CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

7.1CVSS5.5AI score0.00097EPSS

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Thermal: Intel: PowerClamp: Fixing a mismatch in the get function for maxIdle. KASAN reported this issue. 444.853098 BUG: KASAN: Global-out-of-bounds condition in paramgetint+0x77/0x90 444.853111 A size 4 value was read from the...

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mm: Avoid overflows in the dirty throttling logic. The dirty throttling logic relies on assumptions that dirty limits in PAGESIZE units fit within 32-bit boundaries so that various calculations can be performed within 64 bits. If...

4.4CVSS6.2AI score0.00013EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: In the net/sched module, there is an issue with taprio: Limiting TCATAPRIOATTRSCHEDCYCLETIME to INTMAX. syzkaller encountered a division error 0 in the divs64rem function, which is called from getcycletimeelapsed. In this functio...

5.5AI score0.00028EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: qmiencdec: Restrict string length in decode The QMI TLV value for strings in many qmi element information structures accounts for null-terminated strings with a length of MAXLEN + 1. If a string actually has a length o...

5.8AI score0.00044EPSS

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: mapletree: fixed a potential out-of-bounds access in maswrendpiv Check the write offset’s end bounds before using it as an offset into the pivot array. This prevents possible out-of-bounds accesses to the pivot array if the...

5.7AI score0.00028EPSS

5.5CVSS5.6AI score0.00017EPSS

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: A crash occurred during the disabling of turbo mode. When the system is booted with the kernel command line arguments “nosmt” or “maxcpus” to limit the number of CPUs, disabling turbo mode by executing: echo...

5.5CVSS6.2AI score0.00017EPSS

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Added a check for the srqmaxsge attribute. The maxsge attribute is provided by the user and is inserted and used unchecked. Therefore, ensure that the value does not exceed the maximum allowed value before using it...

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ipv6: Annotated data-race in ndiscrouterdiscovery The syzbot found that ndiscrouterdiscovery could read and write in6dev-ramtu without holding a lock 1 This seems fine, as long as IFLAINET6RAMTU is implemented with best effort. A...

5.5CVSS5.8AI score0.00018EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: media: s5pcec: limit msglen to CECMAXMSGSIZE I expect that the hardware will have limited this value to 16, but just in case it isn’t the case, check for this corner case...

5.5CVSS6.2AI score0.0002EPSS

Anthropic•added 2026/05/20 1:20 a.m.•9 views

ANT-2026-6615Y595 · wolfSSL · Heap Buffer Overflow

heap-buffer-overflow medium CVE-2026-5448 Severity Claude medium · Security research firm medium · Maintainer - REPORT Anthropic's analysis, sealed at approval. Disclosure to the maintainer was performed by Calif. ANT-2026-6615Y595: Final Assessment: 2-Byte Heap Overflow in wolfSSLX509notAfter /...

4.3CVSS5.9AI score0.00019EPSS

Exploits0

Positive Technologies•added 2026/05/19 12:0 a.m.•9 views

PT-2026-41968

Summary The Mailpit SMTP server has a Server.MaxSize int field that controls the maximum allowed DATA payload size, but the field is never assigned anywhere outside test code, leaving it at Go's zero value 0 ⇒ "no limit". The same applies to the HTTP /api/v1/send endpoint, whose request body is...

7.5CVSS5.8AI score

Exploits0References4

EUVD•added 2026/05/18 5:42 p.m.•7 views

EUVD-2026-30789

NetBSD prior to commit ec8451e contains a signed integer overflow vulnerability in the cryptodevop function in sys/opencrypto/cryptodev.c where the local variable iovlen is declared as a signed int but assigned from an unsigned cop-dstlen value, causing undefined behavior when cop-dstlen exceeds...

5.7CVSS5.9AI score0.00013EPSS

Exploits0References3

OSV•added 2026/05/15 12:0 p.m.•4 views

RUSTSEC-2026-0154 Unbounded 32-bit allocation

Both the SSH agent server and client accepted peer-controlled frame lengths without enforcing a maximum frame size. This could cause large memory allocations while parsing a maliciously crafted agent frame. A malicious peer could advertise an oversized frame length, causing the client or server t...

7.5CVSS5.9AI score0.0004EPSS

Exploits0References4

NVD•added 2026/05/14 8:17 p.m.•6 views

CVE-2026-43905

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, jpeg2000input.cpp:395 computes buffer size as const int bufsize = w h ch bufferbpp using signed 32-bit arithmetic. When the product...

7.8CVSS0.00013EPSS

Exploits1References1

EUVD•added 2026/05/14 8:1 p.m.•5 views

EUVD-2026-30409

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, signed integer overflow in sixelencodehighcolor's allocation size calculation can lead to a heap buffer overflow. The public sixelencode entry point validates only that width and height are greater th...

7.4CVSS6.3AI score0.00015EPSS