Lucene search
K

25 matches found

EUVD
EUVD
added 2026/05/17 6:43 p.m.14 views

EUVD-2026-30708

Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl have out-of-bounds OOB write flaws. When parsing a PKCS12 file, with a = 1 GiB OCTET STRING or BIT STRING attribute on a SAFEBAG, via info or infoashash, a heap out-of-bounds write would be triggered with remote-code-execution potential RCE du...

5.9AI score0.00648EPSS
Exploits0References4
OSV
OSV
added 2026/04/23 5:29 p.m.4 views

CLSA-2026-1776965343 Fix CVE(s): CVE-2022-29404

SECURITY UPDATE: DoS via unbounded request body in modlua - debian/patches/CVE-2022-29404-part1.patch: set APDEFAULTLIMITREQBODY to 1GB in server/core.c, enforce LimitRequestBody in apsetupclientblock in modules/http/httpfilters.c, remove redundant proxy check in modules/proxy/modproxyhttp.c. -...

7.5CVSS7.2AI score0.05678EPSS
Exploits0References1
NVD
NVD
added 2026/04/22 3:16 a.m.10 views

CVE-2026-6386

In order to apply a particular protection key to an address range, the kernel must update the corresponding page table entries. The subroutine which handled this failed to take into account the presence of 1GB largepage mappings created using the shmcreatelargepage3 interface. In particular, it...

6.2CVSS0.00162EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/22 2:33 a.m.7 views

CVE-2026-6386 Missing large page handling in pmap_pkru_update_range()

In order to apply a particular protection key to an address range, the kernel must update the corresponding page table entries. The subroutine which handled this failed to take into account the presence of 1GB largepage mappings created using the shmcreatelargepage3 interface. In particular, it...

5.8AI score0.00162EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.8 views

PT-2026-34242

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the kernel's handling of protection keys for address ranges. The subroutine responsible for updating page table entries fails to account for 1GB largepage mappings creat...

6.2CVSS5.2AI score0.00162EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.2 views

FreeBSD : FreeBSD -- Missing large page handling in pmap_pkru_update_range() (128951d0-3df0-11f1-bb07-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 128951d0-3df0-11f1-bb07-bc241121aa0a advisory. In order to apply a particular protection key to an address range, the kernel must update the...

6.2CVSS5.8AI score0.00162EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.17 views

Oracle Linux 8 : osbuild-composer (ELSA-2026-8456)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-8456 advisory. 101.4-5.0.1 - Support using repository definitons with OCI variables JIRA: OLDIS-38657 - Update repositories to contain OCI variables - Remove image types...

7.5CVSS7.4AI score0.00728EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2026/03/06 12:0 a.m.6 views

osbuild-composer security update

101.4-4.0.1 - Support using repository definitons with OCI variables JIRA: OLDIS-38657 - Update repositories to contain OCI variables - Remove image types Minimal-raw and wsl JIRA: OLDIS-38123 - Increase default /boot size to 1GB Orabug: 36827079 - support for building OL8/9 images on Oracle Linu...

10CVSS7.1AI score0.01945EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.3 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002910)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002910 advisory. The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMITSTACK is set to RLIMINFINITY and 1 Gigabyte of memory is allocated the maximum...

7.8CVSS6.4AI score0.02428EPSS
Exploits9References9
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.1 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003456)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003456 advisory. The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMITSTACK is set to RLIMINFINITY and 1 Gigabyte of memory is allocated the maximum...

7.8CVSS6.4AI score0.02428EPSS
Exploits9References9
Github Security Blog
Github Security Blog
added 2025/11/24 10:42 p.m.12 views

pypdf's LZWDecode streams be manipulated to exhaust RAM

Impact An attacker who uses this vulnerability can craft a PDF which leads to a memory usage of up to 1 GB per stream. This requires parsing the content stream of a page using the LZWDecode filter. This is a follow up to GHSA-jfx9-29x2-rv3j to align the default limit with the one for zlib. Patche...

8.7CVSS6.8AI score0.00313EPSS
Exploits0References7Affected Software1
RedHat Linux
RedHat Linux
added 2024/05/29 1:33 p.m.5 views

golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests

A flaw was found in the Golang net/http/internal package. This issue may allow a malicious user to send an HTTP request and cause the receiver to read more bytes from network than are in the body up to 1GiB, causing the receiver to fail reading the response, possibly leading to a Denial of Servic...

5.3CVSS7.3AI score0.01208EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/05/22 8:41 p.m.3 views

golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests

A flaw was found in the Golang net/http/internal package. This issue may allow a malicious user to send an HTTP request and cause the receiver to read more bytes from network than are in the body up to 1GiB, causing the receiver to fail reading the response, possibly leading to a Denial of Servic...

5.3CVSS7.3AI score0.01208EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/03/05 6:17 p.m.4 views

golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests

A flaw was found in the Golang net/http/internal package. This issue may allow a malicious user to send an HTTP request and cause the receiver to read more bytes from network than are in the body up to 1GiB, causing the receiver to fail reading the response, possibly leading to a Denial of Servic...

5.3CVSS7.3AI score0.01208EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/02/29 9:6 a.m.5 views

golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests

A flaw was found in the Golang net/http/internal package. This issue may allow a malicious user to send an HTTP request and cause the receiver to read more bytes from network than are in the body up to 1GiB, causing the receiver to fail reading the response, possibly leading to a Denial of Servic...

5.3CVSS7.3AI score0.01208EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:35 a.m.2 views

SUSE CVE-2017-1000371

The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMITSTACK is set to RLIMINFINITY and 1 Gigabyte of memory is allocated the maximum under the 1/4 restriction then the stack will be grown down to 0x80000000, and as the PIE binary is mapped above 0x80000000 the minimu...

7.8CVSS7.4AI score0.02428EPSS
Exploits6References6
OSV
OSV
added 2022/11/17 5:25 p.m.8 views

CLSA-2022-1668705928 httpd: Fix of 2 CVEs

CVE-2022-28614: handle large writes in aprputs - CVE-2022-29404: use a liberal default limit for LimitRequestBody of 1GB...

7.5CVSS6.8AI score0.05678EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2021/11/24 1:15 a.m.4 views

CVE-2021-28708

PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have more memory assigne...

8.8CVSS5.5AI score0.00348EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2020/10/22 9:15 p.m.2 views

ALPINE-CVE-2020-27672

An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a host OS denial of service, achieve data corruption, or possibly gain privileges by exploiting a race condition that leads to a use-after-free involving 2MiB and 1GiB superpages...

7CVSS7.2AI score0.0026EPSS
Exploits0References1
OSV
OSV
added 2018/07/31 10:29 p.m.3 views

ALPINE-CVE-2016-8617

The base64 encode function in curl before version 7.51.0 is prone to a buffer being under allocated in 32bit systems if it receives at least 1Gb as input via CURLOPTUSERNAME...

7CVSS7.1AI score0.00593EPSS
Exploits0References1
Rows per page
Query Builder