71 matches found
CVE-2026-52959
A flaw was found in the Linux kernel's Secure Encrypted Virtualization SEV guest module. This vulnerability allows a malicious host to provide an invalid buffer size during an extended guest request. This incorrect handling of host-controlled page order during the cleanup process can lead to a...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: phy: marvell: a3700-comphy: Fix out-of-bounds read issue There is an out-of-bounds read access to gbePhyInitfixfixidx.addr during each iteration after fixidx reaches ARRAYSIZEgbePhyInitfix. Ensure that gbePhyInitaddr is used when...
CVE-2026-46325
Summary (details from sources): CVE-2026-46325 affects the Linux kernel RDMA/rxe code, where iova-to-va conversion fails when MR page_size differs from system PAGE_SIZE. The bug arises because rxe_set_page() uses mr->page_size steps while the page_list holds PAGE_SIZE pages, and ib_sg_to_page(...
EUVD-2026-25483
In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Drop WARN on large size for KVMMEMORYENCRYPTREGREGION Drop the WARN in sevpinmemory on npages overflowing an int, as the WARN is comically trivially to trigger from userspace, e.g. by doing: struct kvmencregion range =...
CVE-2026-31590
The CVE-2026-31590 issue affects the Linux kernel KVM SEV path: sev_pin_memory() would WARN when npages overflowed an int due to KVM_MEMORY_ENCRYPT_REG_REGION with a large size, enabling a local user to trigger a harmless warning via userspace input (e.g., addr=0, size=-1ul). The root cause is th...
CVE-2026-5447
A flaw was found in wolfSSL. A heap buffer overflow, a type of memory corruption vulnerability, occurs when converting an X.509 certificate internally due to incorrect size handling of the AuthorityKeyIdentifier extension. A remote attacker could exploit this flaw to cause a low integrity impact...
EUVD-2026-17229
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in resizevbarentry in libfreerdp/codec/clear.c, vBarEntry-size is updated to vBarEntry-count before the winpralignedrecalloc call. If realloc fails, size is inflated while pixels still points to the old,...
CVE-2026-33055
tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...
CVE-2026-33055
tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...
HCL AION Denial of Service Vulnerability
HCL AION is an AI lifecycle management platform from HCL India. HCL AION suffers from a denial of service vulnerability that stems from improper handling of upload size limits, which can be exploited by an attacker to cause excessive resource consumption or denial of service...
CVE-2025-52636 HCL AION is affected by a improper handling of uploads files Size
HCL AION is affected by a vulnerability related to the handling of upload size limits. Improper control or validation of upload sizes may allow excessive resource consumption, which could potentially lead to service degradation or denial-of-service conditions under certain scenarios...
CVE-2026-23235
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix out-of-bounds access in sysfs attribute read/write Some f2fs sysfs attributes suffer from out-of-bounds memory access and incorrect handling of integer values whose size is not 4 bytes. For example: vm: echo 65537...
kernel: net: use dst_dev_rcu() in sk_setup_caps()
In the Linux kernel, the following vulnerability has been resolved: net: use dstdevrcu in sksetupcaps Use RCU to protect accesses to dst-dev from sksetupcaps and skdstgsomaxsize. Also use dstdevrcu in ip6dstmtumaybeforward, and ipdstmtumaybeforward. ip4dsthoplimit can use dstdevnetrcu...
urllib3: urllib3 Streaming API improperly handles highly compressed data
A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header e.g., gzip, deflate, br, or zstd. The library must read compressed data from the network and decompress it...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from improper handling of reqsize, which could lead to memory corruption and crashes...
CVE-2025-14310
A flaw was found in rethinkdb. This vulnerability allows arbitrary code execution or denial of service via improper handling of input size, leading to a buffer copy without checking the size of the input classic buffer overflow...
UBUNTU-CVE-2025-40182
In the Linux kernel, the following vulnerability has been resolved: crypto: skcipher - Fix reqsize handling Commit afddce13ce81d "crypto: api - Add reqsize to cryptoalg" introduced crareqsize field in cryptoalg struct to replace type specific reqsize fields. It looks like this was introduced...
Astra Linux – Vulnerability in libnbd
A flaw was discovered in libnbd. A server may respond with a block size larger than 2^63 the NBD specification states that the size is a 64-bit unsigned value. This issue could cause an application to crash or lead to other unintended behaviors for NBD clients that do not properly handle the retu...
Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2022-48828)
NFSD: Vulnerability caused by an underflow in iasize due to a mismatch between signed and unsigned 64-bit file size values, which can cause issues when handling large file sizes from NFS clients. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for...
EUVD-2013-3158
Malware in sbrugna...