Lucene search
K

56 matches found

OSV
OSV
added 2026/07/06 2:4 a.m.2 views

SUSE-SU-2026:2759-1 Security update for apache2

This update for apache2 fixes the following issues - CVE-2026-29167: modldap per-dir use-after-free bsc1267976. - CVE-2026-29170: modproxyftp XSS bsc1267977. - CVE-2026-34355: modproxyhtml buffer overflow bsc1267978. - CVE-2026-34356: malicious backend servers can lead to a heap-based buffer...

9.8CVSS7.2AI score0.11471EPSS
Exploits8References27
RedhatCVE
RedhatCVE
added 2026/06/26 7:23 a.m.7 views

CVE-2026-53241

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA sequencer dummy port. This vulnerability arises from a stack overread when processing Universal MIDI Packet UMP events, where the system attempts to copy a UMP-sized packet into a smaller, legacy-sized stack storage. Th...

5.5CVSS5.7AI score0.00127EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/06/26 2:8 a.m.7 views

SUSE CVE-2026-53241

In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: dummy: fix UMP event stack overread The dummy sequencer port forwards events by copying an incoming struct sndseqevent into a stack temporary, rewriting source and destination, and dispatching the temporary to...

5.8AI score0.00127EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 9:16 a.m.9 views

CVE-2026-53241

In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: dummy: fix UMP event stack overread The dummy sequencer port forwards events by copying an incoming struct sndseqevent into a stack temporary, rewriting source and destination, and dispatching the temporary to...

5.5CVSS0.00127EPSS
Exploits0References4
CVE
CVE
added 2026/06/25 8:39 a.m.14 views

CVE-2026-53241

Summary: CVE-2026-53241 affects the Linux kernel ALSA sequencer dummy port. A local attacker could trigger a stack overread when handling Universal MIDI Packet (UMP) events due to copying a UMP-sized packet into legacy stack storage, leaving the UMP data truncated. The root cause is the dummy cli...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53241

In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: dummy: fix UMP event stack overread The dummy sequencer port forwards events by copying an incoming struct sndseqevent into a stack temporary, rewriting source and destination, and dispatching the temporary to...

5.8AI score0.00127EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53241

In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: dummy: fix UMP event stack overread The dummy sequencer port forwards events by copying an incoming struct sndseqevent into a stack temporary, rewriting source and destination, and dispatching the temporary to...

5.5CVSS5.7AI score0.00127EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.7 views

PT-2026-52336

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ALSA dummy sequencer port where events are forwarded by copying an incoming struct snd seq event into a stack temporary. Because the legacy event storage is smalle...

5.5CVSS6.1AI score0.00127EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.9 views

Unity Linux 20.1060e / 20.1070e Security Update: aspell (UTSA-2026-017553)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017553 advisory. libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over-read in acommon::unescape in common/getdata.cpp via an isolated \ character. Tenable has...

9.1CVSS7AI score0.03259EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/10 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-5772

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A 1-byte stack buffer over-read was identified in the MatchDomainName function src/internal.c during wildcard hostname validation when the LEFTMOSTWILDCARDONLY...

5.3CVSS5.7AI score0.00228EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.3 views

MiracleLinux 9 : file-5.39-16.el9 (AXSA:2024-7765:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7765:01 advisory. file: stack-based buffer over-read in filecopystr in funcs.c CVE-2022-48554 Tenable has extracted the preceding description block directly from the...

5.5CVSS8.4AI score0.00656EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/12/30 12:0 a.m.5 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992573)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992573 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one Eric Dumazet...

7.1CVSS5.8AI score0.00139EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2025/10/31 4:38 p.m.4 views

Astra Linux - уязвимость в curl

libcurl's URL API function curlurlget offers punycode conversions, to and from IDN. Asking to convert a name that is exactly 256 bytes, libcurl ends up reading outside of a stack based buffer when built to use the macidn IDN backend. The conversion function then fills up the provided buffer exact...

4.3CVSS7.1AI score0.00786EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2018-20456

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p/asmx86nz.c may allow attackers to cause a denial of service application crash in...

5.5CVSS6.2AI score0.01045EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-38667

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack-based buffer over-read in function disasm in nasm 2.16 allows attackers to cause a denial of service. CVE-2023-38667 Note that Nessus relies on the presen...

5.5CVSS6.3AI score0.00262EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2019-20017

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stack-based buffer over-read was discovered in MatVarReadNextInfo5 in mat5.c in matio 1.5.17. CVE-2019-20017 Note that Nessus relies on the presence of the...

6.5CVSS7AI score0.00856EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2019-9033

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libmatio.a in matio aka MAT File I/O Library 1.5.13. There is a stack-based buffer over-read for the Rank and Dimension feature in th...

9.1CVSS7.5AI score0.0207EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-9030

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libmatio.a in matio aka MAT File I/O Library 1.5.13. There is a stack-based buffer over-read in MatVarReadNextInfo5 in mat5.c...

9.1CVSS7.5AI score0.0207EPSS
Exploits1References2
OSV
OSV
added 2024/04/03 3:15 a.m.26 views

UBUNTU-CVE-2024-30166

In Mbed TLS 3.3.0 through 3.5.2 before 3.6.0, a malicious client can cause information disclosure or a denial of service because of a stack buffer over-read of less than 256 bytes in a TLS 1.3 server via a TLS 3.1 ClientHello...

9.1CVSS6AI score0.0073EPSS
Exploits0References4
OSV
OSV
added 2023/08/22 7:16 p.m.6 views

AZL-28055 CVE-2022-48554 affecting package file for versions less than 5.40-3

File before 5.43 has an stack-based buffer over-read in filecopystr in funcs.c. NOTE: "File" is the name of an Open Source project...

5.5CVSS7.7AI score0.00656EPSS
Exploits1References1
Rows per page
Query Builder