CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: dice: fix buffer overflow in detectstreamformats The function detectstreamformats reads the streamcount value directly from a FireWire device without validating it. This can lead to out-of-bounds writes when a malicious...

5.8AI score0.00082EPSS

Exploits0References2

SUSE CVE•added 2025/12/25 12:24 a.m.•1 views

SUSE CVE-2025-68346

5.5CVSS6.9AI score0.00082EPSS

Exploits0References21

EUVD•added 2025/12/24 12:30 p.m.•0 views

EUVD-2025-205108

6.4AI score0.00082EPSS

Exploits0References5

NVD•added 2025/12/24 11:15 a.m.•1 views

CVE-2025-68346

0.00082EPSS

Exploits0References8

OSV•added 2025/12/24 11:15 a.m.•0 views

UBUNTU-CVE-2025-68346

6.1AI score0.00082EPSS

Exploits0References35

CVE•added 2025/12/24 10:32 a.m.•9 views

CVE-2025-68346

The CVE-2025-68346 vulnerability affects the Linux kernel ALSA: dice driver. The root cause is a missing validation of stream_count read from a FireWire device in detect_stream_formats(), which can allow out-of-bounds writes if stream_count exceeds MAX_STREAMS. The fix adds the same validation to...

6.6AI score0.00082EPSS

Exploits0References8

Cvelist•added 2025/12/24 10:32 a.m.•22 views

CVE-2025-68346 ALSA: dice: fix buffer overflow in detect_stream_formats()

0.00082EPSS

Exploits0References8

Positive Technologies•added 2025/11/29 12:0 a.m.•2 views

PT-2025-52882

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The detect stream formats function in the ALSA driver for Digital Interface Communication Engine dice devices does not validate the stream count value received from a FireWire device. A...

6CVSS6.4AI score0.00082EPSS

Exploits0