Lucene search
K

346 matches found

RedHat Linux
RedHat Linux
added 2025/09/08 12:6 p.m.5 views

kernel: udmabuf: fix a buf size overflow issue during udmabuf creation

A buffer-overflow vulnerability was found in the Linux kernel's udmabuf driver. The flaw occurs in the udmabufcreate function, which calculates the page count limit pglimit using the variable sizelimitmb. This size variable can be misinterpreted as either 32-bit or 64-bit, resulting in incorrect...

7.8CVSS7.3AI score0.00177EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/08/14 9:8 a.m.20 views

CVE-2025-48862

Ambiguous wording in the web interface of the ctrlX OS setup mechanism could lead the user to believe that the backup file is encrypted when a password is set. However, only the private key - if available in the backup - is encrypted, while the backup file itself remains unencrypted...

7.1CVSS0.00106EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-49152

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: XArray: Fix xascreaterange when multi-order entry present If there is already an entry prese...

4.7CVSS5.2AI score0.00187EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-23002

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel before 5.16.3, drivers/bluetooth/hciqca.c misinterprets the devmgpiodgetindexoptional return value expects it to be NULL in the error case,...

5.5CVSS6.2AI score0.00246EPSS
Exploits0References2
Snyk
Snyk
added 2025/07/30 8:43 p.m.1 views

Misinterpretation of Input

Overview @finos/git-proxy is a Deploy custom push protections and policies on top of Git. Affected versions of this package are vulnerable to Misinterpretation of Input via the parsePush.ts file. An attacker can bypass approval mechanisms or hide commits by crafting a malicious Git packfile that...

7CVSS6.8AI score0.0047EPSS
Exploits1References2
OSV
OSV
added 2025/07/25 4:15 p.m.3 views

DEBIAN-CVE-2025-38466

In the Linux kernel, the following vulnerability has been resolved: perf: Revert to requiring CAPSYSADMIN for uprobes Jann reports that uprobes can be used destructively when used in the middle of an instruction. The kernel only verifies there is a valid instruction at the requested offset, but d...

5.5CVSS6AI score0.0017EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/07/23 5:25 p.m.3 views

net/http: Request smuggling due to acceptance of invalid chunked data in net/http

A flaw was found in the net/http golang package. The net/http package incorrectly accepts messages that end with a line feed LF instead of the proper line ending. When used with another server that also misinterprets this, it can lead to request smuggling—where an attacker tricks the system to se...

9.1CVSS7.1AI score0.00724EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2025/07/23 12:30 a.m.5 views

kernel: um: Fix out-of-bounds read in LDT setup

A vulnerability was found in the Linux kernel's user mode um subsystem, specifically within the Local Descriptor Table LDT setup functionality. The issue arises from the syscallstubdata function misinterpreting the datacount parameter as a byte count rather than a count of longs, leading to an...

7.1CVSS7.2AI score0.00264EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/07/18 8:33 a.m.7 views

net/http: Request smuggling due to acceptance of invalid chunked data in net/http

A flaw was found in the net/http golang package. The net/http package incorrectly accepts messages that end with a line feed LF instead of the proper line ending. When used with another server that also misinterprets this, it can lead to request smuggling—where an attacker tricks the system to se...

9.1CVSS7.1AI score0.00724EPSS
Exploits0References8
Snyk
Snyk
added 2025/07/15 7:27 p.m.2 views

Misinterpretation of Input

Overview Affected versions of this package are vulnerable to Misinterpretation of Input in the Optimizer component. A privileged attacker can cause the application to become unresponsive or crash by submitting specially crafted data. Remediation Upgrade libmysqlclient to version 8.1.0 or higher...

5.1CVSS6.8AI score0.00423EPSS
Exploits0References2
Snyk
Snyk
added 2025/07/15 7:27 p.m.1 views

Misinterpretation of Input

Overview Affected versions of this package are vulnerable to Misinterpretation of Input in the InnoDB component. A privileged attacker can cause the application to become unresponsive or crash repeatedly by sending specially crafted requests. Remediation A fix was pushed into the master branch bu...

7.1CVSS6.8AI score0.00559EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/07/15 12:39 a.m.4 views

kernel: um: Fix out-of-bounds read in LDT setup

A vulnerability was found in the Linux kernel's user mode um subsystem, specifically within the Local Descriptor Table LDT setup functionality. The issue arises from the syscallstubdata function misinterpreting the datacount parameter as a byte count rather than a count of longs, leading to an...

7.1CVSS7.2AI score0.00264EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/07/14 12:25 a.m.5 views

kernel: um: Fix out-of-bounds read in LDT setup

A vulnerability was found in the Linux kernel's user mode um subsystem, specifically within the Local Descriptor Table LDT setup functionality. The issue arises from the syscallstubdata function misinterpreting the datacount parameter as a byte count rather than a count of longs, leading to an...

7.1CVSS7.2AI score0.00264EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/07/07 7:12 p.m.5 views

kernel: um: Fix out-of-bounds read in LDT setup

A vulnerability was found in the Linux kernel's user mode um subsystem, specifically within the Local Descriptor Table LDT setup functionality. The issue arises from the syscallstubdata function misinterpreting the datacount parameter as a byte count rather than a count of longs, leading to an...

7.1CVSS7.2AI score0.00264EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/07/02 1:30 p.m.1 views

kernel: um: Fix out-of-bounds read in LDT setup

A vulnerability was found in the Linux kernel's user mode um subsystem, specifically within the Local Descriptor Table LDT setup functionality. The issue arises from the syscallstubdata function misinterpreting the datacount parameter as a byte count rather than a count of longs, leading to an...

7.1CVSS7.2AI score0.00264EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/06/27 6:18 p.m.15 views

CVE-2025-5826

Autel MaxiCharger AC Wallbox Commercial bleprocessesp32msg Misinterpretation of Input Vulnerability. This vulnerability allows network-adjacent attackers to inject arbitrary AT commands on affected installations of Autel MaxiCharger AC Wallbox Commercial charging stations. Authentication is not...

6.3CVSS6.5AI score0.00227EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/06/26 12:29 a.m.4 views

net/http: Request smuggling due to acceptance of invalid chunked data in net/http

A flaw was found in the net/http golang package. The net/http package incorrectly accepts messages that end with a line feed LF instead of the proper line ending. When used with another server that also misinterprets this, it can lead to request smuggling—where an attacker tricks the system to se...

9.1CVSS7.1AI score0.00724EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2025/06/26 12:19 a.m.4 views

net/http: Request smuggling due to acceptance of invalid chunked data in net/http

A flaw was found in the net/http golang package. The net/http package incorrectly accepts messages that end with a line feed LF instead of the proper line ending. When used with another server that also misinterprets this, it can lead to request smuggling—where an attacker tricks the system to se...

9.1CVSS7.1AI score0.00724EPSS
Exploits0References8
NVD
NVD
added 2025/06/25 6:15 p.m.9 views

CVE-2025-5826

Autel MaxiCharger AC Wallbox Commercial bleprocessesp32msg Misinterpretation of Input Vulnerability. This vulnerability allows network-adjacent attackers to inject arbitrary AT commands on affected installations of Autel MaxiCharger AC Wallbox Commercial charging stations. Authentication is not...

6.3CVSS0.00227EPSS
Exploits0References1
OSV
OSV
added 2025/06/25 6:15 p.m.4 views

CVE-2025-5826

Autel MaxiCharger AC Wallbox Commercial bleprocessesp32msg Misinterpretation of Input Vulnerability. This vulnerability allows network-adjacent attackers to inject arbitrary AT commands on affected installations of Autel MaxiCharger AC Wallbox Commercial charging stations. Authentication is not...

6.3CVSS6.1AI score0.00227EPSS
Exploits0References1
Rows per page
Query Builder