Lucene search
+L

600 matches found

NVD
NVD
•added 5 days ago•7 views

CVE-2026-58528

Out-of-bounds read in Windows USB Audio Class driver usbaudio.sys allows an unauthorized attacker to disclose information with a physical attack...

6.8CVSS0.00417EPSS
Exploits0References1
Cvelist
Cvelist
•added 5 days ago•29 views

CVE-2026-58528 Windows USB Audio Class Driver Information Disclosure Vulnerability

...

6.8CVSS0.00417EPSS
Exploits0References1
CVE
CVE
•added 5 days ago•14 views

CVE-2026-50453

CVE-2026-50453 affects the Windows USB Audio Class driver (usbaudio.sys). It is an out-of-bounds read vulnerability that may disclose information and requires physical access (attack vector: physical, base CVSS 6.1). Root cause: memory read past bounds. Impact: information disclosure with a physi...

6.1CVSS6.1AI score0.0037EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 5 days ago•3 views

CVE-2026-49794 Windows USB Audio Class Driver Information Disclosure Vulnerability

...

4.6CVSS6.1AI score0.00346EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
•added 5 days ago•22 views

Windows USB Audio Class Driver Information Disclosure Vulnerability

Out-of-bounds read in Windows USB Audio Class driver usbaudio.sys allows an unauthorized attacker to disclose information with a physical attack...

6.8CVSS6.1AI score0.00417EPSS
Exploits0
RedHat Linux
RedHat Linux
•added 6 days ago•5 views

kernel: ALSA: usb-audio: Add sanity check for OOB writes at silencing

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture USB audio subsystem. An inconsistency in how USB audio playback and capture streams are handled can lead to an out-of-bounds write to a memory buffer. This can result in a system crash, causing a denial of service for a...

7.8CVSS6AI score0.00123EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
•added 6 days ago•12 views

RHEL 9 : kernel (RHSA-2026:38902)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:38902 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ima: don't clear IMADIGSIG fl...

9.8CVSS6.7AI score0.00353EPSS
Exploits10References24
RedHat Linux
RedHat Linux
•added 2026/07/01 9:0 a.m.•8 views

kernel: ALSA: usb-audio: Add sanity check for OOB writes at silencing

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture USB audio subsystem. An inconsistency in how USB audio playback and capture streams are handled can lead to an out-of-bounds write to a memory buffer. This can result in a system crash, causing a denial of service for a...

7.8CVSS5.8AI score0.00123EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
•added 2026/06/30 12:0 a.m.•10 views

Oracle Linux 9 : kernel (ELSA-2026-24381)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-24381 advisory. - net/sched: fix pedit partial COW leading to page cache corruption Ivan Vecera RHEL-177392 CVE-2026-46331 - scsi: qla2xxx: Completely fix fcport doub...

9.8CVSS7.2AI score0.00563EPSS
Exploits15References4
Tenable Nessus
Tenable Nessus
•added 2026/06/30 12:0 a.m.•13 views

Oracle Linux 9 : kernel (ELSA-2026-25217)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-25217 advisory. - net/sched: fix pedit partial COW leading to page cache corruption Ivan Vecera RHEL-177392 CVE-2026-46331 - scsi: qla2xxx: Completely fix fcport doub...

9.8CVSS7.2AI score0.00563EPSS
Exploits15References12
SUSE CVE
SUSE CVE
•added 2026/06/26 2:14 a.m.•7 views

SUSE CVE-2026-52963

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Bound MIDI endpoint descriptor scans sndusbmidigetmsinfo validates the internal MIDIStreaming endpoint descriptor size before using baAssocJackID, but the descriptor walker can still return a class-specific...

5.8AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/06/26 2:14 a.m.•8 views

SUSE CVE-2026-52964

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Bound MIDI 2.0 endpoint descriptor scans The USB MIDI 2.0 endpoint parser has the same descriptor walking pattern as the legacy MIDI parser. It validates bLength against bNumGrpTrmBlock before reading...

5.8AI score0.00127EPSS
Exploits0References3
OSV
OSV
•added 2026/06/25 12:3 p.m.•5 views

RLSA-2026:27789 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: isotp: fix tx.buf use-after-free in isotpsendmsg CVE-2026-31474 kernel: mptcp: fix slab-use-after-free in inetlookupestablished CVE-2026-31669 kernel: xen/privcmd: fix double free vi...

7.8CVSS6.8AI score0.00459EPSS
Exploits11References18
BDU FSTEC
BDU FSTEC
•added 2026/06/25 12:0 a.m.•6 views

The vulnerability of the `snd_usb_create_streams()` function in Linux operating system USB audio drivers allows a hacker to cause a service failure.

The vulnerability of the sndusbcreatestreams function in the Linux operating system’s USB audio driver is related to pointer arithmetic errors. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS5.8AI score0.00171EPSS
Exploits0References15Affected Software4
Tenable Nessus
Tenable Nessus
•added 2026/06/25 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-52963

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: usb-audio: Bound MIDI endpoint descriptor scans sndusbmidigetmsinfo validates the internal MIDIStreaming endpoint descriptor size before using...

5.5CVSS6AI score0.00128EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/24 6:32 p.m.•8 views

EUVD-2026-38831

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Bound MIDI endpoint descriptor scans sndusbmidigetmsinfo validates the internal MIDIStreaming endpoint descriptor size before using baAssocJackID, but the descriptor walker can still return a class-specific...

5.7AI score0.00128EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
•added 2026/06/24 4:28 p.m.•4 views

CVE-2026-52964

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Bound MIDI 2.0 endpoint descriptor scans The USB MIDI 2.0 endpoint parser has the same descriptor walking pattern as the legacy MIDI parser. It validates bLength against bNumGrpTrmBlock before reading...

5.7AI score0.00127EPSS
Exploits0References6Affected Software1
CVE
CVE
•added 2026/06/24 4:28 p.m.•16 views

CVE-2026-52963

CVE-2026-52963 affects the Linux kernel ALSA usb-audio code path, specifically the MIDI endpoint handling in snd_usbmidi_get_ms_info. The vulnerability arises when the descriptor walker returns a class-specific MIDI endpoint with bLength larger than the remaining bytes in the endpoint-extra scan,...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References8Affected Software1
AstraLinux
AstraLinux
•added 2026/06/24 3:11 p.m.•11 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fixed a use-after-free in sndusbmixerfree When sndusbcreatemixer fails, sndusbmixerfree frees mixer-idelems, but the controls that were previously added to the card still reference the freed memory. Later, when...

7.8CVSS6AI score0.00135EPSS
Exploits0References2
AstraLinux
AstraLinux
•added 2026/06/24 3:11 p.m.•8 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Added a sanity check for OOB writes during silencing. During silencing, the playback URB packets are processed in the implicit fb mode before actual playback. We assume blindly that the received packets fit withi...

7.8CVSS5.9AI score0.00123EPSS
Exploits0References2
Rows per page
Query Builder