Lucene search
K

495 matches found

Cvelist
Cvelist
added 2026/05/06 11:27 a.m.26 views

CVE-2026-43166 erofs: fix interlaced plain identification for encoded extents

In the Linux kernel, the following vulnerability has been resolved: erofs: fix interlaced plain identification for encoded extents Only plain data whose start position and on-disk physical length are both aligned to the block size should be classified as interlaced plain extents. Otherwise, it mu...

7.1CVSS0.00132EPSS
Exploits0References3
RustSec
RustSec
added 2026/05/02 12:0 p.m.10 views

Double-free in `Chomp::inner()`

Chomp::inner uses std::ptr::readunaligned to move out the value from a raw pointer. If the original value is an owned type e.g. Box, calling inner moves out the ownership, but the original variable will still be dropped at the end of its scope. This causes the same heap memory to be freed twice,...

5.8AI score
Exploits0
OSV
OSV
added 2026/05/02 12:0 p.m.6 views

RUSTSEC-2026-0131 Double-free in `Chomp::inner()`

Chomp::inner uses std::ptr::readunaligned to move out the value from a raw pointer. If the original value is an owned type e.g. Box, calling inner moves out the ownership, but the original variable will still be dropped at the end of its scope. This causes the same heap memory to be freed twice,...

5.8AI score
Exploits0References3
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.10 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unaligned DMA cache for long HMAC key memory allocations in the caam driver, which could lead to hash key...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References1
RustSec
RustSec
added 2026/04/24 12:0 p.m.14 views

Possible unaligned data access for implementations of `SqliteAggregate`

Diesel allows to register custom aggregate SQL functions for SQLite via the SqliteAggregate interface. To store an instance of the custom aggregate processor Diesel relied on the sqlite3aggregatecontext function provided by sqlite. This function doesn't provide any guarantees about alignment of t...

5.9AI score
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.5 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013499)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013499 advisory. In the Linux kernel, the following vulnerability has been resolved: arm64: extable: fix loadunalignedzeropad reg indices In exhandlerloadunalignedzeropad we...

6.2CVSS5.8AI score0.00188EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.11 views

Unity Linux 20.1050a / 20.1060a Security Update: kernel (UTSA-2026-013389)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013389 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix scsimodesense buffer length handling Several problems exist with scsimodesense...

5.5CVSS7AI score0.00196EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013396)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013396 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix scsimodesense buffer length handling Several problems exist with scsimodesense...

5.5CVSS6.3AI score0.00196EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.6 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010679)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010679 advisory. In the Linux kernel, the following vulnerability has been resolved: arm64: extable: fix loadunalignedzeropad reg indices In exhandlerloadunalignedzeropad we...

6.2CVSS5.8AI score0.00188EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/09 8:22 p.m.3 views

EUVD-2026-20990

Wasmtime: Panic when transcoding misaligned utf-16 strings...

5.9CVSS5.9AI score0.00354EPSS
Exploits0References1
NVD
NVD
added 2026/04/09 7:16 p.m.6 views

CVE-2026-34942

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime's implementation of transcoding strings into the Component Model's utf16 or latin1+utf16 encodings improperly verified the alignment of reallocated strings. This meant that unaligned pointers could be...

6.5CVSS0.00354EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/04/09 7:16 p.m.5 views

CVE-2026-34942

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime's implementation of transcoding strings into the Component Model's utf16 or latin1+utf16 encodings improperly verified the alignment of reallocated strings. This meant that unaligned pointers could be...

6.5CVSS5.8AI score0.00354EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/09 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-34942

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime's implementation of transcoding strings into the Component Model's...

6.5CVSS5.5AI score0.00354EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/04/07 11:25 p.m.4 views

SUSE CVE-2026-34379

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.2.0 to before 3.2.7, 3.3.9, and 3.4.9, a misaligned memory write vulnerability exists in LossyDctDecoderexecute in...

6.1CVSS6AI score0.00283EPSS
Exploits1References4
OSV
OSV
added 2026/04/06 4:16 p.m.3 views

DEBIAN-CVE-2026-34379

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.2.0 to before 3.2.7, 3.3.9, and 3.4.9, a misaligned memory write vulnerability exists in LossyDctDecoderexecute in...

7.1CVSS5.6AI score0.00283EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/06 3:21 p.m.32 views

CVE-2026-34379 OpenEXR has a misaligned write in LossyDctDecoder_execute leading to undefined behavior (DWA/DWAB decompression)

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.2.0 to before 3.2.7, 3.3.9, and 3.4.9, a misaligned memory write vulnerability exists in LossyDctDecoderexecute in...

7.1CVSS0.00283EPSS
Exploits1References4
CVE
CVE
added 2026/04/06 3:21 p.m.24 views

CVE-2026-34379

CVE-2026-34379 affects OpenEXR across 3.2.x, 3.3.x, and 3.4.x: a misaligned memory write in LossyDctDecoder_execute() for FLOAT channels during in-place HALF→FLOAT conversion. The decoder casts an unaligned uint8_t* row pointer to float* and writes, causing undefined behavior and potential crash ...

7.1CVSS6AI score0.00283EPSS
Exploits1References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/06 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-34379

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.2.0 to...

7.1CVSS5.7AI score0.00283EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/03/31 12:0 a.m.8 views

iccDEV 安全漏洞

iccDEV is an open-source color configuration code library developed by the International Color Consortium. Versions of iccDEV prior to 2.3.1.6 contained security vulnerabilities. These vulnerabilities stemmed from unaligned member access during the processing of custom ICC configuration files,...

6.2CVSS5.9AI score0.00156EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/03/25 12:0 a.m.6 views

Ubuntu 20.04 LTS : sized-chunks vulnerabilities (USN-8118-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8118-1 advisory. Yechan Bae discovered that sized-chunks did not properly validate array size when constructing Chunk. An attacker could possibly use these issues to caus...

7.5CVSS5.9AI score0.02841EPSS
Exploits5References6
Rows per page
Query Builder