CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

28 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: nfsd: return -EINVAL when namelen is 0 When we have a corrupted main.sqlite file in /var/lib/nfs/nfsdcld/, it may result in namelen being 0, which will cause memdupuser to return ZEROSIZEPTR. When we access the name.data that has...

6.5CVSS6.3AI score0.00112EPSS

Exploits0References2

SUSE CVE•added 2026/05/02 1:25 a.m.•7 views

SUSE CVE-2026-31694

In the Linux kernel, the following vulnerability has been resolved: fuse: reject oversized dirents in page cache fuseadddirenttocache computes a serialized dirent size from the server-controlled namelen field and copies the dirent into a single page-cache page. The existing logic only checks...

7.8CVSS5.8AI score0.00015EPSS

Exploits0References22

NVD•added 2026/05/01 2:16 p.m.•2 views

CVE-2026-31694

7.8CVSS0.00015EPSS

Exploits0References8

CVE•added 2026/05/01 1:53 p.m.•7 views

CVE-2026-31694

Summary: CVE-2026-31694 fixes a Linux kernel FUSE directory-entry handling flaw. A malicious FUSE server could cause a 24-byte overflow by returning a dirent whose serialized size (based on namelen) exceeds a single PAGE_SIZE. The bug arises in fuse_add_dirent_to_cache(), which previously only ch...

7.8CVSS5.8AI score0.00015EPSS

Exploits0References8Affected Software1

ATTACKERKB•added 2026/05/01 1:53 p.m.•1 views

CVE-2026-31694

5.8AI score0.00015EPSS

Exploits0References6Affected Software1

Positive Technologies•added 2026/05/01 12:0 a.m.•2 views

PT-2026-36324

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the fuse add dirent to cache function where the system computes a serialized directory entry dirent size based on the server-controlled namelen field and copies it int...

9.8CVSS5.8AI score0.00066EPSS

Exploits0References60

Tenable Nessus•added 2025/10/27 12:0 a.m.•4 views

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices NULL Pointer Dereference (CVE-2024-47692)

In the Linux kernel, the following vulnerability has been resolved: nfsd: return -EINVAL when namelen is 0 When we have a corrupted main.sqlite in /var/lib/nfs/nfsdcld/, it may result in namelen being 0, which will cause memdupuser to return ZEROSIZEPTR. When we access the name.data that has been...

6.5CVSS6.2AI score0.00112EPSS

Exploits0References5

Debian•added 2025/10/13 2:45 p.m.•2 views

[SECURITY] [DLA 4329-1] libfcgi security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4329-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz October 13, 2025 https://wiki.debian.org/LTS -...

9.3CVSS7.2AI score0.00135EPSS

Exploits0

Tenable Nessus•added 2025/10/07 12:0 a.m.•1 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-381973)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-381973 advisory. In the Linux kernel, the following vulnerability has been resolved: nfsd: return -EINVAL when namelen is 0 When we have a corrupted main.sqlite in...

6.5CVSS6.4AI score0.00112EPSS

Exploits0References3

RedHat Linux•added 2025/06/11 10:24 a.m.•3 views

perl-fcgi: FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library

A flaw was found in the FCGI library. In affected versions, specially crafted nameLen or valueLen values in data sent to the IPC socket may result in a heap-based buffer overflow, which can cause an application crash or other undefined behavior. This occurs in ReadParams in fcgiapp.c...

9.3CVSS5.9AI score0.00758EPSS

Exploits1References10

RedHat Linux•added 2025/05/13 8:28 a.m.•1 views

kernel: nfsd: return -EINVAL when namelen is 0

6.5CVSS6.5AI score0.00112EPSS

Exploits0References5

OSV•added 2025/01/10 12:15 p.m.•1 views

DEBIAN-CVE-2025-23016

FastCGI fcgi2 aka fcgi 2.x through 2.4.4 has an integer overflow and resultant heap-based buffer overflow via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c...

9.3CVSS8.3AI score0.00135EPSS

Exploits0References1

Amazon•added 2024/10/31 12:0 a.m.•0 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk release while still in use CVE-2024-26921 In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: walk over current view on netlink dump...

9.1CVSS7AI score0.00112EPSS

Exploits1

SUSE CVE•added 2024/10/21 3:47 p.m.•1 views

SUSE CVE-2024-47692

5.5CVSS6.3AI score0.00112EPSS

Exploits0References19

OSV•added 2024/10/21 12:15 p.m.•6 views

AZL-50939 CVE-2024-47692 affecting package kernel for versions less than 6.6.56.1-5

6.5CVSS6.7AI score0.00112EPSS

Exploits0References1

OSV•added 2024/10/21 12:15 p.m.•1 views

DEBIAN-CVE-2024-47692