Lucene search
K

215 matches found

Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-58016

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in GLib. A state confusion issue exists in gdbusnodeinfonewforxml in the gio/gdbusintrospection.c file when processing malformed D-Bus...

9.1CVSS6AI score0.00373EPSS
Exploits1References4
OSV
OSV
added 2026/06/25 12:3 p.m.2 views

RLSA-2023:6621 Moderate: protobuf-c security update

The protobuf-c packages provide C bindings for Google's Protocol Buffers. Security Fixes: protobuf-c: unsigned integer overflow in parserequiredmember CVE-2022-48468 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, ref...

6.2CVSS5.9AI score0.00369EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2026/06/25 12:3 p.m.5 views

protobuf-c security update

An update is available for protobuf-c. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The protobuf-c packages provide C bindings for Google's Protocol Buffers...

5.5CVSS6.5AI score0.00369EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/16 12:5 p.m.9 views

libexif: libexif: Information disclosure and crashes via integer overflow in Nikon MakerNote handling

A flaw was found in libexif. A local attacker on a 32-bit system could exploit an unsigned 32-bit integer overflow vulnerability in the Nikon MakerNote handling. This could lead to application crashes or the disclosure of sensitive information...

7.1CVSS5.3AI score0.00094EPSS
Exploits0References5
CVE
CVE
added 2026/06/12 5:6 p.m.18 views

CVE-2026-47223

NanaZip (derivative of 7‑Zip) is affected from 3.0.1000.0 up to before 6.0.1698.0. The vulnerability is a heap out‑of‑bounds read in the AVB vbmeta image parser (AvbHandler) caused by a 32‑bit unsigned overflow in the bounds check (pos + ht.salt_len > descSize) that lets an attacker‑controlled...

5.4CVSS5.4AI score0.0018EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 12:59 p.m.15 views

CVE-2026-7383

A flaw was found in OpenSSL. A signed integer overflow vulnerability exists when sizing the destination buffer for Unicode output. This can lead to a heap buffer overflow, which may result in a crash or potentially allow an attacker to execute arbitrary code. Exploitation requires an application ...

8.1CVSS5.7AI score0.00358EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in protobuf-c, libsignal-protocol-c

Protobuf-c before version 1.4.1 has an unsigned integer overflow in the parserequiredmember field...

5.5CVSS6.3AI score0.00369EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in imagemagick

In ImageMagick, there is a value of the type 'unsigned int' that is outside the representable range in MagickCore/quantum-private.h. This flaw affects ImageMagick versions prior to 7.0.9-0...

4.3CVSS6.5AI score0.01362EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net/rose: integer overflows can occur when using rosesetsockopt with potentially excessively large arguments, along with additional values being applied to them. To mitigate this issue, perform the following actions as a minimum...

5.5CVSS6.4AI score0.00213EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/19 9:51 p.m.11 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the Chunk process when handling files with a samplesperchunk value of zero. An attacker can cause a segmentation fault and denial of service by providing a specially crafted HEIF file that triggers an unsigned...

7.1CVSS5.8AI score0.00301EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2026/05/13 3:35 a.m.13 views

SUSE CVE-2026-43341

In the Linux kernel, the following vulnerability has been resolved: net/ipv6: ioam6: prevent schema length wraparound in trace fill ioam6filltracedata stores the schema contribution to the trace length in a u8. With bit 22 enabled and the largest schema payload, sclen becomes 1 + 1020 / 4, wraps...

5.5CVSS5.8AI score0.00409EPSS
Exploits0References17
OSV
OSV
added 2026/05/12 10:16 p.m.8 views

UBUNTU-CVE-2026-42268

ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. From 3.0.0 to before 3.0.15, there is an unhandled exception std::outofrange caused by unsigned integer underflow in libmodsecurity3 if the user administrator uses a rule any of @verifySSN...

8.2CVSS5.6AI score0.00396EPSS
Exploits1References3
OSV
OSV
added 2026/05/08 2:16 p.m.14 views

UBUNTU-CVE-2026-43341

In the Linux kernel, the following vulnerability has been resolved: net/ipv6: ioam6: prevent schema length wraparound in trace fill ioam6filltracedata stores the schema contribution to the trace length in a u8. With bit 22 enabled and the largest schema payload, sclen becomes 1 + 1020 / 4, wraps...

9.8CVSS5.7AI score0.00409EPSS
Exploits0References25
OSV
OSV
added 2026/05/07 5:6 a.m.12 views

MGASA-2026-0112 Updated libexif packages fix security vulnerabilities

CVE-2026-32775: libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow. CVE-2026-40385: In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon...

7.8CVSS5.8AI score0.00193EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.13 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of unsigned integer arithmetic in the message size calculation function ipcvalidatemsg,...

7.1CVSS5.8AI score0.00125EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2026/04/28 12:0 a.m.12 views

modsecurity3 -- multiple vulnerabilities

ModSecurity is an open source web application firewall engine. According to the upstream changelog, multiple vulnerabilities have been fixed. CVE-2026-42268: unsigned integer underflow in verify operators CVE-2026-30923: buffer overflow in hexdecode...

8.2CVSS6AI score0.00435EPSS
Exploits2References1
OSV
OSV
added 2026/04/02 12:19 a.m.11 views

OSV-2026-505 UNKNOWN READ in unsigned int Assimp::StreamReader<true, true>::Get<unsigned int>

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=498284131 Crash type: UNKNOWN READ Crash state: unsigned int Assimp::StreamReader::Get void Assimp::Blender::ConvertDispatcher void Assimp::Blender::Structure::ReadField...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/03/31 10:9 p.m.5 views

CVE-2026-34548 iccDEV: UB at IccUtilXml.cpp

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB condition in the XML conversion tooling path iccToXml caused by an implicit conversion from a negative signed integer to icUInt32Number unsigned...

6.2CVSS5.8AI score0.00159EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2026/03/25 4:55 p.m.9 views

SUSE CVE-2026-23343

In the Linux kernel, the following vulnerability has been resolved: xdp: produce a warning when calculated tailroom is negative Many ethernet drivers report xdp Rx queue frag size as being the same as DMA write size. However, the only user of this field, namely bpfxdpfragsincreasetail, clearly...

5.5CVSS5.7AI score0.00129EPSS
Exploits0References15
EUVD
EUVD
added 2026/03/25 12:30 p.m.4 views

EUVD-2026-15371

In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: fix divide by zero in the offload path Offloading ETS requires computing each class' WRR weight: this is done by averaging over the sums of quanta as 'qsum' and 'qpsum'. Using unsigned int, the same integer size a...

5.7AI score0.00119EPSS
Exploits0References7
Rows per page
Query Builder