Lucene search
K

4237 matches found

NVD
NVD
added 2026/06/19 2:16 p.m.10 views

CVE-2026-48137

There is an untrusted pointer dereference vulnerability in the NI grpc-device sideband streaming API that may allow an attacker to cause an arbitrary memory dereference, potentially resulting in remote code execution. Successful exploitation requires an attacker to supply a specially...

9.8CVSS0.00549EPSS
Exploits0References2
NVD
NVD
added 2026/06/19 2:16 p.m.14 views

CVE-2026-48138

There is an out-of-bounds read vulnerability in the NI grpc-device streaming API due to a missing bounds check that may result in a denial of service. Successful exploitation requires an attacker to supply a specially crafted write request. This affects NI grpc-device 2.17.0 and prior versions...

8.7CVSS0.00343EPSS
Exploits0References2
CVE
CVE
added 2026/06/19 1:16 p.m.28 views

CVE-2026-48138

CVE-2026-48138 affects NI’s grpc-device streaming API and is an out-of-bounds read caused by a missing bounds check. Affected versions are NI grpc-device 2.17.0 and earlier. The vulnerability can lead to denial of service when an attacker sends a specially crafted write request. Exploitation deta...

8.7CVSS5.9AI score0.00343EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/19 1:16 p.m.32 views

CVE-2026-48138 Out-of-bounds read vulnerability in the NI grpc-device streaming API

There is an out-of-bounds read vulnerability in the NI grpc-device streaming API due to a missing bounds check that may result in a denial of service. Successful exploitation requires an attacker to supply a specially crafted write request. This affects NI grpc-device 2.17.0 and prior versions...

8.7CVSS0.00343EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/19 1:5 p.m.30 views

CVE-2026-48137 Untrusted pointer dereference in NI grpc-device sideband streaming API

There is an untrusted pointer dereference vulnerability in the NI grpc-device sideband streaming API that may allow an attacker to cause an arbitrary memory dereference, potentially resulting in remote code execution. Successful exploitation requires an attacker to supply a specially...

9.3CVSS0.00549EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: “Revert ‘media: iris’: Add a sanity check for stopping streaming.” This change is reflected in the commit ad699fa78b59241c9d71a8cafb51525f3dab04d4. The check that previously skipped “stopstreaming” when the instance was in...

5.5CVSS5.9AI score0.00126EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Return queued buffers on startstreaming failure Buffers are returned if streaming fails to start due to a uvcpmget error. This bug may be responsible for the warning I received when running: while :; do yavta -c3...

7.8CVSS5.7AI score0.00128EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.11 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: vsp1: Replace vb2isstreaming with vb2startstreamingcalled. The vsp1 driver uses the vb2isstreaming function in its .bufqueue handler to check whether the .startstreaming operation has been called. It then decides whether t...

5.5CVSS5.6AI score0.0015EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: stk1160: If the start stream fails, the buffers should be returned with the state “VB2BUFSTATEQUEUED”. Currently, buffers are returned with the state “VB2BUFSTATEERROR”, which is incorrect. This issue has been fixed. This...

5.5CVSS5.6AI score0.00253EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Wireshark

RTSP protocol dissector crashes in Wireshark versions 4.6.0 to 4.6.4...

5.5CVSS5.8AI score0.00124EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in OpenSSL

The public API function BIOnewNDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally by OpenSSL to support SMIME, CMS, and PKCS7 streaming capabilities. However, it can also be called directly by end-user applications. This function receives a BIO from...

7.5CVSS7AI score0.04494EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: camss: Clean up received buffers on failed start of streaming It is necessary to return the received buffers if streaming cannot be started. For example, mediapipelinestart may fail with an EPIPE error if a link validation...

5.2AI score0.00216EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.18 views

PT-2026-50889

Name of the Vulnerable Software and Affected Versions NI grpc-device versions prior to 2.17.0 Description An out-of-bounds read occurs in the NI grpc-device streaming API because of a missing bounds check. This issue can lead to a denial of service if an attacker provides a specially crafted writ...

8.7CVSS5.9AI score0.00343EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.12 views

PT-2026-51014

Name of the Vulnerable Software and Affected Versions urllib3 version 2.6.3 Brotli version 1.2.0 Description A decompression bomb bypass exists in the streaming API preload content=False when Brotli support is used. This occurs because three independent code paths in response.py bypass the max...

7.5CVSS7.4AI score0.00304EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.21 views

PT-2026-50888

Name of the Vulnerable Software and Affected Versions NI grpc-device versions prior to 2.17.0 Description An untrusted pointer dereference exists in the sideband streaming API. This issue allows an attacker to trigger an arbitrary memory dereference, which could lead to remote code execution...

9.8CVSS6.3AI score0.00549EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/18 1:55 p.m.16 views

CVE-2026-12527

A broken authorization boundary in the RTSP media delivery pipeline of Shenzhen Liandian Communication Technology LTD V380 IP Camera firmware AppFHE1V1.0.6.020230803 enables unauthenticated network actors to bypass the device’s credential-enforced live-view workflow and directly retrieve real-tim...

6CVSS0.00154EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.14 views

PT-2026-50675

Name of the Vulnerable Software and Affected Versions Shenzhen Liandian Communication Technology LTD V380 IP Camera firmware AppFHE1 V1.0.6.020230803 Description A broken authorization boundary in the RTSP Real Time Streaming Protocol, a network control protocol for delivering audio and video med...

6CVSS5.8AI score0.00154EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/17 11:38 a.m.10 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.64 security and extras update

Red Hat OpenShift Container Platform release 4.16.64 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a security impact of...

8.7CVSS5.5AI score0.00656EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/16 7:39 a.m.7 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.22.1 security and extras update

Red Hat OpenShift Container Platform release 4.22.1 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.22. Red Hat Product Security has rated this update as having a security impact of...

8.7CVSS5.5AI score0.00656EPSS
Exploits0References2
CVE
CVE
added 2026/06/15 9:55 p.m.14 views

CVE-2026-48854

The CVE-2026-48854 affects the elixir-grpc/grpc project. The vulnerability resides in Elixir.GRPC.Server.Adapters.Cowboy.Handler:read_full_body/3, which accumulates every received chunk into a growing binary with no size cap. If the grpc-timeout header is omitted, per-chunk read timeouts resolve ...

8.7CVSS5.4AI score0.00344EPSS
Exploits0References4
Rows per page
Query Builder