Lucene search
K

125 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-53241

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: seq: dummy: fix UMP event stack overread The dummy sequencer port forwards events by copying an incoming struct sndseqevent into a stack temporary,...

5.5CVSS6AI score0.00127EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/26 2:8 a.m.7 views

SUSE CVE-2026-53241

In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: dummy: fix UMP event stack overread The dummy sequencer port forwards events by copying an incoming struct sndseqevent into a stack temporary, rewriting source and destination, and dispatching the temporary to...

5.8AI score0.00127EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53241

In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: dummy: fix UMP event stack overread The dummy sequencer port forwards events by copying an incoming struct sndseqevent into a stack temporary, rewriting source and destination, and dispatching the temporary to...

5.5CVSS5.7AI score0.00127EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.7 views

PT-2026-52336

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ALSA dummy sequencer port where events are forwarded by copying an incoming struct snd seq event into a stack temporary. Because the legacy event storage is smalle...

5.5CVSS6.1AI score0.00127EPSS
Exploits0References17
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fixed potential memory leaks at the error handling path for UMP operations. The allocation and initialization errors in allocmidiurbs, which occur when the function is called during MIDI 2.0/UMP device operations...

5.7AI score0.00145EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2026/04/13 4:0 p.m.13 views

K000160741: Linux kernel vulnerability CVE-2025-37891

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: ALSA: ump: Fix buffer overflow at UMP SysEx message conversion. The conversion function from MIDI 1.0 to UMP packet contains an internal buffer to keep the incoming MIDI bytes, and its size is 4, as ...

7.8CVSS5.9AI score0.00205EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.5 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-37891)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37891 advisory. - In the Linux kernel, the following vulnerability has been resolved: ALSA: ump: Fix buffer overflow at UMP...

7.8CVSS7AI score0.00205EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.8 views

RHEL 9 : kernel (RHSA-2026:0804)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0804 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: NFSD: fix hang in...

7.8CVSS7.3AI score0.00244EPSS
Exploits0References14
NVD
NVD
added 2025/12/24 11:15 a.m.9 views

CVE-2023-54022

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential memory leaks at error path for UMP open The allocation and initialization errors at allocmidiurbs that is called at MIDI 2.0 / UMP device are supposed to be handled at the caller side by invoking...

0.00145EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/12/24 11:15 a.m.5 views

CVE-2023-54022

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential memory leaks at error path for UMP open The allocation and initialization errors at allocmidiurbs that is called at MIDI 2.0 / UMP device are supposed to be handled at the caller side by invoking...

5.7AI score0.00145EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/24 10:55 a.m.30 views

CVE-2023-54022 ALSA: usb-audio: Fix potential memory leaks at error path for UMP open

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential memory leaks at error path for UMP open The allocation and initialization errors at allocmidiurbs that is called at MIDI 2.0 / UMP device are supposed to be handled at the caller side by invoking...

0.00145EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2022-35036

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e1fc8. CVE-2022-35036 Note that Nessus relies on the presenc...

6.5CVSS6.7AI score0.00767EPSS
Exploits1References2
NVD
NVD
added 2025/05/19 8:15 a.m.16 views

CVE-2025-37891

In the Linux kernel, the following vulnerability has been resolved: ALSA: ump: Fix buffer overflow at UMP SysEx message conversion The conversion function from MIDI 1.0 to UMP packet contains an internal buffer to keep the incoming MIDI bytes, and its size is 4, as it was supposed to be the max...

7.8CVSS0.00205EPSS
Exploits0References4
CVE
CVE
added 2025/05/19 7:19 a.m.116 views

CVE-2025-37891

The provided documents confirm CVE-2025-37891 affects the Linux kernel’s ALSA: ump path, where SysEx messages could overflow an internal 4-byte buffer during MIDI 1.0 to UMP conversion. The root cause is that SysEx can be up to 6 bytes, exceeding the original 4-byte buffer, risking memory corrupt...

7.8CVSS7.1AI score0.00205EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2025/05/19 7:19 a.m.23 views

CVE-2025-37891 ALSA: ump: Fix buffer overflow at UMP SysEx message conversion

In the Linux kernel, the following vulnerability has been resolved: ALSA: ump: Fix buffer overflow at UMP SysEx message conversion The conversion function from MIDI 1.0 to UMP packet contains an internal buffer to keep the incoming MIDI bytes, and its size is 4, as it was supposed to be the max...

0.00205EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/03/18 12:0 a.m.10 views

CVE-2024-25657

An open redirect in the Login/Logout functionality of web management in AVSystem Unified Management Platform UMP 23.07.0.16567LTS could allow attackers to redirect authenticated users to malicious websites...

6.7AI score0.00318EPSS
Exploits0References1
CVE
CVE
added 2024/03/18 12:0 a.m.71 views

CVE-2024-25654

CVE-2024-25654 affects AVSystem Unified Management Platform (UMP) version 23.07.0.16567~LTS. The root cause is insecure permissions on log files, which, for users with local access to the UMP application server, can expose credentials used to authenticate to all services and can enable decryption...

5.5CVSS6.4AI score0.00214EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2024/03/18 12:0 a.m.68 views

CVE-2024-25655

CVE-2024-25655 affects AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS. The root cause is insecure storage of LDAP passwords in the authentication functionality, enabling users who have read access to the application database to decrypt LDAP passwords of users who authenticate via LD...

6.5CVSS6.8AI score0.00455EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/18 12:0 a.m.11 views

CVE-2024-25655

Insecure storage of LDAP passwords in the authentication functionality of AVSystem Unified Management Platform UMP 23.07.0.16567LTS allows members with read access to the application database to decrypt the LDAP passwords of users who successfully authenticate to web management via LDAP...

7.2AI score0.00455EPSS
Exploits0References1
CVE
CVE
added 2024/03/18 12:0 a.m.66 views

CVE-2024-25656

CVE-2024-25656 affects AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS. The root cause is improper input validation that allows unauthenticated CPE devices to store arbitrarily large amounts of data during enrollment, which can lead to a denial of service by overloading the applicati...

5.9CVSS7AI score0.00465EPSS
Exploits0References1
Rows per page
Query Builder