Lucene search
K

210 matches found

CVE
CVE
added 2 days ago13 views

CVE-2026-51541

OpENer 2.3.0 (commit 76b95cf) is affected by CVE-2026-51541 due to an out-of-bounds read in CIP message parsing when processing malformed explicit requests with a forged EPath size. An ENIP SendRRData frame carrying a short CIP payload with a larger declared path_size can cause the parser to cont...

9.1CVSS6.1AI score0.00155EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/29 6:44 p.m.7 views

CVE-2026-13757

A flaw was found in p11-kit. The RPC message attribute parsing functions p11rpcmessagegetattribute and p11rpcmessagegetattributearrayvalue form a mutually-recursive call chain with no recursion depth limit when processing nested CKAWRAPTEMPLATE, CKAUNWRAPTEMPLATE, and CKADERIVETEMPLATE attributes...

6.2CVSS5.8AI score0.00137EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2026/06/11 8:33 p.m.12 views

Russh SSH message fields were decoded through allocation-first parsers before field-specific bounds

SSH message fields were decoded through allocation-first parsers before field-specific bounds Summary Several russh client and server message handlers decoded attacker-controlled SSH strings, name-lists, and byte fields into owned allocations before applying field-specific bounds. A remote SSH pe...

7.5CVSS6AI score0.00268EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/05/28 9:40 a.m.36 views

CVE-2026-46199 drm/amdgpu/vcn4: Prevent OOB reads when parsing dec msg

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn4: Prevent OOB reads when parsing dec msg Check bounds against the end of the BO whenever we access the msg...

7.1CVSS0.00131EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.13 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the vcn3 decoding message parsing process. This process does not check for boundaries, potentiall...

7.1CVSS5.8AI score0.00122EPSS
Exploits0References5
OSV
OSV
added 2026/05/13 8:53 a.m.8 views

CLSA-2026-1778254557 httpd: Fix of 8 CVEs

CVE-2026-24072: modrewrite/modsetenvif: use APEXPRFLAGRESTRICTED in htaccess to prevent reading server-side files via apexpr from .htaccess - CVE-2026-29169: moddavlock: NULL pointer dereference in davgenericrefreshlocks use dpscan instead of dp - CVE-2026-33006: modauthdigest: timing attack —...

8.8CVSS5.8AI score0.00654EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.5 views

SUSE SLED15 / SLES15 Security Update : protobuf (SUSE-SU-2026:1653-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1653-1 advisory. Refresh fixes: - CVE-2025-4565: parsing of untrusted Protocol Buffers data containing an arbitrary number of...

8.2CVSS5.9AI score0.00613EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/04/30 7:43 p.m.5 views

CVE-2026-33447

CVE-2026-33447 is a buffer overflow in a message parsing function of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a special packet that can overwrite a small portion of memory conceivably leading to memory corruption or denial of service...

2.3CVSS6.1AI score0.00252EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/30 7:43 p.m.32 views

CVE-2026-33447

CVE-2026-33447 is a buffer overflow in a message parsing function of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a special packet that can overwrite a small portion of memory conceivably leading to memory corruption or denial of service...

2.3CVSS0.00252EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/30 7:43 p.m.4 views

CVE-2026-33447

CVE-2026-33447 is a buffer overflow in a message parsing function of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a special packet that can overwrite a small portion of memory conceivably leading to memory corruption or denial of service...

2.3CVSS5.9AI score0.00252EPSS
Exploits0References2
CVE
CVE
added 2026/04/30 7:43 p.m.16 views

CVE-2026-33447

CVE-2026-33447 is a buffer overflow in the Secure Access client’s message parsing function prior to 14.50. An attacker able to control a modified server can send a crafted packet to overwrite a small portion of memory, potentially causing memory corruption or denial of service. Remediation: upgra...

9.8CVSS5.9AI score0.00252EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/30 12:0 a.m.16 views

PT-2026-36169

Name of the Vulnerable Software and Affected Versions Secure Access client versions prior to 14.50 Description A buffer overflow exists in a message parsing function of the client. Attackers controlling a modified server can send a specially crafted packet to overwrite a small portion of memory,...

9.8CVSS6AI score0.00252EPSS
Exploits0References7
OSV
OSV
added 2026/04/23 10:46 a.m.9 views

CLSA-2026-1776941204 squid: Fix of CVE-2021-28116

CVE-2021-28116: fix out-of-bounds read in WCCPv2 message parsing via stricter bounds validation of security, service, router, view, and capability items...

5.3CVSS5.8AI score0.13005EPSS
Exploits0References1
OSV
OSV
added 2026/04/22 11:0 a.m.12 views

CLSA-2026-1776855642 Fix CVE(s): CVE-2019-17498, CVE-2019-3857

SECURITY UPDATE: Integer overflow leading to out-of-bounds write when SSHMSGCHANNELREQUEST packets with exit signal messages are parsed. - debian/patches/CVE-2019-3857.patch: check namelen + 1 does not overflow before allocation in exit-signal handling. - CVE-2019-3857 SECURITY UPDATE: Integer...

8.8CVSS7.1AI score0.06131EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/06 9:31 p.m.5 views

EUVD-2025-209243

An issue was discovered in SMS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. A Stack-based Buffer Overflow occurs while parsing SMS RP-DA...

10CVSS5.9AI score0.0052EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.6 views

PT-2026-30703

Name of the Vulnerable Software and Affected Versions Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400 Description A Stack-based Buffer Overflow...

10CVSS5.9AI score0.0052EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.8 views

NanoMQ 安全漏洞

NanoMQ is an open-source IoT edge platform broker developed by EMQ in the United States. There is a security vulnerability in NanoMQ, which stems from the use of the hookworkcb function to parse message bodies using cJSONParse. This leads to out-of-bounds read access to unallocated memory...

8.2CVSS5.8AI score0.00359EPSS
Exploits1References3
OSV
OSV
added 2026/03/25 11:16 a.m.6 views

UBUNTU-CVE-2026-23307

In the Linux kernel, the following vulnerability has been resolved: can: emsusb: emsusbreadbulkcallback: check the proper length of a message When looking at the data in a USB urb, the actuallength is the size of the buffer passed to the driver, not the transferbufferlength which is set by the...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2026/03/25 10:27 a.m.1 views

CVE-2026-23307

In the Linux kernel, the following vulnerability has been resolved: can: emsusb: emsusbreadbulkcallback: check the proper length of a message When looking at the data in a USB urb, the actuallength is the size of the buffer passed to the driver, not the transferbufferlength which is set by the...

5.8AI score0.00123EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2026/03/03 9:3 p.m.9 views

CLSA-2026-1772571803 munge: Fix of CVE-2026-25506

CVE-2026-25506: fix buffer overflow in message parsing and add bounds checks and input validation for address length; prevent leak of cryptographic MAC subkey and forging of arbitrary credentials...

7.8CVSS7.6AI score0.00302EPSS
Exploits0References1
Rows per page
Query Builder