Lucene search
K

39 matches found

RedHat Linux
RedHat Linux
added 2026/06/16 7:17 p.m.8 views

kernel: Buffer overflow in drivers/xen/sys-hypervisor.c

A flaw was found in the Linux kernel. A buffer overflow vulnerability exists in the Xen hypervisor driver drivers/xen/sys-hypervisor.c. This flaw occurs because the HYPERVISORxenversionXENVERbuildid function returns a build ID that is not properly null-terminated. When the buildidshow function...

7.8CVSS5.7AI score0.00197EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/16 6:39 p.m.6 views

kernel: Buffer overflow in drivers/xen/sys-hypervisor.c

A flaw was found in the Linux kernel. A buffer overflow vulnerability exists in the Xen hypervisor driver drivers/xen/sys-hypervisor.c. This flaw occurs because the HYPERVISORxenversionXENVERbuildid function returns a build ID that is not properly null-terminated. When the buildidshow function...

7.8CVSS5.7AI score0.00197EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/01 6:4 p.m.11 views

CVE-2026-43623

microtar through 0.1.0 contains a stack-based buffer overflow vulnerability in the rawtoheader function in src/microtar.c that allows attackers to corrupt adjacent stack memory by supplying a crafted TAR archive with non-null-terminated name or linkname fields. The function uses strcpy to copy...

8.8CVSS6AI score0.00318EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/01 6:4 p.m.13 views

EUVD-2026-33741

microtar through 0.1.0 contains a stack-based buffer overflow vulnerability in the rawtoheader function in src/microtar.c that allows attackers to corrupt adjacent stack memory by supplying a crafted TAR archive with non-null-terminated name or linkname fields. The function uses strcpy to copy...

8.8CVSS6AI score0.00318EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/01 6:4 p.m.11 views

CVE-2026-43623 microtar 0.1.0 Stack-Based Buffer Overflow via raw_to_header()

microtar through 0.1.0 contains a stack-based buffer overflow vulnerability in the rawtoheader function in src/microtar.c that allows attackers to corrupt adjacent stack memory by supplying a crafted TAR archive with non-null-terminated name or linkname fields. The function uses strcpy to copy...

8.8CVSS6AI score0.00318EPSS
Exploits0References4
CVE
CVE
added 2026/06/01 6:4 p.m.19 views

CVE-2026-43623

CVE-2026-43623 affects microtar up to version 0.1.0. A stack-based buffer overflow in the raw_to_header() function (src/microtar.c) can be triggered by crafted TAR archives with non-null-terminated name or linkname fields. The function uses strcpy() to copy 100-byte ustar fields, which can write ...

8.8CVSS6AI score0.00318EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.17 views

PT-2026-45517

microtar through 0.1.0 contains a stack-based buffer overflow vulnerability in the raw to header function in src/microtar.c that allows attackers to corrupt adjacent stack memory by supplying a crafted TAR archive with non-null-terminated name or linkname fields. The function uses strcpy to copy...

8.8CVSS6AI score0.00318EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/19 10:19 p.m.11 views

jq: out-of-bounds read in jv_parse_sized() on error formatting for non-NUL-terminated buffers

A flaw was found in jq, a command line JSON processor, specifically in the libjq API. Parsing a malformed JSON input from a non-NUL-terminated buffer using the jvparsesized function can cause an out-of-bounds read, resulting in an application crash and a possible memory disclosure within the erro...

8.2CVSS5.8AI score0.00559EPSS
Exploits1References6
OSV
OSV
added 2026/05/19 12:0 a.m.13 views

ALSA-2026:19151 Important: jq security update

jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or transform structured data with the same ease that sed, awk, grep, or similar applications allow you to manipulate text. Security Fixes: jq: out-of-bounds read in...

8.2CVSS5.8AI score0.00559EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/05/18 12:6 p.m.9 views

jq: out-of-bounds read in jv_parse_sized() on error formatting for non-NUL-terminated buffers

A flaw was found in jq, a command line JSON processor, specifically in the libjq API. Parsing a malformed JSON input from a non-NUL-terminated buffer using the jvparsesized function can cause an out-of-bounds read, resulting in an application crash and a possible memory disclosure within the erro...

8.2CVSS5.8AI score0.00559EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/05/18 12:0 a.m.10 views

RHEL 8 : jq (RHSA-2026:18048)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:18048 advisory. jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or...

8.2CVSS5.9AI score0.00559EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/04/14 6:19 p.m.4 views

CVE-2026-39979

A flaw was found in jq, a command line JSON processor, specifically in the libjq API. Parsing a malformed JSON input from a non-NUL-terminated buffer using the jvparsesized function can cause an out-of-bounds read, resulting in an application crash and a possible memory disclosure within the erro...

8.2CVSS5.4AI score0.00559EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/04/13 10:18 p.m.22 views

CVE-2026-39979 jq: Out-of-Bounds Read in jv_parse_sized() Error Formatting for Non-NUL-Terminated Counted Buffers

jq is a command-line JSON processor. In commits before 2f09060afab23fe9390cce7cb860b10416e1bf5f, the jvparsesized API in libjq accepts a counted buffer with an explicit length parameter, but its error-handling path formats the input buffer using %s in jvstringfmt, which reads until a NUL terminat...

6.9CVSS0.00559EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/04/13 10:18 p.m.4 views

CVE-2026-39979 jq: Out-of-Bounds Read in jv_parse_sized() Error Formatting for Non-NUL-Terminated Counted Buffers

jq is a command-line JSON processor. In commits before 2f09060afab23fe9390cce7cb860b10416e1bf5f, the jvparsesized API in libjq accepts a counted buffer with an explicit length parameter, but its error-handling path formats the input buffer using %s in jvstringfmt, which reads until a NUL terminat...

6.9CVSS5.9AI score0.00559EPSS
Exploits1References2
EUVD
EUVD
added 2026/04/02 5:52 p.m.9 views

EUVD-2026-18464

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Prior to version 0.24.10, in NanoMQ's webhookinproc.c, the hookworkcb function processes nng messages by parsing the message body with cJSONParsebody. The body is obtained from nngmsgbodymsg, which is a binary buffer without a...

4.9CVSS5.9AI score0.00359EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/01/29 3:26 a.m.6 views

CVE-2026-24852

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, a heap buffer over-read when the strlen function attempts to read a non-null-terminated buffer potentially leaking heap memory...

8.1CVSS6AI score0.00249EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/28 12:27 a.m.5 views

CVE-2026-24852

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, a heap buffer over-read when the strlen function attempts to read a non-null-terminated buffer potentially leaking heap memory...

6.1CVSS6AI score0.00249EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/01/28 12:27 a.m.9 views

EUVD-2026-4911

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, a heap buffer over-read when the strlen function attempts to read a non-null-terminated buffer potentially leaking heap memory...

6.1CVSS6AI score0.00249EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/01/14 3:6 p.m.3 views

CVE-2025-71123

In the Linux kernel, the following vulnerability has been resolved: ext4: fix string copying in parseapplysbmountoptions strscpypad can't be used to copy a non-NUL-term string into a NUL-term string of possibly bigger size. Commit 0efc5990bca5 "string.h: Introduce memtostr and memtostrpad" provid...

5.4AI score0.00153EPSS
Exploits0References7Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-3955

Malware in sbrugna...

7.8CVSS7.7AI score0.00178EPSS
Exploits0References3
Rows per page
Query Builder