Lucene search
K

116 matches found

SUSE CVE
SUSE CVE
added 2026/05/29 1:15 a.m.14 views

SUSE CVE-2026-46190

In the Linux kernel, the following vulnerability has been resolved: mtd: spi-nor: debugfs: fix out-of-bounds read in spinorparamsshow Sashiko noticed an out-of-bounds read 1. In spinorparamsshow, the snorfnames array is passed to spinorprintflags using sizeofsnorfnames. Since snorfnames is an arr...

5.5CVSS5.8AI score0.00131EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.17 views

Linux Distros Unpatched Vulnerability : CVE-2026-46190

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mtd: spi-nor: debugfs: fix out-of-bounds read in spinorparamsshow Sashiko noticed an out-of-bounds read 1. In spinorparamsshow, the snorfnames array is passed t...

7.1CVSS7AI score0.00131EPSS
Exploits0References3
NVD
NVD
added 2026/05/28 10:16 a.m.14 views

CVE-2026-46190

In the Linux kernel, the following vulnerability has been resolved: mtd: spi-nor: debugfs: fix out-of-bounds read in spinorparamsshow Sashiko noticed an out-of-bounds read 1. In spinorparamsshow, the snorfnames array is passed to spinorprintflags using sizeofsnorfnames. Since snorfnames is an arr...

7.1CVSS0.00131EPSS
Exploits0References6
OSV
OSV
added 2026/05/28 10:16 a.m.10 views

UBUNTU-CVE-2026-46190

In the Linux kernel, the following vulnerability has been resolved: mtd: spi-nor: debugfs: fix out-of-bounds read in spinorparamsshow Sashiko noticed an out-of-bounds read 1. In spinorparamsshow, the snorfnames array is passed to spinorprintflags using sizeofsnorfnames. Since snorfnames is an arr...

7.1CVSS5.7AI score0.00131EPSS
Exploits0References8
CVE
CVE
added 2026/05/28 9:36 a.m.34 views

CVE-2026-46190

Summary (CVE-2026-46190) : A Linux kernel vulnerability in the MTD SPI-NOR debugfs code caused an out-of-bounds read in spi_nor_params_show() due to passing an array of pointers to spi_nor_print_flags() with sizeof(snor_f_names). Since sizeof on a pointer array yields bytes, not element count, th...

7.1CVSS5.8AI score0.00131EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/05/28 9:36 a.m.1 views

CVE-2026-46190 mtd: spi-nor: debugfs: fix out-of-bounds read in spi_nor_params_show()

In the Linux kernel, the following vulnerability has been resolved: mtd: spi-nor: debugfs: fix out-of-bounds read in spinorparamsshow Sashiko noticed an out-of-bounds read 1. In spinorparamsshow, the snorfnames array is passed to spinorprintflags using sizeofsnorfnames. Since snorfnames is an arr...

7.1CVSS6.5AI score0.00131EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2026/05/28 9:36 a.m.15 views

CVE-2026-46190

In the Linux kernel, the following vulnerability has been resolved: mtd: spi-nor: debugfs: fix out-of-bounds read in spinorparamsshow Sashiko noticed an out-of-bounds read 1. In spinorparamsshow, the snorfnames array is passed to spinorprintflags using sizeofsnorfnames. Since snorfnames is an arr...

7.1CVSS5.8AI score0.00131EPSS
Exploits0References7Affected Software1
EUVD
EUVD
added 2026/05/28 9:36 a.m.11 views

EUVD-2026-32817

In the Linux kernel, the following vulnerability has been resolved: mtd: spi-nor: debugfs: fix out-of-bounds read in spinorparamsshow Sashiko noticed an out-of-bounds read 1. In spinorparamsshow, the snorfnames array is passed to spinorprintflags using sizeofsnorfnames. Since snorfnames is an arr...

5.8AI score0.00131EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/28 9:36 a.m.42 views

CVE-2026-46190 mtd: spi-nor: debugfs: fix out-of-bounds read in spi_nor_params_show()

In the Linux kernel, the following vulnerability has been resolved: mtd: spi-nor: debugfs: fix out-of-bounds read in spinorparamsshow Sashiko noticed an out-of-bounds read 1. In spinorparamsshow, the snorfnames array is passed to spinorprintflags using sizeofsnorfnames. Since snorfnames is an arr...

7.1CVSS0.00131EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/05/28 9:36 a.m.9 views

CVE-2026-46190

In the Linux kernel, the following vulnerability has been resolved: mtd: spi-nor: debugfs: fix out-of-bounds read in spinorparamsshow Sashiko noticed an out-of-bounds read 1. In spinorparamsshow, the snorfnames array is passed to spinorprintflags using sizeofsnorfnames. Since snorfnames is an arr...

7.1CVSS5.7AI score0.00131EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.13 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of the sizeofsnorfnames function in the spnornparamsshow function within the mtd spi-nor...

7.1CVSS5.8AI score0.00131EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.15 views

PT-2026-44313

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description An out-of-bounds read exists in the spi nor params show function within the spi-nor debugfs component. The issue occurs...

9.1CVSS5.9AI score0.00514EPSS
Exploits9References292
RedhatCVE
RedhatCVE
added 2026/05/21 12:53 p.m.14 views

CVE-2026-42334

A flaw was found in Mongoose, a MongoDB object modeling tool. A remote attacker could bypass the sanitizeFilter query sanitization mechanism by injecting malicious operators, such as $ne, $gt, or $regex, within a $nor clause. This vulnerability arises because the $nor operator was not properly...

7.5CVSS5.8AI score0.00274EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mtd: spi-nor: The issue of out-of-bounds shift during spinorseterasetype has been fixed. spinorseterasetype was used either to set or to mask an erase type. When it was used to mask an erase type, an out-of-bounds condition...

5.9AI score0.00168EPSS
Exploits0References1
OSV
OSV
added 2026/05/18 5:48 a.m.5 views

BIT-MONGOOSE-2026-42334 Mongoose: Improper Sanitization of $nor in sanitizeFilter May Allow NoSQL Injection

Mongoose is a MongoDB object modeling tool designed to work in an asynchronous environment. Prior to 6.13.9, 7.8.9, 8.22.1, and 9.1.6, a vulnerability allows bypassing Mongoose’s sanitizeFilter query sanitization mechanism via the $nor operator. When sanitizeFilter is enabled, Mongoose wraps quer...

7.5CVSS5.8AI score0.00274EPSS
Exploits0References2
NVD
NVD
added 2026/05/14 6:16 p.m.20 views

CVE-2026-42334

Mongoose is a MongoDB object modeling tool designed to work in an asynchronous environment. Prior to 6.13.9, 7.8.9, 8.22.1, and 9.1.6, a vulnerability allows bypassing Mongoose’s sanitizeFilter query sanitization mechanism via the $nor operator. When sanitizeFilter is enabled, Mongoose wraps quer...

7.5CVSS0.00274EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/14 6:3 p.m.41 views

CVE-2026-42334 Mongoose: Improper Sanitization of $nor in sanitizeFilter May Allow NoSQL Injection

Mongoose is a MongoDB object modeling tool designed to work in an asynchronous environment. Prior to 6.13.9, 7.8.9, 8.22.1, and 9.1.6, a vulnerability allows bypassing Mongoose’s sanitizeFilter query sanitization mechanism via the $nor operator. When sanitizeFilter is enabled, Mongoose wraps quer...

7.5CVSS0.00274EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/14 6:3 p.m.8 views

CVE-2026-42334

Mongoose is a MongoDB object modeling tool designed to work in an asynchronous environment. Prior to 6.13.9, 7.8.9, 8.22.1, and 9.1.6, a vulnerability allows bypassing Mongoose’s sanitizeFilter query sanitization mechanism via the $nor operator. When sanitizeFilter is enabled, Mongoose wraps quer...

7.5CVSS5.8AI score0.00274EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/14 6:3 p.m.37 views

EUVD-2026-30349

Mongoose is a MongoDB object modeling tool designed to work in an asynchronous environment. Prior to 6.13.9, 7.8.9, 8.22.1, and 9.1.6, a vulnerability allows bypassing Mongoose’s sanitizeFilter query sanitization mechanism via the $nor operator. When sanitizeFilter is enabled, Mongoose wraps quer...

7.5CVSS5.8AI score0.00274EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/14 6:3 p.m.10 views

CVE-2026-42334 Mongoose: Improper Sanitization of $nor in sanitizeFilter May Allow NoSQL Injection

Mongoose is a MongoDB object modeling tool designed to work in an asynchronous environment. Prior to 6.13.9, 7.8.9, 8.22.1, and 9.1.6, a vulnerability allows bypassing Mongoose’s sanitizeFilter query sanitization mechanism via the $nor operator. When sanitizeFilter is enabled, Mongoose wraps quer...

7.5CVSS5.8AI score0.00274EPSS
Exploits0References1
Rows per page
Query Builder