVE-2024-53046

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: imx8ulp: correct the flexspi compatible string The flexspi on imx8ulp only has 16 LUTs, and imx8mm flexspi has 32 LUTs, so correct the compatible string here, otherwise will meet below error: 1.119072 ------------ cut...

5.5CVSS7.7AI score0.00281EPSS
Exploits0References3
OSV
OSV
added 2024/11/19 6:15 p.m.7 views

AZL-53858 CVE-2024-53046 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: imx8ulp: correct the flexspi compatible string The flexspi on imx8ulp only has 16 LUTs, and imx8mm flexspi has 32 LUTs, so correct the compatible string here, otherwise will meet below error: 1.119072 ------------ cut...

5.5CVSS6.8AI score0.00281EPSS
Exploits0References1
Microsoft KB
Microsoft KB
added 2022/04/12 8:0 a.m.77 views

Description of the security update for SharePoint Server 2019: April 12, 2022 (KB5002180)

Description of the security update for SharePoint Server 2019: April 12, 2022 KB5002180 Summary This security update resolves a Microsoft SharePoint Server spoofing vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2022-24472. Note: To...

8CVSS8.4AI score0.01881EPSS
Exploits0
Rows per page
Query Builder