Lucene search
K

11966 matches found

EUVD
EUVD
added 2026/06/24 4:30 p.m.8 views

EUVD-2026-38959

In the Linux kernel, the following vulnerability has been resolved: net: pull headers in qdiscpktlensegsinit Most ndostartxmit methods expects headers of gso packets to be already in skb-head. net/core/tso.c users are particularly at risk, because tsobuildhdr does a memcpyhdr, skb-data, hdrlen;...

5.8AI score0.00123EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: perform a shared-unconfirmed check before segmentation. Ulrich reports a regression with nfqueue: If an application does not set the ‘FGSO’ capability flag, and a gso packet with an unconfirmed nfconn...

7.5CVSS5.7AI score0.00595EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.2 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: sctp: Linearize cloned GSO packets in sctprcv. The cloned headskb still shares these frag SKBs in the fraglist with the original headskb. Accessing these frag SKBs is not safe. syzbot reported two bugs related to the use of...

7.8CVSS6.8AI score0.00151EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in libde265

strukturag libde265 commit d9fea9d was discovered to contain a segmentation fault due to the component decodercontext::computeframedroptable...

6.2CVSS5.7AI score0.00159EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in taglib

TagLib before version 2.0 allows a segmentation violation and causes the application to crash during tag writing when a crafted WAV file is used, in which the id3 chunk is the only valid chunk...

7.1CVSS5.2AI score0.00257EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.15 views

PT-2026-51985

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the handling of Generic Segmentation Offload GSO packet headers. The qdisc pkt len segs init function fails to properly pull headers into the expected memory location,...

8.4CVSS5.8AI score0.00123EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.6 views

PT-2026-51651

Name of the Vulnerable Software and Affected Versions Hubbell Aclara Metrum affected versions not specified Description The Cellular Web Interface contains a flaw where missing authentication allows unauthenticated attackers to manipulate critical device settings and disrupt operations. This issu...

8.7CVSS5.8AI score0.00726EPSS
Exploits0References12
RedHat Linux
RedHat Linux
added 2026/06/22 6:10 a.m.6 views

postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write

A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...

8.8CVSS6.2AI score0.00668EPSS
Exploits0References5
Snyk
Snyk
added 2026/06/19 8:47 p.m.4 views

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free in the Oj::Parser when operating in SAJ mode with object keys of 35 bytes or longer. An attacker can cause a segmentation fault by triggering garbage collection within a callback, leading to use of a freed memory pointer...

8.7CVSS5.9AI score0.00253EPSS
Exploits0References2
OSV
OSV
added 2026/06/19 8:47 p.m.4 views

GHSA-M578-W5VF-RFCM Oj: Use-After-Free in Oj::Parser SAJ Long Key Callback

Summary Oj::Parser in SAJ mode does not protect cached object keys ≥ 35 bytes from garbage collection. A Ruby callback that triggers GC inside hashend can cause the key string to be reclaimed while the C parser still holds a pointer to it. The subsequent access to the freed string VALUE results i...

8.7CVSS5.8AI score0.00253EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/19 8:47 p.m.9 views

Oj: Use-After-Free in Oj::Parser SAJ Long Key Callback

Summary Oj::Parser in SAJ mode does not protect cached object keys ≥ 35 bytes from garbage collection. A Ruby callback that triggers GC inside hashend can cause the key string to be reclaimed while the C parser still holds a pointer to it. The subsequent access to the freed string VALUE results i...

6.3CVSS5.8AI score0.00253EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/19 8:47 p.m.6 views

Oj: Use-After-Free in Oj::Parser array_class/hash_class GC Marking

Summary Oj::Parser in usual mode does not mark arrayclass and hashclass references during garbage collection. If GC runs after the class is assigned but before a parse, the class object is reclaimed, leaving the parser holding a dangling VALUE. The subsequent parse call dereferences the freed...

6.3CVSS5.8AI score0.00253EPSS
Exploits0References2Affected Software1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in binutils

A issue was discovered in the Binary File Descriptor BFD library also known as libbfd, as distributed in GNU Binutils 2.32. It is an integer overflow that leads to a segmentation fault in bfddwarf2findnearestline in dwarf2.c, as demonstrated by the nm tool...

6.5CVSS6.7AI score0.02396EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Net: Properly handles tunneled traffic when using GSO fallback for IPV6CSUM. NETIFFIPV6CSUM only indicates support for packet checksum offloading without IPv6 extension headers. Packets with extension headers must rely on...

7.5CVSS5.7AI score0.00371EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in binutils

A issue was discovered in the Binary File Descriptor BFD library also known as libbfd, as distributed in GNU Binutils 2.31. An invalid memory address dereference was identified in the readreloc function in reloc.c. This vulnerability causes a segmentation fault and results in the crash of the...

5.5CVSS6.2AI score0.0182EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in cjson

It has been discovered that cJSON v1.7.16 contains a segmentation violation due to the use of the cJSONInsertItemInArray function in the cJSON.c library...

7.5CVSS6.3AI score0.01508EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in TIF format

A segmentation fault flaw was discovered in libtiff, which can be triggered by passing a crafted TIF file to the TIFFReadRGBATileExt API. This flaw allows a remote attacker to cause a heap buffer overflow, resulting in a denial of service...

7.5CVSS6.9AI score0.02187EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in advancecomp

A segmentation fault flaw was detected in the Advancecomp package. This may result in reduced availability...

3.3CVSS5.8AI score0.0019EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: Fix NULL pointer in skbsegmentlist. The commit 3a1296a38d0c “net: Support GRO/GSO fraglist chaining” introduced a bug where the GRO was processed using a UDP list. The segmentation of data relies on fraglist not being modifi...

5.5CVSS6.1AI score0.00246EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Fribidi

A segmentation fault flaw was discovered in the Fribidi package, affecting the fribidiremovebidimarks function in the lib/fribidi.c file. This flaw allows an attacker to submit a specially crafted file to Fribidi, resulting in a crash and causing a denial of service...

5.5CVSS6.7AI score0.00454EPSS
Exploits1References2
Rows per page
Query Builder