Lucene search
K

10874 matches found

RedhatCVE
RedhatCVE
added last week6 views

CVE-2026-53311

A flaw was found in the FUSE Filesystem in Userspace subsystem of the Linux kernel. An uninitialized value vulnerability exists in the fusedentryrevalidate function, where it may be called with a dentry that has an uninitialized dtime field. This can lead to unpredictable system behavior or a...

5.5CVSS5.7AI score0.00154EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added last week5 views

CVE-2026-53294

A flaw was found in the Linux kernel's mailbox subsystem. This vulnerability occurs when the receive RX channel is aliased to the transmit TX channel with a different Memory-Mapped I/O MMIO and is not properly handled during the freeing of channels. This can lead to a double-free condition, which...

5.5CVSS5.7AI score0.00177EPSS
Exploits0References4
CVE
CVE
added 2026/06/29 12:0 a.m.9 views

CVE-2026-36848

Gigamon GVOS v5.16.1 and earlier is affected by a Directory Traversal in the H-VUE subsystem. The root cause is in the legacy persistd web service (port 8089) of GVOS, where DownloadDbFile and UploadDbFile handlers mishandle user-supplied paths, enabling arbitrary file read/write outside the GVOS...

7.5CVSS5.8AI score0.00695EPSS
Exploits2References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.7 views

PT-2026-53654

Name of the Vulnerable Software and Affected Versions Gigamon GVOS versions prior to 5.16.2 Description The GVOS H-VUE subsystem contains a directory traversal flaw, which allows an attacker to access files and directories outside the intended folder. Recommendations Update Gigamon GVOS to versio...

7.5CVSS5.9AI score0.00695EPSS
Exploits2References6
OSV
OSV
added 2026/06/28 2:16 a.m.3 views

DEBIAN-CVE-2026-58050

libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response and uses it in the allocation numattrs sizeoflibssh2publickeyattribute without bounds checking, so on 32-bit platforms the multiplication overflows to an undersized buffer. A malicious S...

7.5CVSS6AI score0.00333EPSS
Exploits0References1
NVD
NVD
added 2026/06/28 2:16 a.m.11 views

CVE-2026-58051

libssh2 through 1.11.1 grows its publickey list with SSH2REALLOC but does not zero-initialize new entries before parsing populates them, so a parse failure reaching the cleanup path leaves libssh2publickeylistfree operating on an uninitialized entry. A malicious SSH server offering the publickey...

8.3CVSS0.0028EPSS
Exploits0References3
NVD
NVD
added 2026/06/28 2:16 a.m.12 views

CVE-2026-58050

libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response and uses it in the allocation numattrs sizeoflibssh2publickeyattribute without bounds checking, so on 32-bit platforms the multiplication overflows to an undersized buffer. A malicious S...

8.3CVSS0.00333EPSS
Exploits0References3
OSV
OSV
added 2026/06/28 2:16 a.m.2 views

UBUNTU-CVE-2026-58050

libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response and uses it in the allocation numattrs sizeoflibssh2publickeyattribute without bounds checking, so on 32-bit platforms the multiplication overflows to an undersized buffer. A malicious S...

8.3CVSS6AI score0.00333EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/28 1:32 a.m.7 views

EUVD-2026-39970

libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response and uses it in the allocation numattrs sizeoflibssh2publickeyattribute without bounds checking, so on 32-bit platforms the multiplication overflows to an undersized buffer. A malicious S...

8.3CVSS6AI score0.00333EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/28 1:32 a.m.6 views

CVE-2026-58050

libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response and uses it in the allocation numattrs sizeoflibssh2publickeyattribute without bounds checking, so on 32-bit platforms the multiplication overflows to an undersized buffer. A malicious S...

8.3CVSS6AI score0.00333EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/28 1:32 a.m.32 views

CVE-2026-58050 libssh2 - Integer Overflow in publickey Subsystem Attribute Allocation

libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response and uses it in the allocation numattrs sizeoflibssh2publickeyattribute without bounds checking, so on 32-bit platforms the multiplication overflows to an undersized buffer. A malicious S...

8.3CVSS0.00333EPSS
Exploits0References3
CVE
CVE
added 2026/06/28 1:32 a.m.46 views

CVE-2026-58050

CVE-2026-58050 affects libssh2 up to 1.11.1. The publickey subsystem reads an attacker-controlled 32-bit attribute count and uses it in the allocation num_attrs * sizeof(libssh2_publickey_attribute) without bounds checking. On 32-bit platforms, this multiplication can overflow, producing an under...

8.3CVSS6AI score0.00333EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/28 12:0 a.m.10 views

PT-2026-53083

Name of the Vulnerable Software and Affected Versions libssh2 versions prior to 1.11.2 Description An issue exists in the public key parsing process where the software expands its public key list using SSH2 REALLOC but fails to zero-initialize new entries before they are populated. If a parse...

8.3CVSS5.8AI score0.0028EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-58050

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response and uses it in the allocation numattrs...

8.3CVSS7.1AI score0.00333EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:10 a.m.8 views

net: skbuff: fix missing zerocopy reference in pskb_carve helpers

...

7.8CVSS5.8AI score0.0018EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:6 a.m.7 views

ALSA: PCM: Fix wait queue list corruption in snd_pcm_drain() on linked streams

...

7.8CVSS5.8AI score0.00138EPSS
Exploits0
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-53292

In the Linux kernel, the following vulnerability has been resolved: net: phonet: do not BUGON in pnsocketautobind on failed bind syzbot reported a kernel BUG triggered from pnsocketsendmsg via pnsocketautobind: kernel BUG at net/phonet/socket.c:213! RIP: 0010:pnsocketautobind...

0.00155EPSS
Exploits0References2
OSV
OSV
added 2026/06/26 8:17 p.m.4 views

DEBIAN-CVE-2026-53290

In the Linux kernel, the following vulnerability has been resolved: drm/xe/eustall: Fix drmdevput called before stream disable in close In xeeustallstreamclose, drmdevput is called before the stream is disabled and its resources are freed. If this drops the last reference, the device structures...

7.8CVSS5.8AI score0.00124EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/26 7:36 p.m.8 views

CVE-2026-52949

A flaw was found in the Linux kernel's Direct Rendering Manager DRM subsystem. Specifically, within the ttmboshrink function, a backup failure could lead to an infinite Least Recently Used LRU walk. This issue may allow a local attacker to trigger a Denial of Service DoS, making the system...

5.5CVSS5.7AI score0.00162EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/26 7:30 p.m.10 views

CVE-2026-53103

A flaw was found in the Linux kernel's Wi-Fi subsystem, specifically within the mt7925rocabortsync function. This vulnerability can lead to a deadlock condition when rocabortsync attempts to cancel a work item rocwork while rocwork is already holding a mutex. This situation can occur during Wi-Fi...

5.5CVSS5.7AI score0.00166EPSS
Exploits0References4
Rows per page
Query Builder