Lucene search
K

68 matches found

CVE
CVE
added 2026/06/24 7:14 a.m.29 views

CVE-2026-52937

CVE-2026-52937 concerns the Linux kernel where the tap_ioctl() path handling SIOCGIFHWADDR leaks kernel stack contents by copying 16 bytes of an uninitialised sockaddr_storage to userspace. Specifically, netif_get_mac_address() writes only sa_family and dev->addr_len (6 bytes), leaving sa_data...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/06/24 7:14 a.m.4 views

CVE-2026-52937 tap: fix stack info leak in tap_ioctl() SIOCGIFHWADDR

In the Linux kernel, the following vulnerability has been resolved: tap: fix stack info leak in tapioctl SIOCGIFHWADDR In the SIOCGIFHWADDR path, tapioctl copies 16 bytes of an uninitialised on-stack struct sockaddrstorage to userspace via ifrhwaddr, but netifgetmacaddress only writes safamily an...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/06/24 7:14 a.m.4 views

CVE-2026-52937

In the Linux kernel, the following vulnerability has been resolved: tap: fix stack info leak in tapioctl SIOCGIFHWADDR In the SIOCGIFHWADDR path, tapioctl copies 16 bytes of an uninitialised on-stack struct sockaddrstorage to userspace via ifrhwaddr, but netifgetmacaddress only writes safamily an...

5.5CVSS5.7AI score0.00112EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/05/29 8:5 a.m.10 views

net: rtnetlink: zero ifla_vf_broadcast to avoid stack infoleak in rtnl_fill_vfinfo

...

5.5CVSS5.4AI score0.00128EPSS
Exploits0
NVD
NVD
added 2026/05/28 10:16 a.m.21 views

CVE-2026-46132

In the Linux kernel, the following vulnerability has been resolved: net: rtnetlink: zero iflavfbroadcast to avoid stack infoleak in rtnlfillvfinfo rtnlfillvfinfo declares struct iflavfbroadcast on the stack without initialisation: struct iflavfbroadcast vfbroadcast; The struct contains a single...

5.5CVSS0.00128EPSS
Exploits0References8
OSV
OSV
added 2026/05/28 10:16 a.m.8 views

UBUNTU-CVE-2026-46132

In the Linux kernel, the following vulnerability has been resolved: net: rtnetlink: zero iflavfbroadcast to avoid stack infoleak in rtnlfillvfinfo rtnlfillvfinfo declares struct iflavfbroadcast on the stack without initialisation: struct iflavfbroadcast vfbroadcast; The struct contains a single...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/05/28 9:35 a.m.13 views

CVE-2026-46132

In the Linux kernel, the following vulnerability has been resolved: net: rtnetlink: zero iflavfbroadcast to avoid stack infoleak in rtnlfillvfinfo rtnlfillvfinfo declares struct iflavfbroadcast on the stack without initialisation: struct iflavfbroadcast vfbroadcast; The struct contains a single...

5.5CVSS5.7AI score0.00128EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.19 views

PT-2026-44255

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A stack information leak exists in the rtnl fill vfinfo function. The function declares a struct ifla vf broadcast on the stack without initialization. This structure contains a 32-byte...

9.8CVSS5.9AI score0.00491EPSS
Exploits0References366
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.7 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013251)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013251 advisory. The dohidpsockioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kern...

3.3CVSS6.7AI score0.00495EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004114)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004114 advisory. A stack information leak flaw was found in s390/s390x in the Linux kernels memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmmtimeout...

4.4CVSS6.4AI score0.00366EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989110)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989110 advisory. In the Linux kernel, the following vulnerability has been resolved: comedi: dt9812: fix DMA buffers on stack USB transfer buffers are typically mapped for DMA and mu...

7.8CVSS5.9AI score0.00721EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.4 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989359)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989359 advisory. In the Linux kernel, the following vulnerability has been resolved: ipack: ipoctal: fix stack information leak The tty driver name is used also after registering the...

5.5CVSS6AI score0.00243EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-13469

Malware in sbrugna...

6.5CVSS6.7AI score0.01212EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-1555

Malware in sbrugna...

5.5CVSS6.4AI score0.00139EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-3187

Malware in sbrugna...

4.4CVSS6.2AI score0.00366EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986749)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986749 advisory. In the Linux kernel, the following vulnerability has been resolved: ipack: ipoctal: fix stack information leak The tty driver name is used also after registering the...

5.5CVSS6AI score0.00243EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 3:57 p.m.9 views

CVE-2020-0048

In onTransact of IAudioFlinger.cpp, there is a possible stack information leak due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID:...

5.5CVSS7.6AI score0.00139EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2020-10773

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stack information leak flaw was found in s390/s390x in the Linux kernel's memory manager functionality, where it incorrectly writes to the...

4.4CVSS6.6AI score0.00366EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/12/11 4:20 p.m.8 views

php: Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP

A vulnerability was found in PHP where the weak randomness affects applications that use SOAP with HTTP Digest authentication against a possibly malicious server over HTTP allows a remote authenticated attackers to cause a stack information leak...

4.3CVSS5.8AI score0.00709EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/06/25 12:0 a.m.160 views

SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2024:2184-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2184-1 advisory. The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following securi...

9.8CVSS7.2AI score0.01358EPSS
Exploits6References609
Rows per page
Query Builder