Lucene search
+L

196 matches found

osv
osv
added 2026/07/07 4:3 p.m.6 views

PYSEC-2026-1856 PyTorch Vulnerable to Remote Code Execution via Untrusted Checkpoint Files

Summary A vulnerability in PyTorch's weightsonly unpickler allows an attacker to craft a malicious checkpoint file .pth that, when loaded with torch.load..., weightsonly=True, can corrupt memory and potentially lead to arbitrary code execution. Vulnerability Details The weightsonly=True unpickler...

8.8CVSS7.4AI score0.00695EPSS
Exploits1References8
amazon
amazon
added 2026/07/07 12:0 a.m.6 views

Important: rclone

Issue Overview: The webp decoder can panic when processing a VP8 chunk with dimensions that do not match the canvas size. CVE-2026-46601 The TIFF decoder does not set a limit on the size of tiles in tiled images, permitting a malicious or corrupt image containing a very large tile to cause...

7.5CVSS5.9AI score0.00346EPSS
Exploits0
osv
osv
added 2026/06/25 8:17 p.m.3 views

DEBIAN-CVE-2026-46601

The webp decoder can panic when processing a VP8 chunk with dimensions that do not match the canvas size...

7.5CVSS5.8AI score0.00339EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/25 7:47 p.m.25 views

CVE-2026-46601 Panic on VP8 alpha channel size mismatch in x/image/webp in golang.org/x/image

The webp decoder can panic when processing a VP8 chunk with dimensions that do not match the canvas size...

0.00339EPSS
Exploits0References3
cve
cve
added 2026/06/25 7:47 p.m.21 views

CVE-2026-46601

The CVE refers to a panic in the golang.org/x/image webp decoder when processing a VP8 chunk whose alpha channel size does not match the canvas size. Affected component: the WebP decoder in x/image/webp. Root cause: mismatch between VP8 chunk dimensions and the canvas size triggers a panic (crash...

7.5CVSS5.8AI score0.00339EPSS
Exploits0References3
nvd
nvd
added 2026/06/25 9:16 a.m.8 views

CVE-2026-53203

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add buffer overflow check in MS getinfoioctl Add validation that the info size returned from the metric stream info query is not exceeded when checked against the allocated buffer size. If the firmware returns a size...

7.1CVSS0.00153EPSS
Exploits0References7
osv
osv
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53143

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix buffer overflow in SDMA queue checkpoint/restore on GFX11 The v11 MQD manager incorrectly assigned the CP-compute variants of checkpointmqd/restoremqd for KFDMQDTYPESDMA queues. These functions use sizeofstruct...

7.8CVSS6.1AI score0.00142EPSS
Exploits0References8
cve
cve
added 2026/06/25 8:39 a.m.12 views

CVE-2026-53203

CVE-2026-53203 affects the Linux kernel’s accel/ivpu component. A buffer overflow can occur when the firmware returns a metric-stream info size larger than the allocated buffer during get_info_ioctl; if this happens, the operation could copy beyond the buffer. Remediation implemented in the publi...

7.1CVSS6AI score0.00153EPSS
Exploits0References7Affected Software1
ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.10 views

PT-2026-52299

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the accel/ivpu component where the get info ioctl function fails to validate the info size returned from the metric stream info query against the allocated buffer size...

7.1CVSS6.2AI score0.00153EPSS
Exploits0References16
nessus
nessus
added 2026/06/25 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-53016

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: ccp - copy IV using skcipher ivsize AFALG rfc3686-ctr-aes-ccp requests pass an 8-byte IV to the driver. ccpaescomplete restores AESBLOCKSIZE bytes into...

7.8CVSS6.2AI score0.00137EPSS
Exploits0References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ethtool: Avoid overflowing the user-space buffer during stats queries The ethtool -S command operates through three ioctl calls: - ETHTOOLGSSETINFO for the size of the statistics data; - ETHTOOLGSTRINGS for the names of the...

6.4AI score0.00191EPSS
Exploits0References3
astralinux
astralinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel 6.0.8, there is a use-after-free in the rununpack function in fs/ntfs3/run.c, which is related to a difference between the NTFS sector size and the media sector size...

7.8CVSS6.6AI score0.00386EPSS
Exploits1References2
osv
osv
added 2026/06/18 10:46 p.m.12 views

GO-2026-5061 Panic on VP8 alpha channel size mismatch in x/image/webp in golang.org/x/image

The webp decoder can panic when processing a VP8 chunk with dimensions that do not match the canvas size...

7.5CVSS5.8AI score0.00339EPSS
Exploits0References2
nessus
nessus
added 2026/06/18 12:0 a.m.13 views

Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2026-23238)

"In the Linux kernel, the following vulnerability has been resolved: romfs: check sbsetblocksize return value romfsfillsuper ignores the return value of sbsetblocksize, which can fail if the requested block size is incompatible with the block device's configuration. This can be triggered by setti...

5.5CVSS5.7AI score0.00189EPSS
Exploits0References3
redhatcve
redhatcve
added 2026/06/09 4:38 p.m.12 views

CVE-2026-46325

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA subsystem, specifically within the rxe component. This vulnerability arises from an incorrect conversion of I/O Virtual Addresses iova to Virtual Addresses va when Memory Regions MRs have page sizes that differ from the...

9.8CVSS5.6AI score0.00347EPSS
Exploits0References4
osv
osv
added 2026/06/09 2:16 p.m.8 views

UBUNTU-CVE-2026-46325

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGESIZE The current implementation incorrectly handles memory regions MRs with page sizes different from the system PAGESIZE. The core issue is that rxesetpage is called...

9.8CVSS5.3AI score0.00347EPSS
Exploits0References9
cvelist
cvelist
added 2026/06/09 12:25 p.m.33 views

CVE-2026-46325 RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGE_SIZE

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGESIZE The current implementation incorrectly handles memory regions MRs with page sizes different from the system PAGESIZE. The core issue is that rxesetpage is called...

9.8CVSS0.00347EPSS
Exploits0References3
euvd
euvd
added 2026/06/09 12:25 p.m.13 views

EUVD-2026-35426

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGESIZE The current implementation incorrectly handles memory regions MRs with page sizes different from the system PAGESIZE. The core issue is that rxesetpage is called...

5.4AI score0.00347EPSS
Exploits0References3
nessus
nessus
added 2026/06/09 12:0 a.m.26 views

Linux Distros Unpatched Vulnerability : CVE-2026-46325

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGESIZE The current implementation incorrectly handles memory regions MRs with page sizes different fr...

9.8CVSS7AI score0.00347EPSS
Exploits0References4
cnnvd
cnnvd
added 2026/06/09 12:0 a.m.16 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the incorrect handling of the iova to va conversion when the MR page size in RDMA/rxe differs from the...

9.8CVSS5.3AI score0.00347EPSS
Exploits0References1
Rows per page
Query Builder