Lucene search
K

87 matches found

SUSE CVE
SUSE CVE
added 2026/06/26 2:10 a.m.7 views

SUSE CVE-2026-53206

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add bounds check for firmware runtime memory Validate that the firmware runtime memory specified in the image header is properly aligned and sized to hold the firmware image. This prevents errors during memory...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 9:16 a.m.6 views

CVE-2026-53206

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add bounds check for firmware runtime memory Validate that the firmware runtime memory specified in the image header is properly aligned and sized to hold the firmware image. This prevents errors during memory...

5.5CVSS0.00112EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 8:39 a.m.11 views

CVE-2026-53206

CVE-2026-53206 affects the Linux kernel (accel/ivpu) where the firmware runtime memory in the image header lacked proper bounds checks. The issue is addressed by validating alignment and sizing to ensure the firmware image fits in memory, preventing allocation or transfer errors. The available co...

5.5CVSS5.7AI score0.00112EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.12 views

PT-2026-52302

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the accel/ivpu component where the firmware runtime memory specified in the image header is not properly validated. The lack of bounds checks for alignment and size ca...

5.5CVSS6AI score0.00112EPSS
Exploits0References10
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: spi: wpcm-fiu: Fixed the potential NULL pointer dereferencing in wpcmfiuprobe. The platformgetresourcebyname function may return NULL, which could lead to a crash when the pointer to resourcesize is passed as an argument. The...

5.5CVSS6AI score0.00114EPSS
Exploits0References2
CVE
CVE
added 2026/06/03 3:49 p.m.22 views

CVE-2026-46261

CVE-2026-46261 relates to the Linux kernel wpcm-fiu SPI driver. The issue is a potential NULL pointer dereference when platform_get_resource_byname() returns NULL, if the NULL is dereferenced by resource_size(). The patch moves the fiu->memory_size assignment to occur after the error check for...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References5Affected Software1
RedHat Linux
RedHat Linux
added 2026/05/20 7:46 p.m.15 views

freerdp: FreeRDP: Denial of Service via endless blocking loop in Stream_EnsureCapacity

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. The StreamEnsureCapacity function can create an endless blocking loop, leading to a Denial of Service DoS. This vulnerability can be exploited on 32-bit systems where the available physical memory is greater than o...

7.5CVSS5.8AI score0.00346EPSS
Exploits1References6
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: added a sanity check on the previous kernel’s ima kexec buffer. When the second-stage kernel is booted via kexec with a limiting command line such as “mem=”, the physical range that contains the carried over IMA...

5.5CVSS6AI score0.00123EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/06 12:30 p.m.12 views

EUVD-2026-27732

In the Linux kernel, the following vulnerability has been resolved: drm/buddy: Prevent BUGON by validating rounded allocation When DRMBUDDYCONTIGUOUSALLOCATION is set, the requested size is rounded up to the next power-of-two via rounduppowoftwo. Similarly, for non-contiguous allocations with lar...

5.7AI score0.00127EPSS
Exploits0References5
CVE
CVE
added 2026/05/06 11:27 a.m.16 views

CVE-2026-43169

The CVE-2026-43169 issue lies in the Linux kernel DRM_BUDDY code (drm/buddy) where contiguous allocations (and large non-contiguous allocations) are rounded up to a power of two or aligned, potentially producing a size > mm->size and triggering BUG_ON(order > mm->max_order). If such a...

5.5CVSS5.7AI score0.00127EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/05/05 6:33 p.m.9 views

GHSA-W26R-RMM8-9C29 Django has an Improper Handling of Length Parameter Inconsistency

An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. ASGI requests with a missing or understated Content-Length header can bypass the FILEUPLOADMAXMEMORYSIZE limit, potentially loading large files into memory and causing service degradation. As a reminder, Django expects a limit to ...

6.3CVSS5.8AI score0.00423EPSS
Exploits0References6
OSV
OSV
added 2026/05/05 4:16 p.m.16 views

PYSEC-2026-54

An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. ASGI requests with a missing or understated Content-Length header can bypass the FILEUPLOADMAXMEMORYSIZE limit, potentially loading large files into memory and causing service degradation. As a reminder, Django expects a limit to ...

6.3CVSS5.8AI score0.00423EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/05 2:49 p.m.4 views

CVE-2026-5766

An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. ASGI requests with a missing or understated Content-Length header can bypass the FILEUPLOADMAXMEMORYSIZE limit, potentially loading large files into memory and causing service degradation. As a reminder, Django expects a limit to ...

6.3CVSS5.8AI score0.00423EPSS
Exploits0References4Affected Software1
SUSE CVE
SUSE CVE
added 2026/04/13 11:26 p.m.7 views

SUSE CVE-2026-34988

Wasmtime is a runtime for WebAssembly. From 28.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's implementation of its pooling allocator contains a bug where in certain configurations the contents of linear memory can be leaked from one instance to the next. The implementation of resetting the...

6.3CVSS5.8AI score0.00286EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/04/09 8:23 p.m.12 views

Wasmtime has data leakage between pooling allocator instances

Impact Wasmtime's implementation of its pooling allocator contains a bug where in certain configurations the contents of linear memory can be leaked from one instance to the next. The implementation of resetting the virtual memory permissions for linear memory used the wrong predicate to determin...

6.3CVSS5.7AI score0.00286EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/04/09 8:23 p.m.5 views

GHSA-6WGR-89RJ-399P Wasmtime has data leakage between pooling allocator instances

Impact Wasmtime's implementation of its pooling allocator contains a bug where in certain configurations the contents of linear memory can be leaked from one instance to the next. The implementation of resetting the virtual memory permissions for linear memory used the wrong predicate to determin...

2.3CVSS5.7AI score0.00286EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/09 8:23 p.m.7 views

EUVD-2026-21033

Wasmtime has data leakage between pooling allocator instances...

2.3CVSS5.9AI score0.00286EPSS
Exploits0References1
OSV
OSV
added 2026/04/09 7:16 p.m.7 views

DEBIAN-CVE-2026-34988

Wasmtime is a runtime for WebAssembly. From 28.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's implementation of its pooling allocator contains a bug where in certain configurations the contents of linear memory can be leaked from one instance to the next. The implementation of resetting the...

6.3CVSS5.4AI score0.00286EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/09 6:52 p.m.5 views

CVE-2026-34988

Wasmtime is a runtime for WebAssembly. From 28.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's implementation of its pooling allocator contains a bug where in certain configurations the contents of linear memory can be leaked from one instance to the next. The implementation of resetting the...

2.3CVSS5.9AI score0.00286EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/04/09 6:52 p.m.26 views

CVE-2026-34988 Wasmtime leaks data between pooling allocator instances

Wasmtime is a runtime for WebAssembly. From 28.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's implementation of its pooling allocator contains a bug where in certain configurations the contents of linear memory can be leaked from one instance to the next. The implementation of resetting the...

2.3CVSS0.00286EPSS
Exploits0References1
Rows per page
Query Builder