CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

RedhatCVE•added 2026/05/06 5:47 p.m.•3 views

CVE-2026-43105

A flaw was found in the drm/vc4 component of the Linux kernel. This vulnerability is due to a memory leak where the Buffer Object BO array, allocated during a hang state, is not properly freed. A local attacker could exploit this by repeatedly triggering the hang state, leading to memory exhausti...

5.5CVSS5.8AI score0.00013EPSS

Exploits0References4

NVD•added 2026/05/06 10:16 a.m.•8 views

CVE-2026-43105

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Fix memory leak of BO array in hang state The hang state's BO array is allocated separately with kzalloc in vc4savehangstate but never freed in vc4freehangstate. Add the missing kfree for the BO array before freeing the...

5.5CVSS0.00013EPSS

Exploits0References8

Cvelist•added 2026/05/06 7:40 a.m.•22 views

CVE-2026-43105 drm/vc4: Fix memory leak of BO array in hang state

0.00013EPSS

Exploits0References8

CVE•added 2026/05/06 7:40 a.m.•8 views

CVE-2026-43105

The CVE-2026-43105 issue affects the Linux kernel’s DRM VC4 driver. The root cause is a memory leak where the hang state’s BO array is allocated with kzalloc() in vc4_save_hang_state() but is not freed in vc4_free_hang_state(), leaving memory allocated when the hang state is freed. A kfree() for ...

5.5CVSS5.8AI score0.00013EPSS

Exploits0References8Affected Software1

OSV•added 2024/11/06 8:15 p.m.•2 views

DEBIAN-CVE-2024-51754

Twig is a template language for PHP. In a sandbox, an attacker can call toString on an object even if the toString method is not allowed by the security policy when the object is part of an array or an argument list arguments to a function or a filter for instance. This issue has been patched in...

2.2CVSS5.2AI score0.00135EPSS

Exploits0References1

CNNVD•added 2024/11/06 12:0 a.m.•1 views

Twig 安全漏洞

Twig is a PHP template engine open-sourced by Twig. Twig has a security vulnerability that stems from the fact that when an object is part of an array or parameter list in a sandbox, an attacker can call the toString method on the object even if the security policy does not allow it...

2.2CVSS6.5AI score0.00135EPSS

Exploits0References3

CNNVD•added 2021/07/13 12:0 a.m.•1 views

Jsish 输入验证错误漏洞

Jsish is a small JavaScript parser written in C with a built-in database.Jsish has a buffer overflow vulnerability in versions prior to 3.0.8, which stems from the failure of the product's JsiObjArraySizer function to restrict integer data boundaries, allowing an attacker to execute arbitrary cod...

9.8CVSS6.6AI score0.0307EPSS

Exploits1References2

Packet Storm•added 2019/01/17 12:0 a.m.•54 views

Microsoft Edge Chakra InlineArrayPush Type Confusion

Microsoft Edge: Chakra: Type confusion with InlineArrayPush CVE-2018-8617 In Chakra, if you add a numeric property to an object having inlined properties, it will start transition to a new type where the space for some of previously inlined properties become for the pointer to the property slots...

7.6CVSS0.5AI score0.90564EPSS

Exploits3

ATTACKERKB•added 2018/05/09 12:0 a.m.•167 views

CVE-2018-8174

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka “Windows VBScript Engine Remote Code Execution Vulnerability.” This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1,...

7.6CVSS7.3AI score0.94283EPSS

In wildExploits9References6

Positive Technologies•added 2017/07/14 12:0 a.m.•1 views

PT-2017-11927

Name of the Vulnerable Software and Affected Versions YARA versions 3.x Description A heap buffer overflow issue exists in the yr object array set item function, located in object.c, which can be triggered by scanning a maliciously crafted .NET file, leading to a denial-of-service attack...

9.1CVSS6.9AI score0.00614EPSS

Exploits12References26