Lucene search
K

365 matches found

Amazon
Amazon
added 2026/07/08 12:0 a.m.7 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: Fix double-free in teqlmasterxmit CVE-2026-23449 In the Linux kernel, the following vulnerability has been resolved: ext4: validate pidx bounds in ext4extcorrectindexes CVE-2026-31449 In the Linux...

9.8CVSS6AI score0.00742EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/12 2:25 a.m.11 views

SUSE CVE-2026-47734

Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.1.0 and prior to version 1.2.5, a client with push access could push a tiny crafted thin pack 174 bytes whose delta header declares a huge destsize. When dulwich ingested it via addthinpack /...

5.7CVSS5.3AI score0.00188EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/11 4:47 p.m.13 views

CVE-2026-47734

A flaw was found in Dulwich, a pure-Python implementation of Git file formats and protocols. A remote attacker with push access to a Dulwich-based Git server could send a specially crafted thin pack. This crafted pack, with a manipulated delta header, would cause the server to allocate excessive...

6.5CVSS5.5AI score0.00188EPSS
Exploits0References5
OSV
OSV
added 2026/06/10 10:11 p.m.5 views

CVE-2026-47734 Dulwich has unbounded memory allocation in receive-pack from crafted thin packs

Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.1.0 and prior to version 1.2.5, a client with push access could push a tiny crafted thin pack 174 bytes whose delta header declares a huge destsize. When dulwich ingested it via addthinpack /...

5.7CVSS5.9AI score0.00188EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/10 10:11 p.m.10 views

EUVD-2026-36193

Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.1.0 and prior to version 1.2.5, a client with push access could push a tiny crafted thin pack 174 bytes whose delta header declares a huge destsize. When dulwich ingested it via addthinpack /...

5.7CVSS5.4AI score0.00188EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/10 10:11 p.m.9 views

CVE-2026-47734 Dulwich has unbounded memory allocation in receive-pack from crafted thin packs

Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.1.0 and prior to version 1.2.5, a client with push access could push a tiny crafted thin pack 174 bytes whose delta header declares a huge destsize. When dulwich ingested it via addthinpack /...

5.7CVSS5.4AI score0.00188EPSS
Exploits0References2
CVE
CVE
added 2026/06/10 10:11 p.m.29 views

CVE-2026-47734

Dulwich prior to 1.2.5 is vulnerable to an unbounded memory allocation in receive-pack when processing a crafted thin pack. A tiny push (~174 bytes) can declare a huge dest_size in the delta header, causing add_thin_pack / apply_delta to allocate hundreds of MB regardless of actual data. Impacted...

5.7CVSS5.4AI score0.00188EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/10 10:11 p.m.28 views

CVE-2026-47734 Dulwich has unbounded memory allocation in receive-pack from crafted thin packs

Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.1.0 and prior to version 1.2.5, a client with push access could push a tiny crafted thin pack 174 bytes whose delta header declares a huge destsize. When dulwich ingested it via addthinpack /...

5.7CVSS0.00188EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.21 views

Dulwich 资源管理错误漏洞

Dulwich is a Python-based Git repository management interface developed by Jelmer Vernooij. Versions of Dulwich prior to 1.2.5 contained a resource management vulnerability. This vulnerability stemmed from the allocation of memory based on the destsize parameter when handling special thin package...

5.7CVSS5.3AI score0.00188EPSS
Exploits0References1
OSV
OSV
added 2026/06/08 11:43 p.m.10 views

GHSA-XRVJ-V92F-53GJ Dulwich has unbounded memory allocation in receive-pack from crafted thin packs

Impact An uncontrolled-resource-consumption memory exhaustion denial-of-service vulnerability CWE-400 / CWE-789. A client with push access could push a tiny crafted thin pack 174 bytes whose delta header declares a huge destsize. When dulwich ingested it via addthinpack / applydelta, it would...

5.7CVSS5.5AI score0.00188EPSS
Exploits0References4
Snyk
Snyk
added 2026/06/08 11:43 p.m.7 views

Memory Allocation with Excessive Size Value

Overview Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value through the ReceivePackHandler via addthinpack/applydelta flows when handling crafted thin packs with attacker-controlled delta headers. An attacker can cause excessive memory allocation by...

6.8CVSS5.4AI score0.00188EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/08 11:43 p.m.17 views

Dulwich has unbounded memory allocation in receive-pack from crafted thin packs

Impact An uncontrolled-resource-consumption memory exhaustion denial-of-service vulnerability CWE-400 / CWE-789. A client with push access could push a tiny crafted thin pack 174 bytes whose delta header declares a huge destsize. When dulwich ingested it via addthinpack / applydelta, it would...

5.7CVSS5.5AI score0.00188EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.19 views

PT-2026-47590

Impact An uncontrolled-resource-consumption memory exhaustion denial-of-service vulnerability CWE-400 / CWE-789. A client with push access could push a tiny crafted thin pack 174 bytes whose delta header declares a huge dest size. When dulwich ingested it via add thin pack / apply delta, it would...

5.7CVSS5.5AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.22 views

PT-2026-45805

Name of the Vulnerable Software and Affected Versions Dell ThinOS 10 versions prior to 2602 10.0765 Description An improper access control issue exists where a low privileged attacker with local access could potentially achieve privilege escalation. Recommendations Update to version 2602 10.0765 ...

7.8CVSS5.4AI score0.001EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2026/05/29 8:5 a.m.9 views

dm-thin: fix metadata refcount underflow

...

7.8CVSS5.4AI score0.00129EPSS
Exploits0
Fedora
Fedora
added 2026/05/29 1:27 a.m.17 views

[SECURITY] Fedora 43 Update: perl-Sereal-5.005-1.fc43

Sereal is an efficient, compact-output, binary and feature-rich serialization protocol. The Perl encoder is implemented as the Sereal::Encoder module, the Perl decoder correspondingly as Sereal::Decoder. This Sereal module is a very thin wrapper around both Sereal::Encoder and Sereal::Decoder. It...

5.8AI score
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/29 1:17 a.m.12 views

SUSE CVE-2026-46107

In the Linux kernel, the following vulnerability has been resolved: dm-thin: fix metadata refcount underflow There's a bug in dm-thin in the function rebalancechildren. If the internal btree node has one entry, the code tries to copy all btree entries from the node's child to the node itself and...

6.1CVSS5.8AI score0.00129EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-46107

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm-thin: fix metadata refcount underflow There's a bug in dm-thin in the function rebalancechildren. If the internal btree node has one entry, the code tries to...

7.8CVSS6AI score0.00129EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/28 8:33 p.m.12 views

CVE-2026-46107

A flaw was found in the Linux kernel's Device Mapper dm-thin component. This vulnerability, a metadata reference count underflow, occurs in the rebalancechildren function. When an internal btree node with a single entry is shared, the system incorrectly tracks the usage of child nodes. This can...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/28 12:30 p.m.10 views

EUVD-2026-32866

In the Linux kernel, the following vulnerability has been resolved: dm-thin: fix metadata refcount underflow There's a bug in dm-thin in the function rebalancechildren. If the internal btree node has one entry, the code tries to copy all btree entries from the node's child to the node itself and...

5.8AI score0.00129EPSS
Exploits0References6
Rows per page
Query Builder