Lucene search
K

4 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in NBD

In nbd-server in nbd before 3.24, there is an integer overflow that leads to a heap-based buffer overflow. A value of 0xffffffff in the name length field causes a zero-sized buffer to be allocated for the name, resulting in a write to a dangling pointer. This issue occurs for the NBDOPTINFO,...

9.8CVSS8.6AI score0.02738EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/26 8:6 p.m.2 views

CVE-2026-0968 Libssh: libssh: denial of service due to malformed sftp message

A flaw was found in libssh in which a malicious SFTP SSH File Transfer Protocol server can exploit this by sending a malformed 'longname' field within an SSHFXPNAME message during a file listing operation. This missing null check can lead to reading beyond allocated memory on the heap. This can...

3.1CVSS6.4AI score0.00442EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/03/26 8:6 p.m.25 views

CVE-2026-0968 Libssh: libssh: denial of service due to malformed sftp message

A flaw was found in libssh in which a malicious SFTP SSH File Transfer Protocol server can exploit this by sending a malformed 'longname' field within an SSHFXPNAME message during a file listing operation. This missing null check can lead to reading beyond allocated memory on the heap. This can...

3.1CVSS0.00442EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:27 a.m.5 views

SUSE CVE-2022-26495

In nbd-server in nbd before 3.24, there is an integer overflow with a resultant heap-based buffer overflow. A value of 0xffffffff in the name length field will cause a zero-sized buffer to be allocated for the name, resulting in a write to a dangling pointer. This issue exists for the NBDOPTINFO,...

8.1CVSS7.4AI score0.02738EPSS
Exploits1References4
Rows per page
Query Builder