Lucene search
K

47 matches found

OSV
OSV
added 2026/05/28 10:16 a.m.7 views

UBUNTU-CVE-2026-46128

In the Linux kernel, the following vulnerability has been resolved: ipmi: Check event message buffer response for bad data The event message buffer response data size got checked later when processing, but check it right after the response comes back. It appears some BMCs may return an empty...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/28 9:35 a.m.12 views

EUVD-2026-32887

In the Linux kernel, the following vulnerability has been resolved: ipmi: Check event message buffer response for bad data The event message buffer response data size got checked later when processing, but check it right after the response comes back. It appears some BMCs may return an empty...

5.8AI score0.00128EPSS
Exploits0References5
CVE
CVE
added 2026/05/28 9:35 a.m.30 views

CVE-2026-46128

The CVE-2026-46128 issue concerns the Linux kernel IPMI event message handling. The root cause is an insufficiently validated event message buffer/data size occurring when fetching events, with some BMCs returning an empty message instead of an error. This leads to a potential failure in processi...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/28 9:35 a.m.9 views

CVE-2026-46128

In the Linux kernel, the following vulnerability has been resolved: ipmi: Check event message buffer response for bad data The event message buffer response data size got checked later when processing, but check it right after the response comes back. It appears some BMCs may return an empty...

5.8AI score0.00128EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVE
added 2026/05/28 9:35 a.m.10 views

CVE-2026-46128

In the Linux kernel, the following vulnerability has been resolved: ipmi: Check event message buffer response for bad data The event message buffer response data size got checked later when processing, but check it right after the response comes back. It appears some BMCs may return an empty...

5.5CVSS5.8AI score0.00128EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to promptly check the response data in the IPMI event message buffer. This could lead to...

5.8AI score0.00128EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.18 views

PT-2026-44251

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue exists in the ipmi module where the event message buffer response data size was checked too late during processing. Some Baseboard Management Controllers BMCs may return an emp...

9.8CVSS6.2AI score0.00525EPSS
Exploits8References293
NVD
NVD
added 2026/05/27 2:17 p.m.12 views

CVE-2026-46103

In the Linux kernel, the following vulnerability has been resolved: can: ucan: fix devres lifetime USB drivers bind to USB interfaces and any device managed resources should have their lifetime tied to the interface rather than parent USB device. This avoids issues like memory leaks when drivers...

5.5CVSS0.00114EPSS
Exploits0References8
OSV
OSV
added 2026/05/27 12:59 p.m.2 views

CVE-2026-46103 can: ucan: fix devres lifetime

In the Linux kernel, the following vulnerability has been resolved: can: ucan: fix devres lifetime USB drivers bind to USB interfaces and any device managed resources should have their lifetime tied to the interface rather than parent USB device. This avoids issues like memory leaks when drivers...

5.5CVSS6AI score0.00114EPSS
Exploits0References11
CVE
CVE
added 2026/05/27 12:59 p.m.30 views

CVE-2026-46103

CVE-2026-46103 affects the Linux kernel, specifically the USB stack where can: ucan fixes the devres lifetime. The root cause is that resources bound to USB interfaces were not guaranteed to outlive the parent USB device, leading to memory leaks when drivers unbind (e.g., during probe deferrals o...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References8Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.20 views

PT-2026-43971

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A lifetime bookkeeping error exists in the ucan driver within the CAN subsystem. USB drivers bind to USB interfaces, and device managed resources must have their lifetime tied to the...

5.5CVSS5.9AI score0.00114EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/18 12:0 a.m.14 views

PT-2026-41786

Name of the Vulnerable Software and Affected Versions OpenTelemetry eBPF Instrumentation versions prior to 0.9.0 Description The per-CPU message-buffer fallback path uses a 256-byte backup buffer but preserves the original payload size, which can reach up to 8KB. If a CPU mismatch occurs between...

5.9CVSS5.9AI score0.00287EPSS
Exploits1References6
Cvelist
Cvelist
added 2026/03/09 12:25 p.m.33 views

CVE-2026-3038 Local DoS and possible privilege escalation via routing sockets

The rtsockmsgbuffer function serializes routing information into a buffer. As a part of this, it copies sockaddr structures into a sockaddrstorage structure on the stack. It assumes that the source sockaddr length field had already been validated, but this is not necessarily the case, and it's...

0.00468EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/09 12:25 p.m.2 views

CVE-2026-3038 Local DoS and possible privilege escalation via routing sockets

The rtsockmsgbuffer function serializes routing information into a buffer. As a part of this, it copies sockaddr structures into a sockaddrstorage structure on the stack. It assumes that the source sockaddr length field had already been validated, but this is not necessarily the case, and it's...

6AI score0.00468EPSS
Exploits1References1
CVE
CVE
added 2026/03/09 12:25 p.m.66 views

CVE-2026-3038

The CVE-2026-3038 issue is a FreeBSD routing socket bug in rtsock_msg_buffer() that can overflow a stack buffer on the stack, overwriting the canary and causing a kernel panic. It arises when a source sockaddr length is not validated, allowing unprivileged users to trigger a 127-byte overflow and...

7.5CVSS6AI score0.00468EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2026/03/09 12:0 a.m.9 views

FreeBSD 安全漏洞

FreeBSD is a Unix-like operating system developed by the FreeBSD Foundation. FreeBSD has a security vulnerability that stems from the rtsockmsgbuffer function not verifying the length field of the source sockaddr. This can lead to a stack buffer overflow, potentially causing a kernel crash...

7.5CVSS5.9AI score0.00468EPSS
Exploits1References1
Packet Storm News
Packet Storm News
added 2026/02/24 12:0 a.m.7 views

FreeBSD Security Advisory - FreeBSD-SA-26:05.route

FreeBSD Security Advisory - The rtsockmsgbuffer function serializes routing information into a buffer. As a part of this, it copies sockaddr structures into a sockaddrstorage structure on the stack. It assumes that the source sockaddr length field had already been validated, but this is not...

6AI score0.00468EPSS
Exploits1
FreeBSD Advisory
FreeBSD Advisory
added 2026/02/24 12:0 a.m.6 views

FreeBSD-SA-26:05.route

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:05.route Security Advisory The FreeBSD Project Topic: Local DoS and possible privilege escalation via routing sockets Category: core Module: route Announced:...

7.5CVSS6.1AI score0.00468EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2026/01/15 11:25 p.m.3 views

CVE-2021-47793 Telegram Desktop 2.9.2 - Denial of Service (PoC)

Telegram Desktop 2.9.2 contains a denial of service vulnerability that allows attackers to crash the application by sending an oversized message payload. Attackers can generate a 9 million byte buffer and paste it into the messaging interface to trigger an application crash...

7.5CVSS6.5AI score0.00451EPSS
Exploits1References3
NVD
NVD
added 2025/11/29 3:15 a.m.7 views

CVE-2025-66216

AIS-catcher is a multi-platform AIS receiver. Prior to version 0.64, a heap buffer overflow vulnerability has been identified in the AIS::Message class of AIS-catcher. This vulnerability allows an attacker to write approximately 1KB of arbitrary data into a 128-byte buffer. This issue has been...

9.8CVSS0.00443EPSS
Exploits1References2
Rows per page
Query Builder