Lucene search
K

26 matches found

Tenable Nessus
Tenable Nessus
added 6 days ago5 views

Linux Distros Unpatched Vulnerability : CVE-2026-29009

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - U-Boot through 2026.04-rc3 contains a buffer overflow vulnerability in nfsreadlinkreply net/nfs- common.c when CONFIGCMDNFS is enabled, allowing a malicious or...

8.8CVSS6.2AI score0.00438EPSS
Exploits0References2
NVD
NVD
added last week9 views

CVE-2026-29009

U-Boot through 2026.04-rc3 contains a buffer overflow vulnerability in nfsreadlinkreply net/nfs-common.c when CONFIGCMDNFS is enabled, allowing a malicious or compromised NFS server to overflow the 2048-byte nfspathbuff buffer by returning multiple relative symlink targets that are appended witho...

8.8CVSS0.00438EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added last week7 views

CVE-2026-29009 U-Boot 2026.04-rc3 Buffer Overflow in nfs_readlink_reply() via NFS READLINK

U-Boot through 2026.04-rc3 contains a buffer overflow vulnerability in nfsreadlinkreply net/nfs-common.c when CONFIGCMDNFS is enabled, allowing a malicious or compromised NFS server to overflow the 2048-byte nfspathbuff buffer by returning multiple relative symlink targets that are appended witho...

8.8CVSS6.3AI score0.00438EPSS
Exploits0References4
Cvelist
Cvelist
added last week33 views

CVE-2026-29009 U-Boot 2026.04-rc3 Buffer Overflow in nfs_readlink_reply() via NFS READLINK

U-Boot through 2026.04-rc3 contains a buffer overflow vulnerability in nfsreadlinkreply net/nfs-common.c when CONFIGCMDNFS is enabled, allowing a malicious or compromised NFS server to overflow the 2048-byte nfspathbuff buffer by returning multiple relative symlink targets that are appended witho...

8.8CVSS0.00438EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/28 9:9 p.m.13 views

CVE-2026-46183

A flaw was found in the Linux kernel's DAMON Data Access MONitor sysfs system file system component. This vulnerability, a use-after-free, occurs because the damonsysfsquotgoal-path buffer can be deallocated during a write operation without proper locking. A local user could exploit this race...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.29 views

PT-2026-44306

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description A use-after-free issue exists in the Linux kernel within the DAMON sysfs schemes. The damon sysfs quot goal-path variable ca...

9.8CVSS6AI score0.03663EPSS
Exploits17References278
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The issue of unexpectedly changing the path in ksmbdvfskernpathlocked has been fixed. When ksmbdvfskernpathlocked encounters an error, and it isn’t the last entry, it will exit without restoring the changed path buffer...

5.5CVSS6.1AI score0.00197EPSS
Exploits0References2
OSV
OSV
added 2026/04/24 2:42 p.m.2 views

CVE-2026-31613 smb: client: fix OOB reads parsing symlink error response

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOB reads parsing symlink error response When a CREATE returns STATUSSTOPPEDONSYMLINK, smb2checkmessage returns success without any length validation, leaving the symlink parsers as the only defense against an...

8.1CVSS6.3AI score0.00378EPSS
Exploits0References10
EUVD
EUVD
added 2026/04/24 2:42 p.m.4 views

EUVD-2026-25506

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOB reads parsing symlink error response When a CREATE returns STATUSSTOPPEDONSYMLINK, smb2checkmessage returns success without any length validation, leaving the symlink parsers as the only defense against an...

5.4AI score0.00378EPSS
Exploits0References3
OSV
OSV
added 2026/03/18 11:26 p.m.20 views

CVE-2026-32743 PX4 Autopilot: Stack-based Buffer Overflow via Oversized Path Input in MAVLink Log Request Handling

PX4 is an open-source autopilot stack for drones and unmanned vehicles. Versions 1.17.0-rc2 and below are vulnerable to Stack-based Buffer Overflow through the MavlinkLogHandler, and are triggered via MAVLink log request. The LogEntry.filepath buffer is 60 bytes, but the sscanf function parses...

6.5CVSS5.9AI score0.00365EPSS
Exploits3References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-2609

Malicious code in bioql PyPI...

7.3AI score0.00197EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-26818

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tools/rtla: Fix clang warning about mountpoint var size clang is reporting this warning: $...

5.5CVSS5.7AI score0.00225EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2025/07/11 7:0 a.m.7 views

In Node.js, the `ReadFileUtf8` internal binding leaks memory due to a corrupted pointer in `uv_fs_s.file`: a UTF-16 path buffer is allocated but subsequently overwritten when the file descriptor is set. This results in an unrecoverable memory leak on every call. Repeated use can cause unbounded memory growth, leading to a denial of service. Impact: * This vulnerability affects APIs relying on `ReadFileUtf8` on Node.js release lines: v20 and v22.

...

3.7CVSS6.7AI score0.0048EPSS
Exploits0
OSV
OSV
added 2025/05/21 6:0 a.m.17 views

BIT-NODE-2025-23165

In Node.js, the ReadFileUtf8 internal binding leaks memory due to a corrupted pointer in uvfss.file: a UTF-16 path buffer is allocated but subsequently overwritten when the file descriptor is set. This results in an unrecoverable memory leak on every call. Repeated use can cause unbounded memory...

3.7CVSS4.1AI score0.0048EPSS
Exploits0References2
OSV
OSV
added 2025/05/21 6:0 a.m.10 views

BIT-NODE-MIN-2025-23165

In Node.js, the ReadFileUtf8 internal binding leaks memory due to a corrupted pointer in uvfss.file: a UTF-16 path buffer is allocated but subsequently overwritten when the file descriptor is set. This results in an unrecoverable memory leak on every call. Repeated use can cause unbounded memory...

3.7CVSS4AI score0.0048EPSS
Exploits0References2
NVD
NVD
added 2025/05/19 2:15 a.m.18 views

CVE-2025-23165

In Node.js, the ReadFileUtf8 internal binding leaks memory due to a corrupted pointer in uvfss.file: a UTF-16 path buffer is allocated but subsequently overwritten when the file descriptor is set. This results in an unrecoverable memory leak on every call. Repeated use can cause unbounded memory...

3.7CVSS0.0048EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/01/22 3:48 a.m.4 views

SUSE CVE-2025-21660

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix unexpectedly changed path in ksmbdvfskernpathlocked When ksmbdvfskernpathlocked met an error and it is not the last entry, it will exit without restoring changed path buffer. But later this buffer may be used as the...

5.5CVSS7.7AI score0.00197EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/01/21 12:18 p.m.24 views

CVE-2025-21660 ksmbd: fix unexpectedly changed path in ksmbd_vfs_kern_path_locked

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix unexpectedly changed path in ksmbdvfskernpathlocked When ksmbdvfskernpathlocked met an error and it is not the last entry, it will exit without restoring changed path buffer. But later this buffer may be used as the...

0.00197EPSS
Exploits0References4
OSV
OSV
added 2025/01/21 12:18 p.m.13 views

CVE-2025-21660 ksmbd: fix unexpectedly changed path in ksmbd_vfs_kern_path_locked

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix unexpectedly changed path in ksmbdvfskernpathlocked When ksmbdvfskernpathlocked met an error and it is not the last entry, it will exit without restoring changed path buffer. But later this buffer may be used as the...

5.5CVSS6.2AI score0.00197EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/01/21 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from the ksmbdvfskernpathlocked function in the ksmbd module that does not recover the path buffer on error. Thi...

5.5CVSS6.7AI score0.00197EPSS
Exploits0References6
Rows per page
Query Builder