25 matches found
VulnCheck KEV: CVE-2026-6664
An integer overflow in network packet parsing code in PgBouncer before 1.25.2 bypasses a boundary check and can lead to a crash. An unauthenticated remote attacker can crash PgBouncer with a malformed SCRAM authentication packet...
CVE-2026-7969
Integer overflow in Network in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-7969
Integer overflow in Network in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-7969
Integer overflow in Network in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-23276
In the Linux kernel, the following vulnerability has been resolved: net: add xmit recursion limit to tunnel xmit functions Tunnel xmit functions iptunnelxmit, ip6tunnelxmit lack their own recursion limit. When a bond device in broadcast mode has GRE tap interfaces as slaves, and those GRE tunnels...
Security update for ovmf
This update for ovmf fixes the following issues: CVE-2022-36765: Fixed integer overflow to buffer overflow via local network vulnerability bsc1218680. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992517)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992517 advisory. In the Linux kernel, the following vulnerability has been resolved: sctp: fix a potential overflow in sctpifwdtsnskip Currently, when traversing ifwdtsn skips with...
edk2 security update
20250905-4.el8 - Create new 20250905 release for OL8 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability in BIOS where an attacker may cause "Protection Mechanism Failure" by local access Orabug: 38381983 CVE-2025-3770 - EDK2: EDK2 contains a vulnerability in BIOS where...
OESA-2025-2386 edk2 security update
EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability ma...
OESA-2025-2299 edk2 security update
EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability ma...
OESA-2025-2298 edk2 security update
EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability ma...
Amazon Linux 2 : edk2, --advisory ALAS2-2025-2996 (ALAS-2025-2996)
It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2996 advisory. EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service. CVE-2024-388...
Linux Distros Unpatched Vulnerability : CVE-2025-2295
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability...
DEBIAN-CVE-2024-38805
EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service...
CVE-2024-38805
CVE-2024-38805 is an EDK2 BIOS vulnerability where a user may cause an Integer Overflow or Wraparound via network, potentially causing a denial of service. Connected advisories confirm affected EDK2 implementations across Linux distributions (Oracle Linux ELSA advisories for OL8/OL9, Ubuntu USN-7...
CVE-2024-38805 iSCSI Remote Memory Corruption and Denial of Service
EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service...
kernel: virtio-net: fix overflow inside virtnet_rq_alloc
In the Linux kernel, the following vulnerability has been resolved: virtio-net: fix overflow inside virtnetrqalloc When the frag just got a page, then may lead to regression on VM. Specially if the sysctl net.core.highorderallocdisable value is 1, then the frag always get a page when do refill...
AZL-58822 CVE-2025-2295 affecting package edk2 for versions less than 20230301gitf80f052277c8-45
EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service...
AZL-58828 CVE-2025-2295 affecting package hvloader for versions less than 1.0.1-16
EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service...
CVE-2024-38796
A flaw was found in the EDK2 package. This flaw allows an attacker to cause memory corruption due to an overflow via an adjacent network. This issue may lead to loss of confidentiality, integrity, and availability. Mitigation Mitigation for this issue is either not available or the currently...