Lucene search
K

18 matches found

RedHat Linux
RedHat Linux
added 2026/05/19 1:50 p.m.15 views

luksmeta: Data corruption when handling LUKS1 partitions with luksmeta

A data corruption vulnerability has been identified in the luksmeta utility when used with the LUKS1 disk encryption format. An attacker with the necessary permissions can exploit this flaw by writing a large amount of metadata to an encrypted device. The utility fails to correctly validate the...

4.4CVSS5.7AI score0.00093EPSS
Exploits0References5
OSV
OSV
added 2026/04/09 1:20 p.m.3 views

SUSE-SU-2026:21052-1 Security update for the Linux Kernel RT (Live Patch 14 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-38.1 fixes various security issues The following security issues were fixed: - CVE-2025-40159: xsk: Harden userspace-supplied xdpdesc validation bsc1253404. - CVE-2025-71120: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in...

7.8CVSS6.1AI score0.00344EPSS
Exploits7References13
CVE
CVE
added 2026/03/18 9:44 p.m.16 views

CVE-2026-4407

The CVE-2026-4407 issue affects Xpdf 4.06 and earlier, caused by an out-of-bounds array write stemming from incorrect validation of the “N” field in ICCBased color spaces. The vulnerability is rooted in input validation for ICCBased color space handling, leading to potential memory access issues....

2.1CVSS5.8AI score0.00143EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/03/18 9:44 p.m.3 views

CVE-2026-4407

Out-of-bounds array write in Xpdf 4.06 and earlier, due to incorrect validation of the "N" field in ICCBased color spaces...

2.1CVSS5.3AI score0.00143EPSS
Exploits0
CVE
CVE
added 2025/10/15 7:37 p.m.46 views

CVE-2025-11568

CVE-2025-11568 affects the luksmeta utility when used with the LUKS1 partition format. The vulnerability allows a user with necessary permissions to write excessive metadata, and due to improper validation of available space, this metadata can overwrite and corrupt the encrypted data, potentially...

4.4CVSS6.4AI score0.00093EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/10/15 12:0 a.m.4 views

Red Hat Enterprise Linux 10 安全漏洞

Red Hat Enterprise Linux 10 is a suite of Linux operating systems for business users from Red Hat, an American company. A security vulnerability exists in Red Hat Enterprise Linux 10 that stems from not properly validating free space, which could result in user encrypted data being overwritten an...

4.4CVSS6.4AI score0.00093EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2010-3882

Malware in sbrugna...

7.8CVSS6.3AI score0.11217EPSS
Exploits16References25
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-1675

Malware in sbrugna...

10CVSS9.5AI score0.01172EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-43565

Malicious code in bioql PyPI...

7.8CVSS6.6AI score0.00073EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2025/07/25 12:47 p.m.4 views

CVE-2025-38366

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Check validity of "numcpu" from user space The maximum supported cpu number is EIOINTCROUTEMAXVCPUS about irqchip EIOINTC, here add validation about cpu number to avoid array pointer overflow...

7.8CVSS6.3AI score0.00145EPSS
Exploits0
Cvelist
Cvelist
added 2025/06/18 9:33 a.m.9 views

CVE-2025-38067 rseq: Fix segfault on registration when rseq_cs is non-zero

In the Linux kernel, the following vulnerability has been resolved: rseq: Fix segfault on registration when rseqcs is non-zero The rseqcs field is documented as being set to 0 by user-space prior to registration, however this is not currently enforced by the kernel. This can result in a segfault ...

0.00467EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/09/05 12:0 a.m.8 views

FreeBSD 安全漏洞

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. A security vulnerability exists in FreeBSD that stems from the ctlreportsupportedopcodes function not adequately validating user-space-supplied fields, allowing arbitrary writes to a limited amount of kernel helper memor...

8.8CVSS6.7AI score0.00395EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/08/30 12:0 a.m.35 views

Vim < 9.1.0697 Heap Buffer Overflow

The version of Vim installed on the remote host is prior to 9.1.0697. It is, therefore, affected by a heap buffer overflow vulnerability. When flushing the typeahead buffer, Vim moves the current position in the typeahead buffer but does not check whether there is enough space left in the buffer ...

4.5CVSS6.5AI score0.00296EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/07/29 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a lack of validation of the space occupied by the xlogopheader fixed member in xlogrecoverprocessdata...

7.1CVSS6.6AI score0.00224EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/04/30 12:0 a.m.16 views

PT-2025-26006 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.19.0 Description: The issue arises from an integer overflow in the register shm helper function when calculating the number of pages covered by a user-supplied memory region. This causes a NULL pointer...

9.8CVSS6.4AI score0.28058EPSS
Exploits22References219
RedHat Linux
RedHat Linux
added 2021/01/25 8:1 p.m.94 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.6.13 bug fix and security update

Red Hat OpenShift Container Platform release 4.6.13 is now available with updates to packages and images that fix several bugs. This release also includes a security update for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a security impact of...

5.5CVSS6.6AI score0.00461EPSS
Exploits0References17
NVD
NVD
added 2019/09/30 4:15 p.m.29 views

CVE-2019-10506

While processing QCANL80211VENDORSUBCMDAVOIDFREQUENCY vendor command, driver does not validate the data obtained from the user space which could be invalid and thus leads to an undesired behaviour in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdrago...

7.8CVSS8.3AI score0.00192EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2016/08/31 12:0 a.m.7 views

The vulnerability of the Android operating system, which allows a hacker to increase their privileges

The vulnerability of the mdss mdp3 driver components of Qualcomm’s Android operating system is related to the lack of data validation for user space. Exploiting this vulnerability allows a malicious actor to enhance their privileges through a specially created application...

6.8CVSS7.2AI score0.00454EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder