Lucene search
K

305 matches found

OSV
OSV
added 2026/06/29 11:50 a.m.4 views

PYSEC-2026-335 ExecuTorch integer overflow vulnerability

An integer overflow vulnerability in the loading of ExecuTorch models can cause overlapping allocations, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit d158236b1dc84539c1b16843bc74054c9dcba006...

9.8CVSS6.6AI score0.00571EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.7 views

SUSE SLES16 Security Update : nginx (SUSE-SU-2026:22178-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:22178-1 advisory. This update for nginx fixes the following issue - CVE-2026-9256: heap buffer overflow in the ngxhttprewritemodule when using a configuratio...

9.2CVSS6.1AI score0.04261EPSS
Exploits3References4
OSV
OSV
added 2026/06/19 4:53 p.m.2 views

SUSE-SU-2026:22178-1 Security update for nginx

This update for nginx fixes the following issue - CVE-2026-9256: heap buffer overflow in the ngxhttprewritemodule when using a configuration with overlapping captures bsc1266215...

9.2CVSS6.1AI score0.04261EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.6 views

SUSE SLES15 Security Update : nginx (SUSE-SU-2026:2307-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2307-1 advisory. This update for nginx fixes the following issue - CVE-2026-9256: heap buffer overflow in the ngxhttprewritemodule when using a configuration...

9.2CVSS5.7AI score0.04261EPSS
Exploits3References4
OSV
OSV
added 2026/06/09 8:12 a.m.4 views

SUSE-SU-2026:2307-1 Security update for nginx

This update for nginx fixes the following issue - CVE-2026-9256: heap buffer overflow in the ngxhttprewritemodule when using a configuration with overlapping captures bsc1266215...

9.2CVSS5.7AI score0.04261EPSS
Exploits3References3
SUSE Linux
SUSE Linux
added 2026/06/09 8:12 a.m.7 views

Security update for nginx

This update for nginx fixes the following issue CVE-2026-9256: heap buffer overflow in the ngxhttprewritemodule when using a configuration with overlapping captures bsc1266215. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

9.2CVSS5.7AI score0.04261EPSS
Exploits3References4
OSV
OSV
added 2026/06/01 11:47 a.m.8 views

BIT-NGINX-2026-9256 NGINX ngx_http_rewrite_module vulnerability

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when a rewrite directive uses a regex pattern with distinct, overlapping Perl-Compatible Regular Expression PCRE captures for example, ^/.$ and a replacement string that references...

9.2CVSS6.2AI score0.04261EPSS
Exploits3References14
RedhatCVE
RedhatCVE
added 2026/05/28 12:37 a.m.15 views

CVE-2026-45934

A flaw was found in the Linux kernel's btrfs filesystem. This issue occurs due to non-consecutive gaps in chunk allocation, leading to overlapping chunk maps. A local attacker could exploit this by triggering specific chunk allocation scenarios, potentially causing filesystem operations to abort...

7CVSS5.8AI score0.00121EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/27 3:47 p.m.63 views

CVE-2026-44321 free5GC: SMF UPI POST /upi/v1/upNodesLinks exits the SMF process on overlapping UE pools (unauthenticated, reachable Fatalf)

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's SMF mounts the UPI management route group without inbound OAuth2 middleware. The POST /upi/v1/upNodesLinks create-or-update handler accepts attacker-controlled JSON and passes it directly into...

7.5CVSS0.00364EPSS
Exploits1References4
CVE
CVE
added 2026/05/27 3:47 p.m.29 views

CVE-2026-44321

The CVE concerns free5GC SMF (v4.2.x) where the UPI route group lacked inbound OAuth middleware, allowing an unauthenticated POST to /upi/v1/upNodesLinks to trigger a validation failure that calls Fatalf, terminating the entire SMF process. Specifically, an attacker-controlled JSON payload can tr...

7.5CVSS5.8AI score0.00364EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the retryalignedread function in md/raid5, causing a soft lock. This vulnerability may lead to an...

5.8AI score0.00095EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the local overlap detection logic in netfilter’s nftsetrbtree. This logic skips the initial eleme...

5.8AI score0.00156EPSS
Exploits0References8
OSV
OSV
added 2026/05/26 9:58 a.m.7 views

CLSA-2026-1779789531 Fix CVE(s): CVE-2026-9256

SECURITY UPDATE: fix heap buffer overflow in ngxhttprewritemodule with overlapping captures - debian/patches/CVE-2026-9256.patch: fix heap buffer overflow in ngxhttprewritemodule with overlapping captures - CVE-2026-9256...

9.2CVSS6AI score0.04261EPSS
Exploits3References1
OSV
OSV
added 2026/05/26 9:48 a.m.9 views

CLSA-2026-1779788913 Fix CVE(s): CVE-2026-9256

SECURITY UPDATE: fix heap buffer overflow in ngxhttprewritemodule with overlapping captures - debian/patches/CVE-2026-9256.patch: fix heap buffer overflow in ngxhttprewritemodule with overlapping captures - CVE-2026-9256...

9.2CVSS6AI score0.04261EPSS
Exploits3References1
CloudLinux
CloudLinux
added 2026/05/26 9:21 a.m.12 views

nginx: Fix of CVE-2026-9256

CVE-2026-9256: fix heap buffer overflow with overlapping captures in ngxhttprewritemodule...

9.2CVSS6AI score0.04261EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.12 views

FreeBSD : nginx -- heap buffer overflow in ngx_http_rewrite_module (36a3131d-5600-11f1-b339-3497f65b111b)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 36a3131d-5600-11f1-b339-3497f65b111b advisory. The nginx developers report: A heap memory buffer overflow might occur in a worker process when using a...

9.2CVSS6.3AI score0.04261EPSS
Exploits3References3
OSV
OSV
added 2026/05/25 12:31 p.m.6 views

CLSA-2026-1779712300 Fix CVE(s): CVE-2026-9256

SECURITY UPDATE: heap buffer overflow in ngxhttprewritemodule with overlapping captures - debian/patches/CVE-2026-9256.patch: fix heap buffer overflow in ngxhttpscriptregexstartcode when a rewrite replacement string with no variables has overlapping captures, by moving the per-capture length...

9.2CVSS6AI score0.04261EPSS
Exploits3References1
UbuntuCve
UbuntuCve
added 2026/05/22 3:16 p.m.13 views

CVE-2026-9256

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when a rewrite directive uses a regex pattern with distinct, overlapping Perl-Compatible Regular Expression PCRE captures for example, ^/.$ and a replacement string that references...

9.2CVSS6.1AI score0.04261EPSS
Exploits3References3
OSV
OSV
added 2026/05/22 3:16 p.m.7 views

UBUNTU-CVE-2026-9256

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when a rewrite directive uses a regex pattern with distinct, overlapping Perl-Compatible Regular Expression PCRE captures for example, ^/.$ and a replacement string that references...

9.2CVSS6.2AI score0.04261EPSS
Exploits3References6
EUVD
EUVD
added 2026/05/22 2:11 p.m.15 views

EUVD-2026-31444

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when a rewrite directive uses a regex pattern with distinct, overlapping Perl-Compatible Regular Expression PCRE captures for example, ^/.$ and a replacement string that references...

9.2CVSS6.2AI score0.04261EPSS
Exploits3References1
Rows per page
Query Builder