Lucene search
K

970 matches found

Cvelist
Cvelist
added yesterday24 views

CVE-2026-57432 Perl versions through 5.43.10 have an integer overflow in S_measure_struct leading to an out-of-bounds heap read in pack and unpack

Perl versions through 5.43.10 have an integer overflow in Smeasurestruct leading to an out-of-bounds heap read in pack and unpack. Smeasurestruct adds each item's size times its repeat count to a running total with no overflow check, so a large repeat count in a pack or unpack template wraps the...

Exploits0References2
CVE
CVE
added yesterday9 views

CVE-2026-57432

Perl versions through 5.43.10 have an integer overflow in Smeasurestruct leading to an out-of-bounds heap read in pack and unpack. Smeasurestruct adds each item's size times its repeat count to a running total with no overflow check, so a large repeat count in a pack or unpack template wraps the...

8.4CVSS6.2AI score
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53252

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix memory leak in error path of hciallocdev Early failures in Bluetooth HCI UART configuration leak SRCU percpu memory. When device initialization fails before hciregisterdev completes, the HCIUNREGISTER flag is never...

5.7AI score0.00136EPSS
Exploits0References8Affected Software1
EUVD
EUVD
added 2026/06/25 8:38 a.m.5 views

EUVD-2026-39243

In the Linux kernel, the following vulnerability has been resolved: mmc: dwmmc-rockchip: Add missing private data for very old controllers The really old controllers rk2928, rk3066, rk3188 do not support UHS speeds at all, and thus never handled phase data. For that reason it never had a parsedt...

5.8AI score0.00122EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in hdf5

The HDF5 library from version 1.14.3 has a heap-based buffer overflow issue in the H5Tconvstructopt function within H5Tconv.c...

8.8CVSS7.4AI score0.0092EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: RDMA/restrack: The MR restrack must be released when it is deleted. The MR restrack also needs to be released when it is deleted; otherwise, a memory leak may occur, as the task struct will not be released...

5.6AI score0.002EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 8:16 p.m.12 views

CVE-2025-70102

A NULL pointer dereference occurs in Roy Marples NetworkConfiguration/dhcpcd 10.3.0 while parsing configuration options. In parseoption src/if-options.c:1886, the code performs a member access on a NULL pointer of type 'struct dhcpopt' when an unexpected/invalid option token or parsing state caus...

6.3CVSS0.00169EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/06/12 9:2 p.m.18 views

ConnectBot SSH Client Library: Unbounded SSH field lengths can cause excessive memory allocation

Summary The SSH protocol parser trusted attacker-controlled length and count fields without first checking that the declared values fit within the containing packet. When a client connects to a malicious or compromised SSH server, the server can send a small, malformed packet containing an inner...

5.5AI score
Exploits0References3Affected Software1
NVD
NVD
added 2026/06/09 2:16 p.m.16 views

CVE-2026-46326

In the Linux kernel, the following vulnerability has been resolved: iio: pressure: mprls0025pa: fix spitransfer struct initialisation Make sure that the spitransfer struct is zeroed out before use...

8.4CVSS0.00132EPSS
Exploits0References4
OSV
OSV
added 2026/06/09 12:25 p.m.2 views

CVE-2026-46326 iio: pressure: mprls0025pa: fix spi_transfer struct initialisation

In the Linux kernel, the following vulnerability has been resolved: iio: pressure: mprls0025pa: fix spitransfer struct initialisation Make sure that the spitransfer struct is zeroed out before use...

8.4CVSS6.6AI score0.00132EPSS
Exploits0References7
RustSec
RustSec
added 2026/06/01 12:0 p.m.30 views

Bad-free in `MetaCallException::new`

exceptionstruct is a local stack variable, but the code passes its address to the C language as &mut exceptionstruct as mut as mut cvoid. Then, the returned MetaCallException value is stored here: rust OkSelf exceptionstruct: Arc::newexceptionstruct, value: exceptionptr, leak: false, Because leak...

5.8AI score
Exploits0
NVD
NVD
added 2026/05/28 10:16 a.m.14 views

CVE-2026-46182

In the Linux kernel, the following vulnerability has been resolved: pseries/papr-hvpipe: Prevent kernel stack memory leak to userspace The hdr variable is allocated on the stack and only hdr.version and hdr.flags are initialized explicitly. Because the struct paprhvpipehdr contains reserved paddi...

5.5CVSS0.00126EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:54 a.m.11 views

SUSE CVE-2026-45995

In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix userstruct uaf iofreerbufring usees a struct userstruct, which iozcrxifqfree puts it down before destroying the ring...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.17 views

PT-2026-44305

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A kernel stack memory leak occurs in the pseries/papr-hvpipe component. The hdr variable is allocated on the stack, but only hdr.version and hdr.flags are explicitly initialized. Since t...

9.8CVSS6AI score0.03663EPSS
Exploits16References286
NVD
NVD
added 2026/05/27 2:17 p.m.16 views

CVE-2026-45949

In the Linux kernel, the following vulnerability has been resolved: hwrng: core - use RCU and workstruct to fix race condition Currently, hwrngfill is not cleared until the hwrngfillfn thread exits. Since hwrngunregister reads hwrngfill outside the rngmutex lock, a concurrent hwrngunregister may...

4.7CVSS0.00088EPSS
Exploits0References4
CVE
CVE
added 2026/05/27 12:55 p.m.30 views

CVE-2026-45995

A CVE-2026-45995 has been resolved in the Linux kernel for a local, low-privilege UAF issue in io_uring zcrx handling (io_free_rbuf_ring with a user_struct, freed by io_zcrx_ifq_free before ring destruction). The advisory for openSUSE Tumbleweed indicates the fix is delivered via kernel-devel-7.0...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/27 12:18 p.m.46 views

CVE-2026-45949 hwrng: core - use RCU and work_struct to fix race condition

In the Linux kernel, the following vulnerability has been resolved: hwrng: core - use RCU and workstruct to fix race condition Currently, hwrngfill is not cleared until the hwrngfillfn thread exits. Since hwrngunregister reads hwrngfill outside the rngmutex lock, a concurrent hwrngunregister may...

0.00088EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/05/27 12:18 p.m.10 views

CVE-2026-45949

In the Linux kernel, the following vulnerability has been resolved: hwrng: core - use RCU and workstruct to fix race condition Currently, hwrngfill is not cleared until the hwrngfillfn thread exits. Since hwrngunregister reads hwrngfill outside the rngmutex lock, a concurrent hwrngunregister may...

4.7CVSS5.7AI score0.00088EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/27 12:15 p.m.41 views

CVE-2026-45856 RDMA/uverbs: Validate wqe_size before using it in ib_uverbs_post_send

In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Validate wqesize before using it in ibuverbspostsend ibuverbspostsend uses cmd.wqesize from userspace without any validation before passing it to kmalloc and using the allocated buffer as struct ibuverbssendwr. If a...

7.1CVSS0.00164EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of READONCE to read the struct ublskrvctrlcmd, potentially leading to race conditions...

5.8AI score0.00107EPSS
Exploits0References2
Rows per page
Query Builder