Lucene search
K

402 matches found

SUSE CVE
SUSE CVE
added 2026/05/13 3:35 a.m.11 views

SUSE CVE-2026-43350

In the Linux kernel, the following vulnerability has been resolved: smb: client: require a full NFS mode SID before reading mode bits parsedacl treats an ACE SID matching sidunixNFSmode as an NFS mode SID and reads sid.subauth2 to recover the mode bits. That assumes the ACE carries three...

7.6CVSS5.8AI score0.00224EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2026/05/10 12:41 p.m.18 views

Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak

Cybersecurity researchers have disclosed a critical security vulnerability in Ollama that, if successfully exploited, could allow a remote, unauthenticated attacker to leak its entire process memory. The out-of-bounds read flaw, which likely impacts over 300,000 servers globally, is tracked as...

9.1CVSS6.9AI score0.01001EPSS
Exploits3
CVE
CVE
added 2026/05/08 3:6 p.m.12 views

CVE-2026-41585

ZEBRA’s JSON-RPC HTTP middleware is vulnerable to Denial of Service via interrupted requests. Affected: zebrad 2.2.0–<4.3.1 and zebra-rpc 1.0.0-beta.45–

6.9CVSS5.8AI score0.00257EPSS
Exploits0References1Affected Software2
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the adxl380 interrupt handler’s failure to round down when reading FIFO entries. This could lead to...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/06 1:41 a.m.7 views

SUSE CVE-2026-43006

In the Linux kernel, the following vulnerability has been resolved: iouring/rsrc: reject zero-length fixed buffer import validatefixedrange admits bufaddr at the exact end of the registered region when len is zero, because the check uses strict greater-than bufend imu-ubuf + imu-len. ioimportfixe...

7.1CVSS5.8AI score0.00124EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2026-43153

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfs: remove xfsattrleafhasname The calling convention of xfsattrleafhasname is problematic, because it returns a NULL buffer when xfsattr3leafread fails, a vali...

7.8CVSS6.5AI score0.00138EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.10 views

SUSE SLES16 Security Update : libssh (SUSE-SU-2026:21428-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21428-1 advisory. - Update to version 0.11.4: - CVE-2026-0964: SCP Protocol Path Traversal in sshscppullrequest bsc1258049 - CVE-2026-0965: Possible...

8.2CVSS5.8AI score0.00582EPSS
Exploits0References22
Github Security Blog
Github Security Blog
added 2026/05/04 7:38 p.m.10 views

Incus has Nil-Pointer Dereference via S3 Bucket Import

Summary Missing error handling could lead an authenticated Incus user to cause a daemon crash through the import of a truncated storage bucket backup file. Details It was found that TransferManager.UploadAllFiles iterates over tar entries but only checks for io.EOF from tr.Next. When tr.Next...

6.5CVSS5.7AI score0.00394EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2026/05/01 3:16 p.m.7 views

CVE-2026-43005

In the Linux kernel, the following vulnerability has been resolved: hwmon: tps53679 Fix array access with zero-length block read i2csmbusreadblockdata can return 0, indicating a zero-length read. When this happens, tps53679identifychip accesses bufret - 1 which is buf-1, reading one byte before t...

7.1CVSS0.00124EPSS
Exploits0References3
CVE
CVE
added 2026/05/01 2:15 p.m.27 views

CVE-2026-43025

CVE-2026-43025 affects the Linux kernel netfilter component. A local attacker can trigger a slab-out-of-bounds read when creating new expectations by supplying a non-master conntrack helper, potentially enabling information disclosure from kernel memory. The issue is described across multiple sou...

7.3CVSS5.8AI score0.00126EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2026/05/01 12:0 a.m.8 views

CVE-2026-42481

Open CASCADE Technology OCCT V800rc5 contains multiple vulnerabilities in its IGES and STEP file parsers that can be triggered by crafted IGES or STEP files. These issues include an out-of-bounds read in Geom2dBSplineCurve::EvalD0 during IGES B-spline curve evaluation, an out-of-bounds read in...

5.5CVSS5.8AI score0.00098EPSS
Exploits0
Cvelist
Cvelist
added 2026/04/28 9:21 a.m.35 views

CVE-2026-41607 Apache Thrift: C++ JSON OOB read

Out-of-bounds Read vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...

0.00967EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/24 6:38 p.m.34 views

CVE-2026-41415 PJSIP: SIP Multipart CID URI Length Underflow

PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is an out-of-bounds read when parsing a malformed Content-ID URI in SIP multipart message body. Insufficient length validation can cause reads beyond the intended buffer bounds. This...

8.8CVSS0.00308EPSS
Exploits0References2
OSV
OSV
added 2026/04/23 6:35 p.m.11 views

CLSA-2026-1776873238 libarchive: Fix of CVE-2026-4424

CVE-2026-4424: fix heap out-of-bounds read in RAR reader due to LZSS window size mismatch after PPMd block...

7.5CVSS7.1AI score0.00882EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-31514

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: erofs: set fileio bio failed in short read case For file-backed mount, IO requests are handl...

5.5CVSS5.9AI score0.00122EPSS
Exploits0References3
OSV
OSV
added 2026/04/21 7:5 p.m.8 views

GHSA-JWCH-W7WH-GQJM free5GC UDR: Fail-open handling in PolicyDataSubsToNotifyPost allows unintended subscription creation

Summary A fail-open request handling flaw in the UDR service causes the /nudr-dr/v2/policy-data/subs-to-notify POST handler to continue processing requests even after request body retrieval or deserialization errors. This may allow unintended creation of Policy Data notification subscriptions wit...

6.9CVSS6AI score0.09955EPSS
Exploits0References3
Rockylinux
Rockylinux
added 2026/04/19 12:4 a.m.12 views

libarchive security update

An update is available for libarchive. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libarchive programming library can create and read several different...

9.8CVSS6.2AI score0.01073EPSS
Exploits0
OSV
OSV
added 2026/04/09 3:16 p.m.4 views

DEBIAN-CVE-2026-5441

An out-of-bounds read vulnerability exists in the DecodePsmctRle1 function of DicomImageDecoder.cpp. The PMSCTRLE1 decompression routine, which decodes the proprietary Philips Compression format, does not properly validate escape markers placed near the end of the compressed data stream. A crafte...

7.1CVSS5.6AI score0.00136EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.4 views

PT-2026-30575

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in its netfilter component related to conntrack and missing netlink policy validations. Specifically, the nlattr to sctp function improperly handles...

7.8CVSS5.8AI score0.00169EPSS
Exploits0References490
CVE
CVE
added 2026/04/01 11:15 p.m.22 views

CVE-2026-5315

CVE-2026-5315 affects Nothings stb up to 1.26, specifically the stb_truetype.h function stbtt__buf_get8. Root cause is an out-of-bounds read caused by input manipulation, enabling remote execution as described in multiple sources. Public exploit information exists, and vendor contact occurred wit...

8.8CVSS5.5AI score0.00506EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder