CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

25 matches found

SUSE CVE•added 2026/05/09 2:41 a.m.•8 views

SUSE CVE-2026-43169

In the Linux kernel, the following vulnerability has been resolved: drm/buddy: Prevent BUGON by validating rounded allocation When DRMBUDDYCONTIGUOUSALLOCATION is set, the requested size is rounded up to the next power-of-two via rounduppowoftwo. Similarly, for non-contiguous allocations with lar...

5.7AI score0.00013EPSS

Exploits0References3

RedhatCVE•added 2026/05/06 7:52 p.m.•3 views

CVE-2026-43169

A flaw was found in the drm/buddy component of the Linux kernel. This vulnerability occurs when the system processes memory allocation requests, particularly for contiguous or large non-contiguous blocks. Incorrect rounding of the requested size can lead to an allocation exceeding available memor...

5.5CVSS5.8AI score0.00013EPSS

Exploits0References4

NVD•added 2026/05/06 12:16 p.m.•3 views

CVE-2026-43169

5.5CVSS0.00013EPSS

Exploits0References4

Positive Technologies•added 2026/05/06 12:0 a.m.•5 views

PT-2026-37509

In the Linux kernel, the following vulnerability has been resolved: drm/buddy: Prevent BUG ON by validating rounded allocation When DRM BUDDY CONTIGUOUS ALLOCATION is set, the requested size is rounded up to the next power-of-two via roundup pow of two. Similarly, for non-contiguous allocations...

5.7AI score0.00013EPSS

Exploits0References5

Tenable Nessus•added 2026/04/27 12:0 a.m.•3 views

Fedora 44 : python-cryptography (2026-aa318887d6)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-aa318887d6 advisory. Changelog Wed Apr 8 2026 Jeremy Cline - 46.0.7-1 - Update to 46.0.7 - SECURITY ISSUE: Fixed an issue where non-contiguous buffers could be passed to APIs tha...

9.8CVSS5.5AI score0.00023EPSS

Exploits0References2

SUSE CVE•added 2026/04/10 11:25 p.m.•2 views

SUSE CVE-2026-39892

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers e.g. Hash.update, this could lead to buffer overflows. This vulnerability is fixed in...

5.3CVSS6AI score0.00023EPSS

Exploits0References3

RedhatCVE•added 2026/04/09 9:58 p.m.•3 views

CVE-2026-39892

A flaw was found in the cryptography library. This vulnerability occurs when a non-contiguous buffer is passed to certain application programming interfaces APIs that accept Python buffers, such as Hash.update. A remote attacker could exploit this to cause a buffer overflow, potentially leading t...

9.8CVSS6AI score0.00023EPSS

Exploits0References6

NVD•added 2026/04/08 9:17 p.m.•2 views

CVE-2026-39892

9.8CVSS0.00023EPSS

Exploits0References2

OSV•added 2026/04/08 9:17 p.m.•2 views

PYSEC-2026-36

9.8CVSS5.9AI score0.00023EPSS

Exploits0References2

PyPA•added 2026/04/08 9:17 p.m.•4 views

PYSEC-2026-36

9.8CVSS5.9AI score0.00023EPSS

Exploits0References2Affected Software1

UbuntuCve•added 2026/04/08 9:17 p.m.•1 views

CVE-2026-39892

9.8CVSS6AI score0.00023EPSS

Exploits0References3

Cvelist•added 2026/04/08 8:49 p.m.•17 views

CVE-2026-39892 cryptography has a buffer overflow if non-contiguous buffers were passed to APIs

6.9CVSS0.00023EPSS

Exploits0References1

Debian CVE•added 2026/04/08 8:49 p.m.•3 views

CVE-2026-39892

9.8CVSS5.5AI score0.00023EPSS

Exploits0

CVE•added 2026/04/08 8:49 p.m.•21 views

CVE-2026-39892

CVE-2026-39892 affects the Python package cryptography. From 45.0.0 to before 46.0.7, passing a non-contiguous buffer to APIs that accept Python buffers (e.g., Hash.update()) could cause buffer overflows. The issue is fixed in version 46.0.7. Remediation: upgrade to cryptography 46.0.7 or later.

9.8CVSS6.1AI score0.00023EPSS

Exploits0References2Affected Software1

AlpineLinux•added 2026/04/08 8:49 p.m.•2 views

CVE-2026-39892

9.8CVSS6.1AI score0.00023EPSS

Exploits0

OSV•added 2026/04/08 7:23 p.m.•1 views

GHSA-P423-J2CM-9VMQ Cryptography vulnerable to buffer overflow if non-contiguous buffers were passed to APIs

If a non-contiguous buffer was passed to APIs which accepted Python buffers e.g. Hash.update, this could lead to buffer overflows. For example: python h = HashSHA256 b.updatebuf::-1 would read past the end of the buffer on Python 3.11...

6.9CVSS6AI score0.00023EPSS

Exploits0References4

Snyk•added 2026/04/08 7:23 p.m.•2 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the update function when non-contiguous buffers are provided as input. An attacker can cause memory corruption or unintended behavior by supplying specially crafted non-contiguous buffers to APIs that accept Pytho...

9.8CVSS5.8AI score0.00023EPSS

Exploits0References2

EUVD•added 2026/04/08 7:23 p.m.•3 views

EUVD-2026-20640

Cryptography vulnerable to buffer overflow if non-contiguous buffers were passed to APIs...

6.9CVSS6.2AI score0.00023EPSS

Exploits0References1

Positive Technologies•added 2026/04/08 12:0 a.m.•2 views

PT-2026-31459

Name of the Vulnerable Software and Affected Versions cryptography versions 45.0.0 through 46.0.6 Description The cryptography package, designed for cryptographic primitives in Python, contains a flaw where non-contiguous buffers passed to APIs accepting Python buffers e.g., Hash.update can lead ...

6.9CVSS6.1AI score0.00023EPSS

Exploits0References11

CNNVD•added 2025/10/28 12:0 a.m.•1 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper handling of cryptographic buffers in non-contiguous memory, which could cause the kernel to crash...

5.9AI score0.0003EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by