Lucene search
K

118 matches found

RedhatCVE
RedhatCVE
added 6 days ago4 views

CVE-2026-53002

A flaw was found in the Linux kernel's netfilter conntrack module. This vulnerability arises from the use of sprintf and insufficient buffer sizing in the manglecontentlen function, which can lead to a stack-out-of-bounds write. An attacker could potentially exploit this memory corruption issue t...

9.8CVSS6AI score0.00351EPSS
Exploits0References4
Cvelist
Cvelist
added 6 days ago35 views

CVE-2026-55892 Vim: Out-of-bounds Write in Spell File Prefix Dump

Vim is an open source, command line text editor. Prior to 9.2.0662, the dumpprefixes function in src/spell.c walks a spell-file prefix trie iteratively with a depth counter while dumping the prefixes that apply to a word. The counter is bounded only by the trie structure itself; it is never check...

5.5CVSS0.00122EPSS
Exploits0References3
CVE
CVE
added 6 days ago11 views

CVE-2026-55892

Vim vulnerability CVE-2026-55892 affects Vim prior to 9.2.0662. The dump_prefixes() function in src/spell.c walks a spell-file prefix trie with a depth counter and indexes fixed MAXWLEN-element arrays (prefix[], arridx[], curi[]). The depth bound is the trie itself, not the array size, allowing a...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/23 4:8 p.m.5 views

CVE-2026-56115

Bootimus through 0.1.70 contains a broken access control vulnerability that allows authenticated low-privileged users to perform administrative actions by exploiting missing role enforcement in the JWTMiddleware function in internal/auth/auth.go, which validates JWT tokens and account status but...

8.8CVSS5.9AI score0.00307EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/06/23 4:8 p.m.33 views

CVE-2026-56114 dhcpcd Stack Out-of-Bounds Write in dhcp6_makemessage()

dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6makemessage in src/dhcp6.c that allows unauthenticated same-link attackers to write beyond a fixed local buffer by serializing an oversized RFC6603 OPTIONPDEXCLUDE option body...

6CVSS0.00175EPSS
Exploits0References2
OSV
OSV
added 2026/06/22 11:10 a.m.2 views

SUSE-SU-2026:2482-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-38549: efivarfs: Fix memory leak of efivarfsfsinfo in fscontext error paths bsc1248235. - CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished...

9.8CVSS7.3AI score0.93235EPSS
Exploits37References222
OSV
OSV
added 2026/06/05 3:48 p.m.9 views

OESA-2026-2550 rsync security update

Rsync is an open source utility that provides fast incremental file transfer. It uses the "rsync algorithm" which provides a very fast method for bringing remote files into sync. It does this by sending just the differences in the files across the link, without requiring that both sets of files a...

8.1CVSS5.7AI score0.0078EPSS
Exploits0References4
OSV
OSV
added 2026/05/29 1:35 p.m.8 views

OESA-2026-2503 rsync security update

Rsync is an open source utility that provides fast incremental file transfer. It uses the "rsync algorithm" which provides a very fast method for bringing remote files into sync. It does this by sending just the differences in the files across the link, without requiring that both sets of files a...

8.1CVSS6AI score0.0078EPSS
Exploits0References3
OSV
OSV
added 2026/05/29 1:35 p.m.9 views

OESA-2026-2502 rsync security update

Rsync is an open source utility that provides fast incremental file transfer. It uses the "rsync algorithm" which provides a very fast method for bringing remote files into sync. It does this by sending just the differences in the files across the link, without requiring that both sets of files a...

8.1CVSS6AI score0.0078EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/21 9:0 a.m.13 views

CVE-2026-45232

A flaw was found in rsync. A network attacker can exploit an off-by-one out-of-bounds stack write vulnerability in the establishproxyconnection function by sending a malformed HTTP proxy response. This occurs when the RSYNCPROXY environment variable is set and the attacker sends a response line o...

5.9CVSS5.7AI score0.00337EPSS
Exploits0References6
Microsoft CVE
Microsoft CVE
added 2026/05/21 8:1 a.m.14 views

Rsync < 3.4.3 Off-by-One Stack Write via HTTP Proxy

...

3.7CVSS5.8AI score0.00337EPSS
Exploits0
NVD
NVD
added 2026/05/20 2:16 a.m.13 views

CVE-2026-45232

Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establishproxyconnection function in socket.c that allows network attackers to corrupt stack memory by sending a malformed HTTP proxy response. Attackers can exploit this by positioning themselves...

3.7CVSS0.00337EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/05/20 12:45 a.m.11 views

CVE-2026-45232

Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establishproxyconnection function in socket.c that allows network attackers to corrupt stack memory by sending a malformed HTTP proxy response. Attackers can exploit this by positioning themselves...

3.7CVSS5.8AI score0.00337EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/20 12:45 a.m.8 views

CVE-2026-45232 Rsync < 3.4.3 Off-by-One Stack Write via HTTP Proxy

Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establishproxyconnection function in socket.c that allows network attackers to corrupt stack memory by sending a malformed HTTP proxy response. Attackers can exploit this by positioning themselves...

3.1CVSS5.8AI score0.00337EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/20 12:45 a.m.5 views

CVE-2026-45232

Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establishproxyconnection function in socket.c that allows network attackers to corrupt stack memory by sending a malformed HTTP proxy response. Attackers can exploit this by positioning themselves...

3.1CVSS5.8AI score0.00337EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/20 12:45 a.m.44 views

CVE-2026-45232 Rsync < 3.4.3 Off-by-One Stack Write via HTTP Proxy

Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establishproxyconnection function in socket.c that allows network attackers to corrupt stack memory by sending a malformed HTTP proxy response. Attackers can exploit this by positioning themselves...

3.1CVSS0.00337EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/05/20 12:45 a.m.11 views

CVE-2026-45232

Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establishproxyconnection function in socket.c that allows network attackers to corrupt stack memory by sending a malformed HTTP proxy response. Attackers can exploit this by positioning themselves...

3.7CVSS5.8AI score0.00337EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2026/05/20 12:0 a.m.11 views

CVE-2026-45232

Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establishproxyconnection function in socket.c that allows network attackers to corrupt stack memory by sending a malformed HTTP proxy response. Attackers can exploit this by positioning themselves...

3.7CVSS5.8AI score0.00337EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.10 views

PT-2026-42055

Name of the Vulnerable Software and Affected Versions rsync versions prior to 3.4.3 Description An off-by-one out-of-bounds stack write exists in the establish proxy connection function within socket.c. Network attackers can corrupt stack memory by sending a malformed HTTP proxy response. This...

8.1CVSS5.8AI score0.0078EPSS
Exploits0References61
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-45232

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establishproxyconnection function in socket.c that allows netwo...

3.7CVSS5.5AI score0.00337EPSS
Exploits0References3
Rows per page
Query Builder