Lucene search
+L

6389 matches found

ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.4 views

PT-2026-52292

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A heap overflow exists in the get manuf info function. The issue occurs because the function reads a number of bytes specified by the Size field from a device I2C EEPROM into a buffer...

7CVSS6.1AI score0.00284EPSS
Exploits0References25
ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.13 views

PT-2026-52351

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A slab-use-after-free issue exists in the Bluetooth RFCOMM implementation. The function rfcomm get sock by channel scans the rfcomm sk list under a list lock but returns the selected...

8CVSS6.1AI score0.00266EPSS
Exploits0References22
ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.33 views

PT-2026-52590

Name of the Vulnerable Software and Affected Versions wolfSSL affected versions not specified Description A length-confusion issue exists in the wolfSSL OCSP resp find status function. The lookup process compares serial-number bytes without verifying that the two serial numbers are of equal lengt...

6.3CVSS5.8AI score0.00121EPSS
Exploits0References6
euvd
euvd
added 2026/06/24 6:32 p.m.6 views

EUVD-2026-38905

In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: fix deadlock in hidpostreset You can build a USB device that includes a HID component and a storage or UAS component. The components can be reset only together. That means that hidprereset and hidpostreset are in the...

5.7AI score0.00095EPSS
Exploits0References9
nvd
nvd
added 2026/06/24 5:17 p.m.6 views

CVE-2026-52963

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Bound MIDI endpoint descriptor scans sndusbmidigetmsinfo validates the internal MIDIStreaming endpoint descriptor size before using baAssocJackID, but the descriptor walker can still return a class-specific...

5.5CVSS0.00128EPSS
Exploits0References8
cve
cve
added 2026/06/24 4:28 p.m.13 views

CVE-2026-52964

Summary of CVE-2026-52964 : A flaw in the Linux kernel’s ALSA USB-audio path (USB MIDI 2.0 endpoint parser) fails to validate descriptor lengths for the MIDI 2.0 endpoint, allowing a malformed device to cause out-of-bounds reads on baAssoGrpTrmBlkID[] due to walking endpoint extras before verifyi...

5.5CVSS5.7AI score0.00127EPSS
Exploits0References5Affected Software1
attackerkb
attackerkb
added 2026/06/24 4:28 p.m.7 views

CVE-2026-52963

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Bound MIDI endpoint descriptor scans sndusbmidigetmsinfo validates the internal MIDIStreaming endpoint descriptor size before using baAssocJackID, but the descriptor walker can still return a class-specific...

5.7AI score0.00128EPSS
Exploits0References9Affected Software1
astralinux
astralinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: mcbausbreadbulkcallback: fixed a URB memory leak. The memory leak was fixed in a similar manner to the issue in commit 7352e1d5932a “can: gsusb: gsusbreceivebulkcallback: fixed a URB memory leak”. In mcbausbprobe -...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: serial: caif: Fix use-after-free in caifSerial ldiscClose There is a use-after-free bug in caifSerial where handletx may access ser-tty after tty has been freed. The race condition occurs between ldiscClose and packet transmissio...

7.8CVSS5.8AI score0.0016EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: spi: spi-sprd-adi – Fixed a double-free in the probe error path. The driver currently uses spiallochost to allocate the controller, but registers it using devmspiregistercontroller. If devmregisterrestarthandler fails, the code...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: can: usb8dev: usb8devreadbulkcallback: fixed the URB memory leak. The memory leak was fixed in a similar manner to that in commit 7352e1d5932a “can: gsusb: gsusbreceivebulkcallback: fixed the URB memory leak”. In usb8devopen -...

5.5CVSS5.7AI score0.00127EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: Fixed a memory leak that occurred due to a failure in usbsubmiturb. In asyncsetregisters, when usbsubmiturb fails, the allocated asyncreq structure and URB are not freed, resulting in a memory leak. The...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Protect currxfer in tegraqspicombinedseqxfer The currxfer field is read by the IRQ handler without holding a lock. This allows the IRQ handler to check whether a transfer is in progress. When clearing the...

5.5CVSS5.8AI score0.00111EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net: usb: catc: enable basic endpoint checking The catcprobe function fills three URBs with hardcoded endpoint pipes without verifying the endpoint descriptors. This occurs as follows: - usbsndbulkpipeusbdev, 1 and...

5.5CVSS5.7AI score0.0016EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Fixed null pointer access to epfile after ep enable. A race condition occurs when ffsfuncepsenable runs concurrently with ffsdatareset. The ffsdataclear function called in ffsdatareset sets ffs-epfiles to NULL...

5.7AI score0.00175EPSS
Exploits0References4
astralinux
astralinux
added 2026/06/24 3:11 p.m.11 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.20.1, there was a race in the serial channel IRP thread tracking that allowed for a heap use-after-free condition when one thread removed an entry from serial-IrpThreads while another read it. This vulnerability h...

8.1CVSS7AI score0.00286EPSS
Exploits1References3
osv
osv
added 2026/06/23 1:50 p.m.5 views

SUSE-SU-2026:22349-1 Security update for sg3_utils

This update for sg3utils fixes the following issues: - sginq: --export output conformance for SCSI name string and ATA fields bsc1267823 - rescan-scsi-bus.sh: quote $idserial in findmultipath call bsc1268201...

5.8AI score
Exploits0References3
osv
osv
added 2026/06/23 1:50 p.m.5 views

OPENSUSE-SU-2026:21040-1 Security update for sg3_utils

This update for sg3utils fixes the following issues: - sginq: --export output conformance for SCSI name string and ATA fields bsc1267823 - rescan-scsi-bus.sh: quote $idserial in findmultipath call bsc1268201...

5.8AI score
Exploits0References2
metasploit
metasploit
added 2026/06/19 7:3 p.m.229 views

Quectel Cellular Modem Pivot (Serial AT)

Opens a serial connection to a Quectel cellular modem and registers it as a 'modem' session capable of network pivoting. The Quectel modems have a limited number of sockets available, configurable using MODEMSOCKETS. Once the session is established, it can be routed through using the route comman...

6AI score
Exploits0
redhat
redhat
added 2026/06/19 5:14 p.m.10 views

kernel: ALSA: usb-audio: Add sanity check for OOB writes at silencing

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture USB audio subsystem. An inconsistency in how USB audio playback and capture streams are handled can lead to an out-of-bounds write to a memory buffer. This can result in a system crash, causing a denial of service for a...

7.8CVSS5.8AI score0.00123EPSS
Exploits0References5
Rows per page
Query Builder