Lucene search
+L

2549 matches found

rustsec
rustsec
added 2026/04/24 12:0 p.m.16 views

Unsound transmute while debug/display printing batch Insert statements in Diesel's SQLite backend

Diesel allows users to output the generated SQL for any query DSL construct via th diesel::debugquery function as Display and Debug output. For the particular implementation used by batch Insert statements in the SQLite backend Diesel relied on an unspecified transmute between types with a reprru...

5.9AI score
Exploits0Affected Software1
ptsecurity
ptsecurity
added 2026/04/24 12:0 a.m.12 views

PT-2026-37174

Name of the Vulnerable Software and Affected Versions Grid versions 0.17.0 through 1.0.0 Description An integer overflow in the expand rows function can corrupt the relationship between the grid's logical dimensions and its backing storage. This occurs because the function computes the new backin...

6.2CVSS5.8AI score0.00132EPSS
Exploits0References7
mscve
mscve
added 2026/04/23 8:9 a.m.5 views

bpf: Fix undefined behavior in interpreter sdiv/smod for INT_MIN

...

7.8CVSS5.2AI score0.00129EPSS
Exploits0
snyk
snyk
added 2026/04/22 5:6 p.m.7 views

Reliance on Undefined, Unspecified, or Implementation-Defined Behavior

Overview Affected versions of this package are vulnerable to Reliance on Undefined, Unspecified, or Implementation-Defined Behavior via the decodesigned32 function in src/bacnet/bacint.c that reconstructs a 32-bit signed integer from four APDU bytes using signed left shifts. When any of the four...

6.3CVSS5.4AI score0.00242EPSS
Exploits1References2
cve
cve
added 2026/04/22 1:54 p.m.41 views

CVE-2026-31525

CVE-2026-31525 concerns the Linux kernel BPF interpreter’s signed 32-bit division/modulo (sdiv32/smod32). The issue arises from using abs() on s32 operands, which is undefined for S32_MIN, causing incorrect results that can mismatch verifier behavior and enable out-of-bounds map access. A fix int...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References5Affected Software1
cvelist
cvelist
added 2026/04/22 1:54 p.m.36 views

CVE-2026-31525 bpf: Fix undefined behavior in interpreter sdiv/smod for INT_MIN

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix undefined behavior in interpreter sdiv/smod for INTMIN The BPF interpreter's signed 32-bit division and modulo handlers use the kernel abs macro on s32 operands. The abs macro documentation include/linux/math.h explicitl...

7.8CVSS0.00129EPSS
Exploits0References5
osv
osv
added 2026/04/22 1:54 p.m.3 views

CVE-2026-31525 bpf: Fix undefined behavior in interpreter sdiv/smod for INT_MIN

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix undefined behavior in interpreter sdiv/smod for INTMIN The BPF interpreter's signed 32-bit division and modulo handlers use the kernel abs macro on s32 operands. The abs macro documentation include/linux/math.h explicitl...

7.8CVSS6AI score0.00129EPSS
Exploits0References8
nessus
nessus
added 2026/04/22 12:0 a.m.5 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013481)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013481 advisory. In the Linux kernel, the following vulnerability has been resolved: ACPICA: Avoid undefined behavior: applying zero offset to null pointer ACPICA commit...

5.5CVSS5.7AI score0.00146EPSS
Exploits0References4
nessus
nessus
added 2026/04/22 12:0 a.m.4 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013741)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013741 advisory. In the Linux kernel, the following vulnerability has been resolved: nbd: fix incomplete validation of ioctl arg We tested and found an alarm caused by nbdioctl arg...

5.5CVSS6.3AI score0.00136EPSS
Exploits0References4
cnnvd
cnnvd
added 2026/04/22 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of a netlink policy scope check in ctnetlink. This vulnerability may lead to undefined behavio...

5.5CVSS5.8AI score0.00129EPSS
Exploits0References2
nessus
nessus
added 2026/04/22 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-31525

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Fix undefined behavior in interpreter sdiv/smod for INTMIN The BPF interpreter's signed 32-bit division and modulo handlers use the kernel abs macro on s32...

7.8CVSS6.4AI score0.00129EPSS
Exploits0References3
nvd
nvd
added 2026/04/21 5:16 p.m.7 views

CVE-2026-40279

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, decodesigned32 in src/bacnet/bacint.c reconstructs a 32-bit signed integer from four APDU bytes using signed left shifts. When any of the four bytes has bit 7 set value ≥ 0x80, the left-shift...

3.7CVSS0.00242EPSS
Exploits1References1
cvelist
cvelist
added 2026/04/21 4:29 p.m.35 views

CVE-2026-40279 BACnet Stack: Undefined-behavior signed left shift in `decode_signed32()`

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, decodesigned32 in src/bacnet/bacint.c reconstructs a 32-bit signed integer from four APDU bytes using signed left shifts. When any of the four bytes has bit 7 set value ≥ 0x80, the left-shift...

3.7CVSS0.00242EPSS
Exploits1References1
euvd
euvd
added 2026/04/21 4:29 p.m.11 views

EUVD-2026-24166

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, decodesigned32 in src/bacnet/bacint.c reconstructs a 32-bit signed integer from four APDU bytes using signed left shifts. When any of the four bytes has bit 7 set value ≥ 0x80, the left-shift...

3.7CVSS5.8AI score0.00242EPSS
Exploits1References1
attackerkb
attackerkb
added 2026/04/21 4:29 p.m.6 views

CVE-2026-40279

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, decodesigned32 in src/bacnet/bacint.c reconstructs a 32-bit signed integer from four APDU bytes using signed left shifts. When any of the four bytes has bit 7 set value ≥ 0x80, the left-shift...

3.7CVSS5.8AI score0.00242EPSS
Exploits1References2Affected Software1
vulnrichment
vulnrichment
added 2026/04/21 4:29 p.m.10 views

CVE-2026-40279 BACnet Stack: Undefined-behavior signed left shift in `decode_signed32()`

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, decodesigned32 in src/bacnet/bacint.c reconstructs a 32-bit signed integer from four APDU bytes using signed left shifts. When any of the four bytes has bit 7 set value ≥ 0x80, the left-shift...

3.7CVSS5.8AI score0.00242EPSS
Exploits1References1
cve
cve
added 2026/04/21 4:29 p.m.18 views

CVE-2026-40279

BACnet Stack (open-source C library for embedded systems) contains a defect in decode_signed32() in src/bacnet/bacint.c where reconstructing a 32-bit signed integer from four APDU bytes via signed left shifts can overflow signed int32_t when any byte has bit 7 set (>= 0x80). This undefined beh...

3.7CVSS5.8AI score0.00242EPSS
Exploits1References1Affected Software1
cnnvd
cnnvd
added 2026/04/21 12:0 a.m.7 views

BACnet Stack 安全漏洞

BACnet Stack is an open-source protocol stack for BACnet that is suitable for embedded systems, Linux, MacOS, BSD, and Windows. Versions prior to BACnet Stack 1.4.3 contained a security vulnerability. This vulnerability arises from the decodesigned32 function in src/bacnet/bacint.c, which uses...

3.7CVSS5.8AI score0.00242EPSS
Exploits1References1
nessus
nessus
added 2026/04/21 12:0 a.m.6 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011155)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011155 advisory. In the Linux kernel, the following vulnerability has been resolved: mtd: spi-nor: Fix shift-out-of-bounds in spinorseterasetype spinorseterasetype was used either to...

5.7AI score0.00168EPSS
Exploits0References4
nessus
nessus
added 2026/04/21 12:0 a.m.14 views

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011238)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011238 advisory. In the Linux kernel, the following vulnerability has been resolved: ACPICA: Avoid undefined behavior: applying zero offset to null pointer ACPICA commit...

5.5CVSS6.2AI score0.00146EPSS
Exploits0References4
Rows per page
Query Builder