Lucene search
K

444 matches found

Rockylinux
Rockylinux
added 4 days ago6 views

aardvark-dns security update

An update is available for aardvark-dns. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Authoritative DNS server for A/AAAA container records Forwards other...

7.5CVSS6.1AI score0.00383EPSS
Exploits0
Rockylinux
Rockylinux
added 6 days ago3 views

aardvark-dns security update

An update is available for aardvark-dns. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Authoritative DNS server for A/AAAA container records Forwards other...

7.5CVSS6AI score0.00383EPSS
Exploits0
RedHat Linux
RedHat Linux
added 6 days ago4 views

kernel: smb/client: fix out-of-bounds read in smb2_compound_op()

A flaw was found in the Linux kernel's Server Message Block SMB client. A remote attacker, acting as a malicious SMB server, could send a specially crafted, truncated response with an oversized buffer length. This could lead to an out-of-bounds read in the smb2compoundop function, allowing the...

9.1CVSS6.1AI score0.00478EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/07 6:10 p.m.5 views

aardvark-dns: Aardvark-dns: Denial of Service via truncated TCP DNS query and connection reset

A flaw was found in aardvark-dns where a specially crafted TCP DNS query followed by a connection reset can trigger an infinite error loop, leading to 100% CPU usage and a denial of service. As aardvark-dns is only accessible via internal Podman networks, this issue can be exploited by a local...

7.5CVSS5.9AI score0.00383EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/07/07 6:10 p.m.6 views

Moderate: Red Hat Security Advisory: aardvark-dns security update

An update for aardvark-dns is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

7.5CVSS6AI score0.00383EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/07/06 9:21 p.m.4 views

kernel: smb/client: fix out-of-bounds read in smb2_compound_op()

A flaw was found in the Linux kernel's Server Message Block SMB client. A remote attacker, acting as a malicious SMB server, could send a specially crafted, truncated response with an oversized buffer length. This could lead to an out-of-bounds read in the smb2compoundop function, allowing the...

9.1CVSS7.3AI score0.00478EPSS
Exploits0References5
OSV
OSV
added 2026/07/06 6:27 a.m.5 views

OESA-2026-2833 python-zeroconf security update

Pure Python Multicast DNS Service Discovery Library Bonjour/Avahi compatible Security Fixes: readcharacterstring and readstring in src/zeroconf/protocol/incoming.py sliced self.dataself.offset : self.offset + length and advanced self.offset by the declared length without checking it against...

6AI score
Exploits0References2
OSV
OSV
added 2026/06/28 9:26 a.m.3 views

OPENSUSE-SU-2026:21076-1 Security update for giflib

This update for giflib fixes the following issue - CVE-2026-26740: heap out-of-bounds read when processing a specially crafted GIF file containing a GCE block with a truncated extension byte count bsc1259836...

8.2CVSS5.8AI score0.00618EPSS
Exploits1References2
NVD
NVD
added 2026/06/28 2:16 a.m.10 views

CVE-2026-58058

Nmap through 7.99 does not keep the IPv6 extension-header walk within the captured packet in ipv6getdataprimitive libnetutil/netutil.cc, so the pointer advances past the buffer and the remaining-length computation underflows to a large value. A scanned target or on-path attacker returning a craft...

6.9CVSS0.00278EPSS
Exploits0References4
OSV
OSV
added 2026/06/28 2:16 a.m.4 views

DEBIAN-CVE-2026-58058

Nmap through 7.99 does not keep the IPv6 extension-header walk within the captured packet in ipv6getdataprimitive libnetutil/netutil.cc, so the pointer advances past the buffer and the remaining-length computation underflows to a large value. A scanned target or on-path attacker returning a craft...

6.9CVSS5.9AI score0.00278EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53225

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sctp: fix uninit-value in sctprcvasconflookup sctprcvasconflookup in net/sctp/input.c only checks that the ASCONF chunk can hold the ADDIP header and a paramet...

9.1CVSS5.9AI score0.00544EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.7 views

SUSE SLES12 Security Update : giflib (SUSE-SU-2026:2667-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:2667-1 advisory. This update for giflib fixes the following issue - CVE-2026-26740: heap out-of-bounds read when processing a specially crafted GIF file containing a GC...

8.2CVSS7.2AI score0.00618EPSS
Exploits1References4
OSV
OSV
added 2026/06/26 2:8 p.m.2 views

SUSE-SU-2026:2666-1 Security update for giflib

This update for giflib fixes the following issue - CVE-2026-26740: heap out-of-bounds read when processing a specially crafted GIF file containing a GCE block with a truncated extension byte count bsc1259836...

8.2CVSS5.8AI score0.00618EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/06/26 2:9 a.m.8 views

SUSE CVE-2026-53225

In the Linux kernel, the following vulnerability has been resolved: sctp: fix uninit-value in sctprcvasconflookup sctprcvasconflookup in net/sctp/input.c only checks that the ASCONF chunk can hold the ADDIP header and a parameter header, then calls af-fromaddrparam, which reads the full address 1...

9.1CVSS5.8AI score0.00544EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/26 12:32 a.m.5 views

EUVD-2026-39571

PKCS12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. The PKCS12 verify path compared the locally computed HMAC against the MAC parsed from the PKCS12 structure using a length taken directly fr...

6CVSS5.9AI score0.0016EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/25 9:2 p.m.7 views

CVE-2026-6329

PKCS12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. The PKCS12 verify path compared the locally computed HMAC against the MAC parsed from the PKCS12 structure using a length taken directly fr...

6CVSS5.9AI score0.0016EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/06/25 9:2 p.m.19 views

CVE-2026-6329

CVE-2026-6329 describes a vulnerability in PKCS#12 MAC verification in wolfSSL where the verification uses an attacker-controlled comparison length. The PKCS#12 verify path compares the locally computed HMAC against the MAC parsed from the PKCS#12 structure using a length taken directly from atta...

6.5CVSS5.9AI score0.0016EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/25 8:17 p.m.3 views

DEBIAN-CVE-2026-7531

Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026-5460 released in 5.9.1: a malicious TLS 1.3 server sending a truncated PQC hybrid KeyShare can still trigger the error cleanup path to operate on freed memory...

9.8CVSS5.8AI score0.00346EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/25 8:1 p.m.22 views

CVE-2026-7531 Use-after-free in PQC hybrid key-share handling

Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026-5460 released in 5.9.1: a malicious TLS 1.3 server sending a truncated PQC hybrid KeyShare can still trigger the error cleanup path to operate on freed memory...

2.3CVSS0.00346EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 8:1 p.m.4 views

EUVD-2026-39554

Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026-5460 released in 5.9.1: a malicious TLS 1.3 server sending a truncated PQC hybrid KeyShare can still trigger the error cleanup path to operate on freed memory...

6.5CVSS5.8AI score0.00346EPSS
Exploits0References2
Rows per page
Query Builder