Lucene search
K

71 matches found

RedhatCVE
RedhatCVE
added last week5 views

CVE-2026-52959

A flaw was found in the Linux kernel's Secure Encrypted Virtualization SEV guest module. This vulnerability allows a malicious host to provide an invalid buffer size during an extended guest request. This incorrect handling of host-controlled page order during the cleanup process can lead to a...

7.8CVSS6AI score0.00093EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: phy: marvell: a3700-comphy: Fix out-of-bounds read issue There is an out-of-bounds read access to gbePhyInitfixfixidx.addr during each iteration after fixidx reaches ARRAYSIZEgbePhyInitfix. Ensure that gbePhyInitaddr is used when...

5.5CVSS5.7AI score0.00211EPSS
Exploits0References2
CVE
CVE
added 2026/06/09 12:25 p.m.52 views

CVE-2026-46325

Summary (details from sources): CVE-2026-46325 affects the Linux kernel RDMA/rxe code, where iova-to-va conversion fails when MR page_size differs from system PAGE_SIZE. The bug arises because rxe_set_page() uses mr->page_size steps while the page_list holds PAGE_SIZE pages, and ib_sg_to_page(...

9.8CVSS5.4AI score0.00347EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/24 2:42 p.m.5 views

EUVD-2026-25483

In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Drop WARN on large size for KVMMEMORYENCRYPTREGREGION Drop the WARN in sevpinmemory on npages overflowing an int, as the WARN is comically trivially to trigger from userspace, e.g. by doing: struct kvmencregion range =...

5.4AI score0.00125EPSS
Exploits0References4
CVE
CVE
added 2026/04/24 2:42 p.m.10 views

CVE-2026-31590

The CVE-2026-31590 issue affects the Linux kernel KVM SEV path: sev_pin_memory() would WARN when npages overflowed an int due to KVM_MEMORY_ENCRYPT_REG_REGION with a large size, enabling a local user to trigger a harmless warning via userspace input (e.g., addr=0, size=-1ul). The root cause is th...

5.5CVSS5.4AI score0.00125EPSS
Exploits0References9Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/09 10:13 p.m.8 views

CVE-2026-5447

A flaw was found in wolfSSL. A heap buffer overflow, a type of memory corruption vulnerability, occurs when converting an X.509 certificate internally due to incorrect size handling of the AuthorityKeyIdentifier extension. A remote attacker could exploit this flaw to cause a low integrity impact...

7.5CVSS6AI score0.00222EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/30 9:42 p.m.4 views

EUVD-2026-17229

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in resizevbarentry in libfreerdp/codec/clear.c, vBarEntry-size is updated to vBarEntry-count before the winpralignedrecalloc call. If realloc fails, size is inflated while pixels still points to the old,...

7.5CVSS6.1AI score0.00398EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/03/20 7:6 a.m.5 views

CVE-2026-33055

tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...

8.1CVSS5.3AI score0.00397EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2026/03/20 12:0 a.m.8 views

CVE-2026-33055

tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...

8.1CVSS7AI score0.00397EPSS
Exploits1References4
CNVD
CNVD
added 2026/03/19 12:0 a.m.4 views

HCL AION Denial of Service Vulnerability

HCL AION is an AI lifecycle management platform from HCL India. HCL AION suffers from a denial of service vulnerability that stems from improper handling of upload size limits, which can be exploited by an attacker to cause excessive resource consumption or denial of service...

7.5CVSS5.7AI score0.00144EPSS
Exploits0
Cvelist
Cvelist
added 2026/03/16 2:21 p.m.23 views

CVE-2025-52636 HCL AION is affected by a improper handling of uploads files Size

HCL AION is affected by a vulnerability related to the handling of upload size limits. Improper control or validation of upload sizes may allow excessive resource consumption, which could potentially lead to service degradation or denial-of-service conditions under certain scenarios...

1.8CVSS0.00144EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/03/04 3:16 p.m.3 views

CVE-2026-23235

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix out-of-bounds access in sysfs attribute read/write Some f2fs sysfs attributes suffer from out-of-bounds memory access and incorrect handling of integer values whose size is not 4 bytes. For example: vm: echo 65537...

7.1CVSS5.7AI score0.00156EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2026/02/09 4:51 a.m.4 views

kernel: net: use dst_dev_rcu() in sk_setup_caps()

In the Linux kernel, the following vulnerability has been resolved: net: use dstdevrcu in sksetupcaps Use RCU to protect accesses to dst-dev from sksetupcaps and skdstgsomaxsize. Also use dstdevrcu in ip6dstmtumaybeforward, and ipdstmtumaybeforward. ip4dsthoplimit can use dstdevnetrcu...

5.7AI score0.0017EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/01/28 3:32 p.m.11 views

urllib3: urllib3 Streaming API improperly handles highly compressed data

A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header e.g., gzip, deflate, br, or zstd. The library must read compressed data from the network and decompress it...

8.9CVSS5.9AI score0.00622EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/12/24 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from improper handling of reqsize, which could lead to memory corruption and crashes...

6.2AI score0.00155EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/12/09 5:3 p.m.2 views

CVE-2025-14310

A flaw was found in rethinkdb. This vulnerability allows arbitrary code execution or denial of service via improper handling of input size, leading to a buffer copy without checking the size of the input classic buffer overflow...

9.3CVSS7.6AI score0.00361EPSS
Exploits0References2
OSV
OSV
added 2025/11/12 10:15 p.m.7 views

UBUNTU-CVE-2025-40182

In the Linux kernel, the following vulnerability has been resolved: crypto: skcipher - Fix reqsize handling Commit afddce13ce81d "crypto: api - Add reqsize to cryptoalg" introduced crareqsize field in cryptoalg struct to replace type specific reqsize fields. It looks like this was introduced...

5.7AI score0.00165EPSS
Exploits0References10
AstraLinux
AstraLinux
added 2025/11/01 10:54 a.m.3 views

Astra Linux – Vulnerability in libnbd

A flaw was discovered in libnbd. A server may respond with a block size larger than 2^63 the NBD specification states that the size is a 64-bit unsigned value. This issue could cause an application to crash or lead to other unintended behaviors for NBD clients that do not properly handle the retu...

6.5CVSS6.4AI score0.00746EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.4 views

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2022-48828)

NFSD: Vulnerability caused by an underflow in iasize due to a mismatch between signed and unsigned 64-bit file size values, which can cause issues when handling large file sizes from NFS clients. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for...

5.5CVSS6.7AI score0.00251EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2013-3158

Malware in sbrugna...

6.4CVSS6.4AI score0.02378EPSS
Exploits0References3
Rows per page
Query Builder