Lucene search
K

905 matches found

Fedora
Fedora
added 5 days ago8 views

[SECURITY] Fedora 44 Update: attr-2.6.0-1.fc44

A set of tools for manipulating extended attributes on filesystem objects, in particular getfattr1 and setfattr1. An attr1 command is also provided which is largely compatible with the SGI IRIX tool of the same name...

8.4CVSS6.1AI score0.00136EPSS
Exploits0
NVD
NVD
added 2026/07/06 1:16 p.m.8 views

CVE-2026-13705

Imager versions before 1.032 for Perl have a heap out-of-bounds read in the bundled Imager::File::SGI reader via a 16-bit RLE literal run in readrgb16rle. readrgb16rle guards each literal run with if count dataleft, but count is a pixel count while every 16-bit sample consumes two bytes. The copy...

7.1CVSS0.00136EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/06 12:3 p.m.38 views

CVE-2026-13705 Imager versions before 1.032 for Perl have a heap out-of-bounds read in the bundled Imager::File::SGI reader via a 16-bit RLE literal run in read_rgb_16_rle

Imager versions before 1.032 for Perl have a heap out-of-bounds read in the bundled Imager::File::SGI reader via a 16-bit RLE literal run in readrgb16rle. readrgb16rle guards each literal run with if count dataleft, but count is a pixel count while every 16-bit sample consumes two bytes. The copy...

0.00136EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/06 12:3 p.m.5 views

EUVD-2026-41872

Imager versions before 1.032 for Perl have a heap out-of-bounds read in the bundled Imager::File::SGI reader via a 16-bit RLE literal run in readrgb16rle. readrgb16rle guards each literal run with if count dataleft, but count is a pixel count while every 16-bit sample consumes two bytes. The copy...

7.1CVSS6AI score0.00136EPSS
Exploits0References2
OSV
OSV
added 2026/07/06 12:3 p.m.1 views

CVE-2026-13705 Imager versions before 1.032 for Perl have a heap out-of-bounds read in the bundled Imager::File::SGI reader via a 16-bit RLE literal run in read_rgb_16_rle

Imager versions before 1.032 for Perl have a heap out-of-bounds read in the bundled Imager::File::SGI reader via a 16-bit RLE literal run in readrgb16rle. readrgb16rle guards each literal run with if count dataleft, but count is a pixel count while every 16-bit sample consumes two bytes. The copy...

7.1CVSS6AI score0.00136EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.13 views

PT-2026-55931

Imager versions before 1.032 for Perl have a heap out-of-bounds read in the bundled Imager::File::SGI reader via a 16-bit RLE literal run in read rgb 16 rle. read rgb 16 rle guards each literal run with if count data left, but count is a pixel count while every 16-bit sample consumes two bytes. T...

7.1CVSS6AI score0.00136EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/24 12:0 a.m.2 views

CVE-2026-49269

Apple M1 GPUs retain register file data between compute shader dispatches from different processes. A sandboxed Metal attacker app can run a GPU reader shader that reads stale register values left by a separate sandboxed victim app. In the proof of concept, GPUVictim.app generates a fresh random...

8.6CVSS5.8AI score0.00303EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2026/06/16 9:2 p.m.9 views

USN-8438-1: OpenImageIO vulnerabilities

It was discovered that OpenImageIO incorrectly performed bounds checking when processing SGI files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2026-43903 It was discovered that OpenImageIO incorrectly handled run-length encoding when...

8.8CVSS6.1AI score0.00371EPSS
Exploits5
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.11 views

On-Chip Quantum Randomness Amplification

Randomness amplification, the task of extracting uniform private bits from biased seeds that may be partly known by a malicious third party, is of central importance in cryptography. The highest security in this task is provided by a class of quantum protocols known as device-independent, which...

5.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-45854

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: inside-secure/eip93 - unregister only available algorithm EIP93 has an options register. This register indicates which crypto algorithms are implemented...

5.5CVSS6.1AI score0.00153EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/28 3:57 a.m.13 views

SUSE CVE-2026-45854

In the Linux kernel, the following vulnerability has been resolved: crypto: inside-secure/eip93 - unregister only available algorithm EIP93 has an options register. This register indicates which crypto algorithms are implemented in silicon. Supported algorithms are registered on this basis...

5.8AI score0.00153EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/27 3:33 p.m.13 views

EUVD-2026-32320

In the Linux kernel, the following vulnerability has been resolved: crypto: inside-secure/eip93 - unregister only available algorithm EIP93 has an options register. This register indicates which crypto algorithms are implemented in silicon. Supported algorithms are registered on this basis...

5.8AI score0.00153EPSS
Exploits0References4
CVE
CVE
added 2026/05/27 12:15 p.m.19 views

CVE-2026-45854

The CVE-2026-45854 issue affects the Linux kernel crypto stack, specifically the inside-secure/eip93 driver. The root cause is that EIP93’s options register is used to decide which algorithms are registered; currently, all algorithms are unregistered regardless of hardware support. This can cause...

5.5CVSS5.8AI score0.00153EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.19 views

PT-2026-43721

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the inside-secure/eip93 crypto component where the system attempts to unregister all crypto algorithms regardless of whether they are implemented in the hardware...

5.8AI score0.00153EPSS
Exploits0References12
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

Silicon Simplicity SDK 安全漏洞

The Silicon Simplicity SDK is an embedded software development platform provided by Silicon Corporation. It is used to build IoT products based on our 2-series and upcoming 3-series wireless and MCU devices. The Silicon Simplicity SDK has a security vulnerability. Attackers can compromise the...

8.8CVSS5.8AI score0.00202EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in pillow

In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files, due to improper handling of offset and length tables...

5.8CVSS6.2AI score0.01573EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.12 views

Silicon Simplicity SDK 安全特征问题漏洞

The Silicon Simplicity SDK is an embedded software development platform provided by Silicon Corporation in the United States. It is used to build IoT products based on our 2-series and upcoming 3-series wireless and MCU devices. The Silicon Simplicity SDK has a security feature vulnerability, whi...

4.1CVSS5.8AI score0.00146EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/05/14 7:10 p.m.11 views

CVE-2026-43903

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, sgiinput.cpp:265,274 use OIIODASSERT for bounds checking in the RLE decode loop. In release builds, OIIODASSERT compiles to voidsizeofx...

8.4CVSS6AI score0.00126EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/14 7:10 p.m.11 views

EUVD-2026-30387

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, sgiinput.cpp:265,274 use OIIODASSERT for bounds checking in the RLE decode loop. In release builds, OIIODASSERT compiles to voidsizeofx...

8.4CVSS6AI score0.00126EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.11 views

Silicon Labs RS9116 SDK 安全漏洞

Silicon Labs RS9116 SDK is an embedded development toolkit developed by Silicon Labs Corporation for wireless connectivity modules. The Silicon Labs RS9116 SDK has a security vulnerability, which stems from the time limit of HRNG when power saving mode is enabled, resulting in predictable values...

7.4CVSS5.8AI score0.00159EPSS
Exploits0References1
Rows per page
Query Builder