Lucene search
+L

6267 matches found

CVE
CVE
added yesterday4 views

CVE-2025-51677

The CVE-2025-51677 entry describes an issue in openRISC OR1200, specifically commit 83ac6b. The root cause is an output mismatch between the RTL and the netlist for the or1200 CPU output port, which can cause unexpected behavior in affected designs. The connected sources (NVD/CVE records) confirm...

5.4AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 3 days ago5 views

CVE-2026-13030

An uninitialized use flaw was found in the GPU component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=522840723...

5.3CVSS6AI score0.00186EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 3 days ago5 views

python: Python: CPU Denial of Service in HTML parser via repeated unterminated markup declarations

A flaw was found in Python. Its incremental HTML parser can be exploited by a remote attacker. By sending specially crafted, uncontrolled data with repeated, incomplete markup declarations, the attacker can cause the system to consume excessive central processing unit CPU resources. This leads to...

8.7CVSS6AI score0.00553EPSS
Exploits0References11
CVE
CVE
added 4 days ago10 views

CVE-2026-24271

NVIDIA TensorRT-LLM’s OpenAI-compatible inference API (CVE-2026-24271) is vulnerable to unthrottled GPU resource allocation, potentially causing denial of service. The affected product is NVIDIA TensorRT-LLM; the issue stems from uncontrolled resource allocation within the inference API. The secu...

6.2CVSS6.1AI score0.0012EPSS
Exploits0References2
OSV
OSV
added 4 days ago4 views

CVE-2026-10669 Xtensa MPU `arch_buffer_validate()` integer-overflow lets a user thread bypass syscall pointer validation

On Xtensa SoCs built with CONFIGXTENSAMPU and CONFIGUSERSPACE, archbuffervalidate in arch/xtensa/core/mpu.c — the architecture hook that verifies a user-mode-supplied buffer is accessible to the calling user thread with the requested permission — defaulted its return value to 0 access permitted a...

7.8CVSS6.1AI score0.00114EPSS
Exploits0References5
NVD
NVD
added 5 days ago7 views

CVE-2026-51540

OpENer 2.3.0 master branch up to commit 76b95cf is vulnerable to a severe memory corruption issue caused by an integer underflow in the processing of connected explicit messages SendUnitData...

9.8CVSS0.00379EPSS
Exploits0References2
Cvelist
Cvelist
added 5 days ago31 views

CVE-2026-51540

OpENer 2.3.0 master branch up to commit 76b95cf is vulnerable to a severe memory corruption issue caused by an integer underflow in the processing of connected explicit messages SendUnitData...

0.00379EPSS
Exploits0References2
NVD
NVD
added 2026/07/10 9:17 p.m.7 views

CVE-2026-7639

Software installed and run as a non-privileged user may conduct a sequence of improper GPU system calls causing use after free, which helps in facilitating unprivileged memory access from a shader code. Triggering failure path in the MMU mapping logic by a malicious code could lead to incomplete...

7.8CVSS0.00122EPSS
Exploits0References1
NVD
NVD
added 2026/07/10 9:16 p.m.7 views

CVE-2026-41154

Software installed and run as a non-privileged user may cause OOB kernel memory reads or writes through GPU API calls. When indexing pages larger than 4kB in the page freeing logic of the sparse memory implementation, incorrect buffer indexing leads to OOB access...

7.8CVSS0.00131EPSS
Exploits0References1
CVE
CVE
added 2026/07/10 8:57 p.m.10 views

CVE-2026-45203

The CVE-2026-45203 entry concerns a TOCTOU issue in GPU DDK software used inside a Host VM. CVE records attribute a vulnerability in the rgxfw_hwperf_ufo() path where the command size is re-read after initial validation, enabling improper commands to reach GPU firmware and potentially trigger a m...

7.8CVSS6.1AI score0.00092EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/10 8:53 p.m.9 views

EUVD-2026-43039

Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a GPU register access which can lead to privilege escalation...

6.1AI score0.00106EPSS
Exploits0References1
CVE
CVE
added 2026/07/10 8:53 p.m.13 views

CVE-2026-45196

CVE-2026-45196 involves GPU DDK components (rgxfw_hwperf_hw) where unsanitized pointers from host-kernel inside a Host VM enable arbitrary GPU register writes via GPU Firmware commands, leading to privilege escalation. Exploitation is described as local with low privileges and no user interaction...

7.8CVSS6.1AI score0.00106EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/10 8:50 p.m.11 views

EUVD-2026-43037

Software installed and run as a non-privileged user may conduct a sequence of improper GPU system calls causing use after free, which helps in facilitating unprivileged memory access from a shader code. Triggering failure path in the MMU mapping logic by a malicious code could lead to incomplete...

6.1AI score0.00122EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/10 8:46 p.m.33 views

CVE-2026-41154 GPU DDK - Incorrect Index Calculation in CMA Cleanup Path of AllocOSPages_Sparse

Software installed and run as a non-privileged user may cause OOB kernel memory reads or writes through GPU API calls. When indexing pages larger than 4kB in the page freeing logic of the sparse memory implementation, incorrect buffer indexing leads to OOB access...

0.00131EPSS
Exploits0References1
OSV
OSV
added 2026/07/06 4:41 p.m.5 views

GHSA-55F6-PF8R-C2F4 Open Babel has out-of-bounds write in MOPAC translationVectors[] (UNIT CELL TRANSLATION)

Summary A memory-safety vulnerability in Open Babel's MOPAC output parser allowed an out-of-bounds write into the translationVectors array when reading the "UNIT CELL TRANSLATION" block of a crafted input file. Details The MOPAC output reader stored translation vectors from the UNIT CELL...

7.8CVSS6.6AI score0.00816EPSS
Exploits1References6
NVD
NVD
added 2026/07/03 9:16 p.m.5 views

CVE-2026-27783

Gitea versions up to and including 1.26.1 do not enforce repository-unit authorization on issue-template API endpoints...

4.3CVSS0.00283EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/07/03 8:19 p.m.6 views

CVE-2026-28740

Gitea versions up to and including 1.26.2 allow Git LFS object reuse to authorize private source objects for users who have repository access but lack Code-unit access...

7.1CVSS5.9AI score0.00323EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/07/03 8:19 p.m.43 views

CVE-2026-28740 Gitea LFS object reuse bypasses Code-unit authorization

Gitea versions up to and including 1.26.2 allow Git LFS object reuse to authorize private source objects for users who have repository access but lack Code-unit access...

7.1CVSS0.00323EPSS
Exploits0References4
CVE
CVE
added 2026/07/03 8:19 p.m.27 views

CVE-2026-28740

CVE-2026-28740 affects Gitea up to version 1.26.2. The issue allows Git LFS object reuse to authorize private source objects for users with repository access but without Code-unit access (root cause: LFS object reuse bypassing Code-unit authorization). Impact is unauthorized access to private sou...

7.1CVSS7.1AI score0.00323EPSS
Exploits0References4
OSV
OSV
added 2026/07/03 8:19 p.m.3 views

CVE-2026-28740 Gitea LFS object reuse bypasses Code-unit authorization

Gitea versions up to and including 1.26.2 allow Git LFS object reuse to authorize private source objects for users who have repository access but lack Code-unit access...

7.1CVSS7.1AI score0.00323EPSS
Exploits0References6
Rows per page
Query Builder