Lucene search
K

18 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: PowerPC: Fixed virtaddrvalid for 64-bit Book3E & 32-bit systems. MPE: On 64-bit Book3E, the vmalloc space starts at 0x8000000000000000. Due to the way pa works, pa0x8000000000000000 returns 0. Therefore,...

5.5CVSS5.7AI score0.00247EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ocfs2: A strict bound check was performed before using memcmp in ocfs2xattrfindEntry. The xattr function in ocfs2 might be “non-indexed”, which requires additional space for storage. It’s better to check whether the memory is out...

5.5CVSS6.2AI score0.00239EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/15 2:47 a.m.7 views

CVE-2023-31317

Improper restriction of operations within the bounds of a memory buffer in the AMD secure processer ASP could allow an attacker to read or write to protected memory potentially resulting in arbitrary code execution...

8.8CVSS6.2AI score0.00104EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013377)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013377 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: strict bound check before memcmp in ocfs2xattrfindentry xattr in ocfs2 maybe 'non-indexed'...

5.5CVSS6.7AI score0.00239EPSS
Exploits0References4
OSV
OSV
added 2026/03/23 6:14 p.m.2 views

GO-2026-4727 Mattermost fails to bound memory allocation when processing PSD image files in github.com/mattermost/mattermost-server

Mattermost fails to bound memory allocation when processing PSD image files in github.com/mattermost/mattermost-server. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive...

4.3CVSS5.8AI score0.00221EPSS
Exploits0References2
OSV
OSV
added 2026/03/23 6:14 p.m.5 views

GO-2026-4733 Mattermost fails to bound memory allocation when processing DOC files in github.com/mattermost/mattermost-server

Mattermost fails to bound memory allocation when processing DOC files in github.com/mattermost/mattermost-server. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports...

4.3CVSS5.8AI score0.00267EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/01/01 12:23 a.m.4 views

SUSE CVE-2025-69261

WasmEdge is a WebAssembly runtime. Prior to version 0.16.0-alpha.3, a multiplication in WasmEdge/include/runtime/instance/memory.h can wrap, causing checkAccessBound to incorrectly allow the access. This leads to a segmentation fault. Version 0.16.0-alpha.3 contains a patch for the issue...

7.5CVSS6.8AI score0.00285EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.3 views

Siemens SIMATIC Devices Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2024-41016)

ocfs2: strict bound check before memcmp in ocfs2xattrfindentry xattr in ocfs2 maybe 'non-indexed', which saved with additional space requested. It's better to check if the memory is out of bound before memcmp, although this possibility mainly comes from crafted poisonous images. This plugin only...

5.5CVSS6.7AI score0.00239EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/03/03 9:15 a.m.5 views

CVE-2025-1864

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in radareorg radare2 allows Overflow Buffers.This issue affects radare2: before 5.9.9...

10CVSS7.3AI score0.00445EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/12/12 12:0 a.m.6 views

The vulnerability of Ollama’s system for running and managing large language models, related to out-of-memory reading, allows a perpetrator to trigger a service failure.

The vulnerability of the Ollama system for running and managing large language models is related to memory-bound reading. Exploiting this vulnerability could allow a malicious actor to trigger a service disruption segmentation attack through the use of a specially created file...

8.5CVSS7.5AI score0.02479EPSS
Exploits1References5Affected Software3
OSV
OSV
added 2024/09/24 2:15 a.m.7 views

CVE-2024-38268

An improper restriction of operations within the bounds of a memory buffer in the MAC address parser of the Zyxel VMG8825-T50K firmware versions through 5.50ABOM.8C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread...

4.9CVSS6AI score0.00431EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/08/06 2:2 a.m.5 views

SUSE CVE-2024-41016

In the Linux kernel, the following vulnerability has been resolved: ocfs2: strict bound check before memcmp in ocfs2xattrfindentry xattr in ocfs2 maybe 'non-indexed', which saved with additional space requested. It's better to check if the memory is out of bound before memcmp, although this...

5.5CVSS6.3AI score0.00239EPSS
Exploits0References37
OSV
OSV
added 2024/07/29 7:15 a.m.3 views

UBUNTU-CVE-2024-41016

In the Linux kernel, the following vulnerability has been resolved: ocfs2: strict bound check before memcmp in ocfs2xattrfindentry xattr in ocfs2 maybe 'non-indexed', which saved with additional space requested. It's better to check if the memory is out of bound before memcmp, although this...

5.5CVSS6.2AI score0.00239EPSS
Exploits0References34
RedHat Linux
RedHat Linux
added 2024/05/29 1:33 p.m.4 views

golang: crypto/tls: lack of a limit on buffered post-handshake

A flaw was found in Golang. QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With the fix, connections now consistently reject messages larger than 65KiB in size...

7.5CVSS7.3AI score0.01137EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2023/12/04 12:0 a.m.5 views

The vulnerability of Adobe InDesign’s computer layout automation tool, related to memory-bound reading, allows attackers to exploit it to disclose protected information.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to memory-walking attacks. Exploiting this vulnerability can allow attackers to disclose protected information...

5.5CVSS5.9AI score0.00339EPSS
Exploits0References3Affected Software1
RedHat Linux
RedHat Linux
added 2023/09/19 3:9 p.m.3 views

kernel: nf_tables: stack-out-of-bounds-read in nft_byteorder_eval()

An out-of-bounds OOB memory access flaw was found in the Netfilter module in the Linux kernel's nftbyteordereval in net/netfilter/nftbyteorder.c. A bound check failure allows a local attacker with CAPNETADMIN access to cause a local privilege escalation issue due to incorrect data alignment...

7.8CVSS6.6AI score0.02154EPSS
Exploits2References6
BDU FSTEC
BDU FSTEC
added 2020/04/23 12:0 a.m.5 views

The vulnerability of the multimedia library libvpx, related to reading beyond the buffer boundaries of memory, allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the multimedia library libvpx is related to a memory-bound read error. Exploiting this vulnerability could allow an attacker to gain access to confidential data remotely...

7.1CVSS6.8AI score0.02571EPSS
Exploits0References11Affected Software6
BDU FSTEC
BDU FSTEC
added 2016/06/17 12:0 a.m.6 views

The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure.

The vulnerability of the SkRegion::readFromMemory function in the Google Chrome browser’s Skia component is related to the lack of checking for counter intervals. Exploiting this vulnerability can allow a malicious actor to trigger a service failure memory-bound reading by using a specially craft...

4.3CVSS7AI score0.01234EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder