Lucene search
K

179 matches found

NVD
NVD
added 6 days ago6 views

CVE-2026-53225

In the Linux kernel, the following vulnerability has been resolved: sctp: fix uninit-value in sctprcvasconflookup sctprcvasconflookup in net/sctp/input.c only checks that the ASCONF chunk can hold the ADDIP header and a parameter header, then calls af-fromaddrparam, which reads the full address 1...

9.1CVSS0.00544EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 6 days ago5 views

Linux Distros Unpatched Vulnerability : CVE-2026-53082

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: hamradio: 6pack: fix uninit-value in sixpackreceivebuf sixpackreceivebuf does not properly skip bytes with TTY error flags. The while loop iterates through...

6AI score0.00164EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: netrom: Check the buffer length before accessing it. Syzkaller reports an issue where an uninit value is read from ax25cmp when sending raw messages through the ieee802154 implementation...

5.5CVSS6.7AI score0.00222EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Qemu

In QEMU, the softmmu/physmem.c file, versions up to 7.0.0, can perform an uninitialized read on the translatefail path, resulting in an ioreadx or iowritex crash. NOTE: A third-party report states that the “Non-virtualization Use Case” described in the qemu.org reference applies here. In other...

8.8CVSS7.6AI score0.00636EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/core: Correctly check the presence of LSNLATYPEDGID. The netlink response for RDMANLLSOPIPRESOLVE should always contain an LSNLATYPEDGID attribute; it is invalid if it is missing. Properly use the nl parsing logic and cal...

5.5CVSS5.6AI score0.00114EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Firefox and Thunderbird

When reading a file, an uninitialized value might have been used as the read limit. This vulnerability affects Firefox 113, Firefox ESR 102.11, and Thunderbird 102.11...

8.8CVSS7.1AI score0.00753EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in f2fs-tools

There is an exploitable information disclosure vulnerability in the devread functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can lead to an uninitialized read operation, resulting in information disclosure. An attacker can provide a malicious file to trigger this...

5.5CVSS6.1AI score0.01496EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: nfc: nci: Added parameter validation for packet data. Syzbot reported a bug involving uninitialized values in nciinitreq. This bug was introduced through the commit 5aca7966d2a7 “Merge tag...

5.8AI score0.00202EPSS
Exploits0References2
OSV
OSV
added 2026/06/08 1:15 p.m.8 views

JLSEC-2026-578

In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character...

5.3CVSS7.4AI score0.06457EPSS
Exploits0References26
RedhatCVE
RedhatCVE
added 2026/05/06 10:10 p.m.28 views

CVE-2026-43221

A flaw was found in the Linux kernel's Intelligent Platform Management Bus IPMB component. The IPMB event handler fails to initialize read bytes, which can lead to an uninitialized value being returned during an I2C Inter-Integrated Circuit read operation. This could allow a local attacker to...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/06 11:28 a.m.6 views

CVE-2026-43221

In the Linux kernel, the following vulnerability has been resolved: ipmi: ipmb: initialise event handler read bytes IPMB doesn't use i2c reads, but the handler needs to set a value. Otherwise an i2c read will return an uninitialised value from the bus driver...

5.8AI score0.00128EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2026/04/25 8:46 a.m.7 views

CLSA-2026-1776958404 php: Fix of 5 CVEs

CVE-2019-9023: mbstring oniguruma: fix heap overflow in utf32bembctocode and related mbctocode encoders bug 77418; completes CVE-2019-9023 coverage alongside existing php-5.3.29-bug773707737177381773827738577394.patch - CVE-2019-11034: exif: fix heap-buffer-overflow in phpifdget32s bug 77753 -...

9.8CVSS6.9AI score0.09395EPSS
Exploits4References1
CloudLinux
CloudLinux
added 2026/04/25 8:46 a.m.7 views

php: Fix of 5 CVEs

CVE-2019-9023: mbstring oniguruma: fix heap overflow in utf32bembctocode and related mbctocode encoders bug 77418; completes CVE-2019-9023 coverage alongside existing php-5.3.29-bug773707737177381773827738577394.patch - CVE-2019-11034: exif: fix heap-buffer-overflow in phpifdget32s bug 77753 -...

9.8CVSS6.8AI score0.09395EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2026/01/26 12:0 a.m.2 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004950)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004950 advisory. In the Linux kernel, the following vulnerability has been resolved: pptp: ensure minimal skb length in pptpxmit Commit aabc6596ffb3 net: ppp: Add bound checking for...

7.8CVSS6.7AI score0.00167EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.6 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-38229)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38229 advisory. - In the Linux kernel, the following vulnerability has been resolved: media: cxusb: no longer judge rbuf when...

5.5CVSS5.4AI score0.0015EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/15 1:24 a.m.8 views

CVE-2025-71096

An uninitialized memory read flaw was found in the Linux kernel's RDMA netlink subsystem. When processing IP resolution responses RDMANLLSOPIPRESOLVE, the code did not properly validate that the required LSNLATYPEDGID attribute was present. A malformed userspace netlink message missing this...

5.5CVSS5.4AI score0.00114EPSS
Exploits0References4
NVD
NVD
added 2026/01/13 4:16 p.m.11 views

CVE-2025-71096

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Check for the presence of LSNLATYPEDGID correctly The netlink response for RDMANLLSOPIPRESOLVE should always have a LSNLATYPEDGID attribute, it is invalid if it does not. Use the nl parsing logic properly and call...

5.5CVSS0.00114EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2026/01/13 4:16 p.m.8 views

CVE-2025-71096

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Check for the presence of LSNLATYPEDGID correctly The netlink response for RDMANLLSOPIPRESOLVE should always have a LSNLATYPEDGID attribute, it is invalid if it does not. Use the nl parsing logic properly and call...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References36
OSV
OSV
added 2026/01/13 4:16 p.m.4 views

UBUNTU-CVE-2025-71096

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Check for the presence of LSNLATYPEDGID correctly The netlink response for RDMANLLSOPIPRESOLVE should always have a LSNLATYPEDGID attribute, it is invalid if it does not. Use the nl parsing logic properly and call...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References38
CVE
CVE
added 2026/01/13 3:34 p.m.23 views

CVE-2025-71096

Summary (CVE-2025-71096) : The Linux kernel RDMA core netlink path handling RDMA_NL_LS_OP_IP_RESOLVE could return a DGID-less response, risking an uninitialized read on the stack. The fix ensures the LS_NLA_TYPE_DGID attribute is present, uses nla_parse_deprecated() to populate nlattrs, and then ...

5.5CVSS6AI score0.00114EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder