Lucene search
+L

327 matches found

OSV
OSV
added 2026/05/01 5:50 p.m.9 views

JLSEC-2026-380

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation...

7.8CVSS7AI score0.00193EPSS
Exploits0References3
OSV
OSV
added 2026/05/01 1:56 p.m.2 views

CVE-2026-31707 ksmbd: validate response sizes in ipc_validate_msg()

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate response sizes in ipcvalidatemsg ipcvalidatemsg computes the expected message size for each response type by adding or multiplying attacker-controlled fields from the daemon response to a fixed struct size in...

7.1CVSS6.5AI score0.00125EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/01 1:56 p.m.11 views

EUVD-2026-26513

In the Linux kernel, the following vulnerability has been resolved: ksmbd: use checkaddoverflow to prevent u16 DACL size overflow setposixaclentriesdacl and setntacldacl accumulate ACE sizes in u16 variables. When a file has many POSIX ACL entries, the accumulated size can wrap past 65535, causin...

5.8AI score0.00117EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.6 views

PT-2026-36337

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An integer overflow exists in the ipc validate msg function within the ksmbd module. The function calculates the expected message size for response types by performing unsigned integer...

9.8CVSS5.9AI score0.93235EPSS
Exploits59References292
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.6 views

PT-2026-36334

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the ksmbd module, the functions set posix acl entries dacl and set ntacl dacl accumulate Access Control Entry ACE sizes using u16 variables. When a file contains numerous POSIX ACL...

9.8CVSS6.2AI score0.00542EPSS
Exploits2References324
Debian CVE
Debian CVE
added 2026/04/24 12:0 a.m.4 views

CVE-2026-3886

virtio-gpu: fix overflow check when allocating 2d image...

7.1AI score
Exploits0
Vulnrichment
Vulnrichment
added 2026/04/18 6:43 a.m.6 views

CVE-2026-41254

Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication...

4CVSS5.8AI score0.00365EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/04/13 1:21 p.m.3 views

CVE-2026-31417

In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix overflow when accumulating packets Add a check to ensure that x25sock.fraglen does not overflow. The fraglen also needs to be resetted when purging fragmentqueue in x25clearqueues...

6AI score0.00449EPSS
Exploits0References9Affected Software1
SUSE CVE
SUSE CVE
added 2026/04/10 11:26 p.m.9 views

SUSE CVE-2026-31412

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fmassstorage: Fix potential integer overflow in checkcommandsizeinblocks The checkcommandsizeinblocks function calculates the data size in bytes by left shifting common-datasizefromcmnd by the block size...

6.8CVSS5.8AI score0.0017EPSS
Exploits0References16
OSV
OSV
added 2026/04/10 11:16 a.m.4 views

DEBIAN-CVE-2026-31412

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fmassstorage: Fix potential integer overflow in checkcommandsizeinblocks The checkcommandsizeinblocks function calculates the data size in bytes by left shifting common-datasizefromcmnd by the block size...

5.5CVSS5.7AI score0.0017EPSS
Exploits0References1
OSV
OSV
added 2026/04/10 11:16 a.m.7 views

UBUNTU-CVE-2026-31412

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fmassstorage: Fix potential integer overflow in checkcommandsizeinblocks The checkcommandsizeinblocks function calculates the data size in bytes by left shifting common-datasizefromcmnd by the block size...

5.5CVSS5.8AI score0.0017EPSS
Exploits0References9
CVE
CVE
added 2026/04/10 10:35 a.m.23 views

CVE-2026-31412

The CVE-2026-31412 vulnerability exists in the Linux kernel USB gadget f_mass_storage implementation, where an unchecked left shift of data_size_from_cmnd by blkbits could overflow, truncating data size and enabling memory corruption or out-of-bounds access. The root cause is lack of overflow val...

5.5CVSS5.8AI score0.0017EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2026/04/10 10:35 a.m.5 views

CVE-2026-31412

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fmassstorage: Fix potential integer overflow in checkcommandsizeinblocks The checkcommandsizeinblocks function calculates the data size in bytes by left shifting common-datasizefromcmnd by the block size...

5.5CVSS5.7AI score0.0017EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.7 views

PT-2026-34987

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory corruption issue exists in the RxRPC subsystem of the Linux kernel, specifically within the rxgk verify response function. The function incorrectly validates the auth len...

9.8CVSS6.5AI score0.00817EPSS
Exploits4References158
EUVD
EUVD
added 2026/03/25 12:30 p.m.5 views

EUVD-2026-15200

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Prevent ubuf size overflow The ubuf size calculation may overflow, resulting in an undersized allocation and possible memory corruption. Use checkaddoverflow helpers to validate the size calculation before allocati...

5.6AI score0.00127EPSS
Exploits0References4
OSV
OSV
added 2026/03/25 11:16 a.m.5 views

CLSA-2026-1774437406 Fix CVE(s): CVE-2026-30883

SECURITY UPDATE: heap over-write in PNG raw profile writer - debian/patches/CVE-2026-30883.patch: add overflow check for allocatedlength in Magickpngwriterawprofile to prevent integer overflow leading to heap over-write - CVE-2026-30883...

7.8CVSS7.3AI score0.00123EPSS
Exploits0References1
OSV
OSV
added 2026/03/20 12:31 p.m.9 views

CLSA-2026-1774009875 Fix CVE(s): CVE-2026-25210

SECURITY UPDATE: integer overflow in doContent tag buffer reallocation. - debian/patches/CVE-2026-25210.patch: add overflow check for tag buffer reallocation - CVE-2026-25210...

7.8CVSS7AI score0.00193EPSS
Exploits0References1
OSV
OSV
added 2026/03/19 2:32 p.m.9 views

CLSA-2026-1773930717 Fix CVE(s): CVE-2026-25210

SECURITY UPDATE: integer overflow in doContent tag buffer reallocation. - debian/patches/CVE-2026-25210.patch: add overflow check for tag buffer reallocation - CVE-2026-25210...

7.8CVSS7.5AI score0.00193EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/03/18 12:0 a.m.23 views

EulerOS Virtualization 2.13.1 : kernel (EulerOS-SA-2026-1637)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : scsi: target: Fix WRITESAME No Data Buffer crashCVE-2022-21546 iommu/arm-smmu-v3-sva: Fix mm use-after-freeCVE-2022-49426 module: f...

7.8CVSS6.8AI score0.00331EPSS
Exploits2References346
OSV
OSV
added 2026/03/02 11:32 a.m.7 views

CLSA-2026-1772451135 Fix CVE(s): CVE-2026-25897, CVE-2026-26284

SECURITY UPDATE: out-of-bounds read vulnerability - debian/patches/CVE-2026-26284.patch: Fix incorrect loop initialization in delta decoding; prevent out-of-bounds read caused by starting table scan at invalid index. - CVE-2026-26284 SECURITY UPDATE: out-of-bounds heap write on 32-bit systems -...

9.8CVSS7.4AI score0.00404EPSS
Exploits0References1
Rows per page
Query Builder