Lucene search
K

469 matches found

Tenable Nessus
Tenable Nessus
added 4 days ago6 views

Linux Distros Unpatched Vulnerability : CVE-2026-53148

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - thunderbolt: Clamp XDomain response data copy to allocation size tbxdppropertiesrequest derives the per-packet copy length from the response header without...

7CVSS5.8AI score0.0014EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 5 days ago8 views

libssh2 - Out-of-Bounds Write via Unchecked packet_length in transport.c

...

9.2CVSS5.8AI score0.00732EPSS
Exploits10
EUVD
EUVD
added 2026/06/24 6:32 p.m.4 views

EUVD-2026-38862

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix MSGZEROCOPY pinned-pages accounting virtiotransportinitzcopyskb uses iter-count as the size argument for msgzerocopyrealloc, which in turn passes it to mmaccountpinnedpages for RLIMITMEMLOCK accounting. However,...

5.7AI score0.00173EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/24 4:30 p.m.27 views

CVE-2026-53091 net: pull headers in qdisc_pkt_len_segs_init()

In the Linux kernel, the following vulnerability has been resolved: net: pull headers in qdiscpktlensegsinit Most ndostartxmit methods expects headers of gso packets to be already in skb-head. net/core/tso.c users are particularly at risk, because tsobuildhdr does a memcpyhdr, skb-data, hdrlen;...

8.4CVSS0.00123EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 4:30 p.m.14 views

CVE-2026-53091

The CVE-2026-53091 issue concerns the Linux kernel’s handling of GSO packet headers during qdisc_pkt_len_segs_init(). The root cause is that many ndo_start_xmit() paths assume headers are already in skb->head, while tso_build_hdr() may copy from skb->data, and qdisc_pkt_len_segs_init() diss...

8.4CVSS5.8AI score0.00123EPSS
Exploits0References5
CVE
CVE
added 2026/06/24 4:29 p.m.7 views

CVE-2026-52994

CVE-2026-52994 affects the Linux kernel virtio transport for vsock zcopy: virtio_transport_init_zcopy_skb() previously used iter->count as the size for msg_zerocopy_realloc(), which then desks mm_account_pinned_pages() for RLIMIT_MEMLOCK. Because iter->count is consumed by virtio_transport_...

5.7AI score0.00173EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.15 views

PT-2026-51985

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the handling of Generic Segmentation Offload GSO packet headers. The qdisc pkt len segs init function fails to properly pull headers into the expected memory location,...

8.4CVSS5.8AI score0.00123EPSS
Exploits0References7
NVD
NVD
added 2026/06/19 8:16 p.m.13 views

CVE-2026-48773

ProxySQL is a proxy for MySQL and its forks, as well as PostgreSQL. Versions 2.0.18 through 3.0.8 have a pre-authentication heap memory corruption vulnerability in the MySQL and PostgreSQL protocol first-read paths. A remote unauthenticated client can declare an oversized first packet length, and...

9.8CVSS0.00358EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in vlc

Videolan VLC prior to version 3.0.20 contains an integer underflow issue that can lead to incorrect packet lengths being displayed...

7.5CVSS7.1AI score0.00907EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9k: Avoid reading uninitialized memory in ath9khtcrxmsg. syzbot reports that the uninitialized value is accessed at ath9khtcrxmsg. For ioctlUSBRAWIOCTLEPWRITE, the function ath9khifusbrxstream may call ath9khtcrxmsg with...

5.5AI score0.00181EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In the ice module, the issue of using an untrusted value of pktlen in the icevcfdirparseRaw function has been fixed. This issue was addressed by checking that the value of pktlen does not exceed the VIRTCHNLMAXSIZERAWPACKET value...

5.5CVSS5.3AI score0.00154EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: bpf: Do not redirect packets with invalid pktlen Syzbot identified an issue 1: the fqcodel Drop function attempts to drop a flow without any SKBs, that is, when flow-head is null. The root cause, as described in 2, is that the...

7.8CVSS5.9AI score0.00216EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: usb: aqc111: Check the packet for fixup for true limits. If a device sends a packet that lies between 0 and sizeofu64, the value passed to skbtrim as the packet length will wrap around, resulting in a very large value. The driver...

5.5CVSS5.4AI score0.00276EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in libslirp

In slirp.c within libslirp up to version 4.3.1, there is an issue with buffer over-reading. This occurs because the code attempts to read a certain amount of header data, even if that amount exceeds the total packet length...

4.3CVSS6.9AI score0.0183EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in libslirp

In ncsi.c within libslirp up to 4.3.1, there is an issue of buffer over-reading. This occurs because the program attempts to read a certain amount of header data, even when that amount exceeds the total packet length...

4.3CVSS6.7AI score0.01443EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/19 1:49 a.m.11 views

SUSE CVE-2026-55200

libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in ssh2transportread that fails to enforce upper bounds on packetlength field. Remote attackers can send crafted SSH packets with excessively large packetlength values to corrupt heap memory and achieve...

8.1CVSS6.2AI score0.00732EPSS
Exploits10References3
OSV
OSV
added 2026/06/17 8:17 p.m.4 views

ALPINE-CVE-2026-55200

libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in ssh2transportread that fails to enforce upper bounds on packetlength field. Remote attackers can send crafted SSH packets with excessively large packetlength values to corrupt heap memory and achieve...

8.3CVSS6.2AI score0.00732EPSS
Exploits10References1
NVD
NVD
added 2026/06/17 8:17 p.m.9 views

CVE-2026-55200

libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in ssh2transportread that fails to enforce upper bounds on packetlength field. Remote attackers can send crafted SSH packets with excessively large packetlength values to corrupt heap memory and achieve...

9.2CVSS0.00732EPSS
Exploits10References4
Cvelist
Cvelist
added 2026/06/17 7:3 p.m.24 views

CVE-2026-55200 libssh2 - Out-of-Bounds Write via Unchecked packet_length in transport.c

libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in ssh2transportread that fails to enforce upper bounds on packetlength field. Remote attackers can send crafted SSH packets with excessively large packetlength values to corrupt heap memory and achieve...

9.2CVSS0.00732EPSS
Exploits10References3
Debian CVE
Debian CVE
added 2026/06/17 7:3 p.m.43 views

CVE-2026-55200

libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in ssh2transportread that fails to enforce upper bounds on packetlength field. Remote attackers can send crafted SSH packets with excessively large packetlength values to corrupt heap memory and achieve...

9.2CVSS5.9AI score0.00732EPSS
Exploits10
Rows per page
Query Builder