Lucene search
K

1374 matches found

Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.6 views

PT-2026-37816

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemux parse theora extension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a large unintended...

9.8CVSS7.5AI score0.01344EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.12 views

PT-2026-37617

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the APEI/GHES component where the ghes new function fails to properly validate the size of CPER records. While the logic prevents allocating records larger than GHES...

5.5CVSS5.4AI score0.00114EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/05/05 10:20 a.m.22 views

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring Syst...

9.8CVSS6.2AI score0.96267EPSS
Exploits229References5
Tenable Nessus
Tenable Nessus
added 2026/04/29 12:0 a.m.12 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: libsoup (UTSA-2026-015469)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-015469 advisory. A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME and other applications for network communication. When processin...

8.6CVSS6.4AI score0.00557EPSS
Exploits0References4
OSV
OSV
added 2026/04/28 5:32 p.m.11 views

USN-8219-1 ujson vulnerabilities

Cameron Criswell discovered that UltraJSON contained a memory leak that would occur when parsing large integers. An attacker could possibly use this issue to cause UltraJSON to crash, resulting in a denial of service. This issue only affected Ubuntu 24.04 LTS, Ubuntu 25.10, and Ubuntu 26.04 LTS...

7.5CVSS5.4AI score0.00479EPSS
Exploits1References3
OSV
OSV
added 2026/04/24 3:16 p.m.4 views

DEBIAN-CVE-2026-31590

In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Drop WARN on large size for KVMMEMORYENCRYPTREGREGION Drop the WARN in sevpinmemory on npages overflowing an int, as the WARN is comically trivially to trigger from userspace, e.g. by doing: struct kvmencregion range =...

5.5CVSS5.3AI score0.00125EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/04/22 9:0 p.m.13 views

rust-openssl: Unchecked callback length in PSK/cookie trampolines leaks adjacent memory to peer

The FFI trampolines behind SslContextBuilder::setpskclientcallback, setpskservercallback, setcookiegeneratecb, and setstatelesscookiegeneratecb forwarded the user closure's returned usize directly to OpenSSL without checking it against the &mut u8 that was handed to the closure. This can lead to...

9.8CVSS6AI score0.00412EPSS
Exploits0References6Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/22 10:28 a.m.5 views

CVE-2026-5450

A flaw was found in glibc GNU C Library. This vulnerability occurs when an application uses the scanf family of functions with a %mc format specifier, which is used for dynamically allocating memory for character input, and provides an explicit width greater than 1024. This specific combination c...

9.8CVSS5.7AI score0.00451EPSS
Exploits1References6
NVD
NVD
added 2026/04/22 7:16 a.m.8 views

CVE-2026-41664

Integer overflow in memory copy size calculation in Samsung Open Source ONE could lead to invalid memory operations with large tensor shapes. Affected version is prior to commit 1.30.0...

6.6CVSS0.00102EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/22 5:54 a.m.3 views

CVE-2026-41664

Integer overflow in memory copy size calculation in Samsung Open Source ONE could lead to invalid memory operations with large tensor shapes. Affected version is prior to commit 1.30.0...

6.6CVSS5.8AI score0.00102EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/22 5:54 a.m.2 views

CVE-2026-41664

Integer overflow in memory copy size calculation in Samsung Open Source ONE could lead to invalid memory operations with large tensor shapes. Affected version is prior to commit 1.30.0...

6.6CVSS5.8AI score0.00102EPSS
Exploits0References1
CVE
CVE
added 2026/04/22 5:54 a.m.14 views

CVE-2026-41664

CVE-2026-41664 describes an integer overflow in the memory copy size calculation within Samsung Open Source ONE. The issue affects versions prior to commit 1.30.0 and can cause invalid memory operations when handling large tensor shapes. The exact vulnerable component is the size calculation duri...

6.6CVSS5.8AI score0.00102EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.10 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011173)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011173 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate the box size for the snooped cursor Invalid userspace dma surface copies cou...

5.5CVSS5.6AI score0.00149EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.4 views

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007030)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007030 advisory. In the Linux kernel, the following vulnerability has been resolved: media: usbtv: Lock resolution while streaming When an program is streaming ffplay and another...

5.5CVSS5.8AI score0.00148EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.8 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-012959)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-012959 advisory. In the Linux kernel, the following vulnerability has been resolved: init/main.c: Fix potential staticcommandline memory overflow We allocate memory of size 'xlen +...

7.8CVSS6.8AI score0.00279EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.3 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: freerdp (UTSA-2026-010667)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010667 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdisurfacebits function processes SURFACEBITSCOMMAND messages sent by the RDP...

9.8CVSS6.2AI score0.00656EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007236)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007236 advisory. In the Linux kernel, the following vulnerability has been resolved: firewire: nosy: ensure userlength is taken into account when fetching packet contents Ensure that...

7.1CVSS6.4AI score0.00296EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.11 views

NI LabVIEW < 2023 Q3 Patch 9 / 2024.x < 2024 Q3 Patch 6 / 2025.x < 2025 Q3 Patch 4 / 2026.x < 2026 Q1 Patch 1 Multiple Memory Corruption Vulnerabilities

The version of National Instruments NI LabVIEW installed on the remote Windows host is affected by multiple memory corruption vulnerabilities that may result in information disclosure or arbitrary code execution, including the following: - There is an out-of-bounds read vulnerability in...

8.5CVSS7.4AI score0.0022EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/04/15 7:18 p.m.8 views

CVE-2026-6385

A flaw was found in FFmpeg. A remote attacker could exploit this vulnerability by providing a specially crafted MPEG-PS/VOB media file containing a malicious DVD subtitle stream. This vulnerability is caused by a signed integer overflow in the DVD subtitle parser's fragment reassembly bounds...

6.5CVSS6.1AI score0.00437EPSS
Exploits0References3
Amazon
Amazon
added 2026/04/14 12:0 a.m.8 views

Important: nginx

Issue Overview: When the ngxmailauthhttpmodule module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause worker processes to terminate. This issue may occur when 1 CRAM-MD5 or APOP authentication is enabled, and 2 the authentication server permits retry by returning the...

8.8CVSS7.8AI score0.21621EPSS
Exploits0
Rows per page
Query Builder