Lucene search
K

1374 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:31 p.m.11 views

CVE-2026-33378

Using the $timeGroup macro, one can achieve an OOM by overloading the server. This requires a SQL datasource. If the server is set up to auto-restart, the impact is minimal or non-existent, as the attack can take upwards of half an hour to crash the server...

6.5CVSS5.5AI score0.00328EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.21 views

PT-2026-45766

Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the BIOS INT 0x15 / E820 memory map handler, implemented in napoca/guests/bios handlers.c. The handler computes a destination offset into the guest RealModeMemory buffer from guest-controlled ES and EDI...

8.5CVSS5.8AI score0.00118EPSS
Exploits0References2
CVE
CVE
added 2026/06/01 12:0 a.m.19 views

CVE-2026-37228

FlexRIC v2.0.0 is affected by a reachable assertion in e2ap_recv_sctp_msg() (src/lib/ep/e2ap_ep.c). The code allocates a fixed 32 KB receive buffer and asserts rc = 32,768 bytes to crash the near-RT RIC, iApp, E2 Agent, or xApp process via SIGABRT. All four SCTP endpoint types (ports 36421 and 36...

7.5CVSS6.1AI score0.00642EPSS
Exploits1References2Affected Software1
SUSE CVE
SUSE CVE
added 2026/05/30 2:8 a.m.14 views

SUSE CVE-2026-32792

NLnet Labs Unbound 1.6.2 up to and including version 1.25.0 has a denial of service vulnerability when compiled with DNSCrypt support '--enable-dnscrypt'. A bad DNSCrypt query could underflow Unbound's DNSCrypt packet reading procedure that may lead to heap overflow. A malicious actor can exploit...

5.9CVSS6AI score0.00337EPSS
Exploits0References9
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/29 4:43 p.m.12 views

Security Bulletin: Multiple security vulnerabilities addressed with IBM Business Automation Workflow cumulative fixes May 2026

Summary In addition to updating many operating system level packages, the following security vulnerabilities are addressed with IBM Business Automation Workflow cumulative fixes. Vulnerability Details CVEID:CVE-2025-12183 DESCRIPTION: Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and...

9.8CVSS7.3AI score0.87218EPSS
Exploits12Affected Software2
OSV
OSV
added 2026/05/29 1:35 p.m.12 views

OESA-2026-2504 rsync security update

Rsync is an open source utility that provides fast incremental file transfer. It uses the "rsync algorithm" which provides a very fast method for bringing remote files into sync. It does this by sending just the differences in the files across the link, without requiring that both sets of files a...

8.1CVSS6AI score0.0078EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:15 a.m.12 views

SUSE CVE-2026-46209

In the Linux kernel, the following vulnerability has been resolved: drm/gem: Fix inconsistent plane dimension calculation in drmgemfbinitwithfuncs drmgemfbinitwithfuncs computes sub-sampled plane dimensions using plain integer division: unsigned int width = modecmd-width / i ? info-hsub : 1;...

7CVSS5.8AI score0.00139EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.34 views

RockyLinux 8 : dnsmasq (RLSA-2026:20589)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:20589 advisory. dnsmasq: dnsmasq: heap buffer overflow in cache via NAMEESCAPE expansion CVE-2026-2291 dnsmasq: NSEC bitmap parsing infinite loop CVE-2026-4890 dnsmasq:...

8.8CVSS6AI score0.07237EPSS
Exploits3References11
OSV
OSV
added 2026/05/28 3:43 p.m.12 views

RLSA-2026:19358 Moderate: freerdp security update

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fixes: freerdp: FreeRDP: Denial of service due to use-after-free vulnerability...

7.3CVSS5.8AI score0.00599EPSS
Exploits7References9
EUVD
EUVD
added 2026/05/28 9:36 a.m.14 views

EUVD-2026-32772

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Validate rxhashkeylen Sashiko points out that rxhashkeylen comes from a uAPI structure and is blindly passed to memcpy, allowing the userspace to trash kernel memory. Bounds check it so the memcpy cannot overflow...

5.9AI score0.00142EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/28 9:36 a.m.35 views

CVE-2026-46145 RDMA/mana: Validate rx_hash_key_len

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Validate rxhashkeylen Sashiko points out that rxhashkeylen comes from a uAPI structure and is blindly passed to memcpy, allowing the userspace to trash kernel memory. Bounds check it so the memcpy cannot overflow...

7.8CVSS0.00142EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/05/27 12:55 p.m.12 views

CVE-2026-45990

In the Linux kernel, the following vulnerability has been resolved: slub: fix data loss and overflow in krealloc Commit 2cd8231796b5 "mm/slub: allow to set node and align in kvrealloc" introduced the ability to force a reallocation if the original object does not satisfy new alignment or NUMA nod...

5.5CVSS5.9AI score0.00133EPSS
Exploits0
OSV
OSV
added 2026/05/27 7:56 a.m.10 views

SUSE-SU-2026:2085-1 Security update for postgresql15

This update for postgresql15 fixes the following issues Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard against malicious time zone...

8.8CVSS6.1AI score0.00668EPSS
Exploits0References18
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.15 views

archive-tar-new 安全漏洞

archive-tar-new is a Perl module developed by Jos Boumans, used for creating and manipulating tar files in memory. Versions of archive-tar-new prior to version 3.10 contained security vulnerabilities. These vulnerabilities stemmed from the readtar function, which did not set an upper limit when...

7.5CVSS5.9AI score0.00437EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.22 views

SUSE SLES15 Security Update : nginx (SUSE-SU-2026:2050-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2050-1 advisory. This update for nginx fixes the following issues - CVE-2026-27651: denial of service via undisclosed requests when the...

9.2CVSS9AI score0.61469EPSS
Exploits40References19
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Redis

Redis is an in-memory database that persists data on disk.Authenticated users who execute specially crafted SETRANGE and SORTRO commands can trigger an integer overflow, causing Redis to attempt to allocate an impossible amount of memory and result in a Memory Out of Control OOM panic. This issue...

5.5CVSS5.9AI score0.33269EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Redis

Redis is an in-memory database that persists data on disk. Redis improperly handles the resizing of memory buffers, which can lead to integer overflows. This can, in turn, cause heap overflows and potentially allow for remote code execution. This issue has been fixed in versions 7.0.15 and 7.2.4...

8.1CVSS6.9AI score0.02582EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in net-snmp

Net-SNMP provides various tools related to the Simple Network Management Protocol. Prior to version 5.9.2, a buffer overflow in the handling of the INDEX in NET-SNMP-VACM-MIB could lead to an out-of-bounds memory access. A user with read-only credentials could exploit this issue. Version 5.9.2...

8.8CVSS7.1AI score0.01299EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: init/main.c: Fixed a potential memory overflow issue with staticcommandline. We allocated memory of size ‘xlen + strlenbootcommandline + 1 for staticcommandline. However, the strings copied into staticcommandline were actually...

7.8CVSS6.4AI score0.00279EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: spi: spi-qpic-snand: reallocation of BAM transactions When using the mtdnandbiterrs module to test the driver, occasional issues arise, such as the following: 1. The swiotlb mapping fails with the following message: 85.926216...

5.5CVSS6.9AI score0.00129EPSS
Exploits0References2
Rows per page
Query Builder