Lucene search
K

205 matches found

OSV
OSV
added 2025/10/28 12:15 p.m.4 views

UBUNTU-CVE-2025-40065

In the Linux kernel, the following vulnerability has been resolved: RISC-V: KVM: Write hgatp register with valid mode bits According to the RISC-V Privileged Architecture Spec, when MODE=Bare is selected,software must write zero to the remaining fields of hgatp. We have detected the valid mode...

5.7AI score0.00168EPSS
Exploits0References10
Hacker One
Hacker One
added 2025/10/23 10:29 a.m.11 views

curl: libcurl MQTT PUBLISH length overflow (heap overflow)

Summary: Heap-based buffer overflow in libcurl’s MQTT PUBLISH assembly lib/mqtt.c::mqttpublish due to unchecked sizet arithmetic when computing the MQTT “Remaining Length”. If payloadlen + 2 + topiclen wraps sizet, libcurl allocates a too-small buffer and then memcpy’s payloadlen bytes into it,...

7.5AI score
Exploits0
SUSE CVE
SUSE CVE
added 2025/10/23 12:10 a.m.3 views

SUSE CVE-2022-50582

In the Linux kernel, the following vulnerability has been resolved: regulator: core: Prevent integer underflow By using a ratio of delay to pollenabledtime that is not integer timeremaining underflows and does not exit the loop as expected. As delay could be derived from DT and pollenabledtime is...

3.3CVSS6.4AI score0.00195EPSS
Exploits0References7
OSV
OSV
added 2025/10/22 2:15 p.m.2 views

DEBIAN-CVE-2022-50582

In the Linux kernel, the following vulnerability has been resolved: regulator: core: Prevent integer underflow By using a ratio of delay to pollenabledtime that is not integer timeremaining underflows and does not exit the loop as expected. As delay could be derived from DT and pollenabledtime is...

5.3AI score0.00195EPSS
Exploits0References1
OSV
OSV
added 2025/10/22 2:15 p.m.6 views

UBUNTU-CVE-2022-50582

In the Linux kernel, the following vulnerability has been resolved: regulator: core: Prevent integer underflow By using a ratio of delay to pollenabledtime that is not integer timeremaining underflows and does not exit the loop as expected. As delay could be derived from DT and pollenabledtime is...

5.8AI score0.00195EPSS
Exploits0References8
Cvelist
Cvelist
added 2025/10/22 1:23 p.m.9 views

CVE-2022-50582 regulator: core: Prevent integer underflow

In the Linux kernel, the following vulnerability has been resolved: regulator: core: Prevent integer underflow By using a ratio of delay to pollenabledtime that is not integer timeremaining underflows and does not exit the loop as expected. As delay could be derived from DT and pollenabledtime is...

0.00195EPSS
Exploits0References5
CVE
CVE
added 2025/10/22 1:23 p.m.14 views

CVE-2022-50582

The CVE refers to the Linux kernel regulator core vulnerability (CVE-2022-50582) where a non-integer ratio of delay to poll_enabled_time can cause time_remaining to underflow and the loop not exit. The documented fix is to use a signed iterator so the loop exits when remaining time becomes negati...

6.1AI score0.00195EPSS
Exploits0References5
OSV
OSV
added 2025/10/22 1:23 p.m.3 views

CVE-2022-50582 regulator: core: Prevent integer underflow

In the Linux kernel, the following vulnerability has been resolved: regulator: core: Prevent integer underflow By using a ratio of delay to pollenabledtime that is not integer timeremaining underflows and does not exit the loop as expected. As delay could be derived from DT and pollenabledtime is...

6.4AI score0.00195EPSS
Exploits0References8
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/10/14 3:47 a.m.4 views

Malicious code in company-access-pending (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ddfec3b870b7eafccef0a535e03adb6bf0728eaa79ca63e248fa07593eb20361 Any computer that has this package installed or running should be considered...

6.8AI score
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/10/07 11:47 p.m.5 views

SUSE CVE-2023-53641

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hifusb: fix memory leak of remainskbs hifdev-remainskb is allocated and used exclusively in ath9khifusbrxstream. It is implied that an allocated remainskb is processed and subsequently freed in error paths only durin...

4.7CVSS6.5AI score0.00146EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2025/10/06 11:27 p.m.5 views

SUSE CVE-2025-39942

In the Linux kernel, the following vulnerability has been resolved: ksmbd: smbdirect: verify remainingdatalength respects maxfragmentedrecvsize This is inspired by the check for dataoffset + datalength...

5.5CVSS6.6AI score0.00136EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/10/05 2:52 a.m.4 views

SUSE CVE-2025-39933

In the Linux kernel, the following vulnerability has been resolved: smb: client: let recvdone verify dataoffset, datalength and remainingdatalength This is inspired by the related server fixes...

5.5CVSS6.6AI score0.0012EPSS
Exploits0References7
Microsoft CVE
Microsoft CVE
added 2025/10/05 1:3 a.m.5 views

smb: client: let recv_done verify data_offset, data_length and remaining_data_length

...

5.5CVSS7AI score0.0012EPSS
Exploits0
EUVD
EUVD
added 2025/10/04 9:30 a.m.5 views

EUVD-2025-32393

In the Linux kernel, the following vulnerability has been resolved: ksmbd: smbdirect: verify remainingdatalength respects maxfragmentedrecvsize This is inspired by the check for dataoffset + datalength...

6AI score0.00136EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/04 9:30 a.m.5 views

EUVD-2025-32400

In the Linux kernel, the following vulnerability has been resolved: smb: client: let recvdone verify dataoffset, datalength and remainingdatalength This is inspired by the related server fixes...

6AI score0.0012EPSS
Exploits0References3
NVD
NVD
added 2025/10/04 8:15 a.m.8 views

CVE-2025-39942

In the Linux kernel, the following vulnerability has been resolved: ksmbd: smbdirect: verify remainingdatalength respects maxfragmentedrecvsize This is inspired by the check for dataoffset + datalength...

5.5CVSS0.00136EPSS
Exploits0References5
NVD
NVD
added 2025/10/04 8:15 a.m.5 views

CVE-2025-39933

In the Linux kernel, the following vulnerability has been resolved: smb: client: let recvdone verify dataoffset, datalength and remainingdatalength This is inspired by the related server fixes...

5.5CVSS0.0012EPSS
Exploits0References2
OSV
OSV
added 2025/10/04 8:15 a.m.6 views

UBUNTU-CVE-2025-39942

In the Linux kernel, the following vulnerability has been resolved: ksmbd: smbdirect: verify remainingdatalength respects maxfragmentedrecvsize This is inspired by the check for dataoffset + datalength...

5.5CVSS6.2AI score0.00136EPSS
Exploits0References18
OSV
OSV
added 2025/10/04 8:15 a.m.5 views

UBUNTU-CVE-2025-39933

In the Linux kernel, the following vulnerability has been resolved: smb: client: let recvdone verify dataoffset, datalength and remainingdatalength This is inspired by the related server fixes...

5.5CVSS6.6AI score0.0012EPSS
Exploits0References5
CVE
CVE
added 2025/10/04 7:31 a.m.24 views

CVE-2025-39942

CVE-2025-39942 is a Linux kernel vulnerability affecting the ksmbd smbdirect component. The issue, described as: “verify remaining_data_length respects max_fragmented_recv_size,” is a refinement inspired by the existing check for data_offset + data_length. The connected sources identify this CVE ...

5.5CVSS6.2AI score0.00136EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder