Lucene search
+L

72 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-50555

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.1...

8.6CVSS6.1AI score0.00167EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed a potential out-of-bounds write issue in getfileallinfo for compound requests. When a compound request consists of QUERYDIRECTORY + QUERYINFO FILEALLINFORMATION, and the first command consumes nearly the entire...

8.8CVSS5.9AI score0.006EPSS
Exploits0References1
OSV
OSV
added 2026/04/27 5:30 p.m.7 views

CLSA-2026-1777311048 Fix CVE(s): CVE-2026-32636

SECURITY UPDATE: out-of-bounds write of a single zero byte in NewXMLTree when processing UTF-16 encoded XML - debian/patches/CVE-2026-32636.patch: allocate one extra byte in ConvertUTF16ToUTF8 to accommodate the NUL terminator written after the buffer - CVE-2026-32636 - ELSCVE-88723...

7.5CVSS5.8AI score0.00475EPSS
Exploits0References1
NVD
NVD
added 2026/04/24 5:16 p.m.29 views

CVE-2026-41079

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to 2.4.17, a network-adjacent attacker can send a crafted SNMP response to the CUPS SNMP backend that causes an out-of-bounds read of up to 176 bytes past a stack buffer. The leaked memory i...

5.4CVSS0.00409EPSS
Exploits1References3
EUVD
EUVD
added 2026/04/22 9:31 a.m.5 views

EUVD-2026-24641

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial OOB in getfileallinfo for compound requests When a compound request consists of QUERYDIRECTORY + QUERYINFO FILEALLINFORMATION and the first command consumes nearly the entire maxtranssize, getfileallinfo woul...

5.8AI score0.006EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/04/22 8:15 a.m.35 views

CVE-2026-31433 ksmbd: fix potencial OOB in get_file_all_info() for compound requests

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial OOB in getfileallinfo for compound requests When a compound request consists of QUERYDIRECTORY + QUERYINFO FILEALLINFORMATION and the first command consumes nearly the entire maxtranssize, getfileallinfo woul...

8.8CVSS0.006EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.7 views

PT-2026-34276

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds write exists in the ksmbd component within the get file all info function during the processing of compound requests consisting of QUERY DIRECTORY and QUERY INFO FILE AL...

8.8CVSS5.9AI score0.006EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.8 views

Unity Linux 20.1070a Security Update: openssl (UTSA-2026-007292)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007292 advisory. Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code poin...

7.4CVSS7.2AI score0.00444EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2026/04/10 11:25 p.m.6 views

SUSE CVE-2026-34941

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime contains a vulnerability where when transcoding a UTF-16 string to the latin1+utf16 component-model encoding it would incorrectly validate the byte length of the input string when performing a bounds chec...

5.3CVSS5.8AI score0.00376EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/09 11:0 p.m.5 views

CVE-2026-34941

A flaw was found in Wasmtime, a runtime for WebAssembly. When transcoding a UTF-16 string to the latin1+utf16 component-model encoding, Wasmtime incorrectly validates the byte length of the input string, checking the number of code units instead of the actual byte length. This vulnerability can...

8.1CVSS5.9AI score0.00376EPSS
Exploits0References4
OSV
OSV
added 2026/04/09 8:22 p.m.2 views

GHSA-JXHV-7H78-9775 Wasmtime: Panic when transcoding misaligned utf-16 strings

Impact Wasmtime's implementation of transcoding strings into the Component Model's utf16 or latin1+utf16 encodings improperly verified the alignment of reallocated strings. This meant that unaligned pointers could be passed to the host for transcoding which would trigger a host panic. This panic ...

6.5CVSS5.8AI score0.00354EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/04/09 8:22 p.m.11 views

Wasmtime: Panic when transcoding misaligned utf-16 strings

Impact Wasmtime's implementation of transcoding strings into the Component Model's utf16 or latin1+utf16 encodings improperly verified the alignment of reallocated strings. This meant that unaligned pointers could be passed to the host for transcoding which would trigger a host panic. This panic ...

6.5CVSS5.8AI score0.00354EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/04/09 7:16 p.m.2 views

DEBIAN-CVE-2026-34942

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime's implementation of transcoding strings into the Component Model's utf16 or latin1+utf16 encodings improperly verified the alignment of reallocated strings. This meant that unaligned pointers could be...

6.5CVSS5.3AI score0.00354EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/09 6:32 p.m.3 views

CVE-2026-34942

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime's implementation of transcoding strings into the Component Model's utf16 or latin1+utf16 encodings improperly verified the alignment of reallocated strings. This meant that unaligned pointers could be...

5.9CVSS5.9AI score0.00354EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/09 6:32 p.m.4 views

CVE-2026-34942 Wasmtime panics when transcoding misaligned utf-16 strings

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime's implementation of transcoding strings into the Component Model's utf16 or latin1+utf16 encodings improperly verified the alignment of reallocated strings. This meant that unaligned pointers could be...

5.9CVSS5.8AI score0.00354EPSS
Exploits0References1
CVE
CVE
added 2026/04/09 6:32 p.m.28 views

CVE-2026-34942

Wasmtime VM exposes a DoS risk due to a panic-triggering path when transcoding strings into utf16/latin1+utf16. Root cause: alignment verification for reallocated strings was improper, allowing unaligned pointers to be passed to the host by a malicious guest. Affected versions prior to fixed rele...

6.5CVSS5.9AI score0.00354EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/04/09 6:32 p.m.1 views

CVE-2026-34942 Wasmtime panics when transcoding misaligned utf-16 strings

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime's implementation of transcoding strings into the Component Model's utf16 or latin1+utf16 encodings improperly verified the alignment of reallocated strings. This meant that unaligned pointers could be...

5.9CVSS5.9AI score0.00354EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/09 6:29 p.m.3 views

CVE-2026-34941 Wasmtime has a Heap OOB read in component model UTF-16 to latin1+utf16 string transcoding

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime contains a vulnerability where when transcoding a UTF-16 string to the latin1+utf16 component-model encoding it would incorrectly validate the byte length of the input string when performing a bounds chec...

6.9CVSS5.8AI score0.00376EPSS
Exploits0References1
OSV
OSV
added 2026/04/09 6:29 p.m.2 views

CVE-2026-34941 Wasmtime has a Heap OOB read in component model UTF-16 to latin1+utf16 string transcoding

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime contains a vulnerability where when transcoding a UTF-16 string to the latin1+utf16 component-model encoding it would incorrectly validate the byte length of the input string when performing a bounds chec...

6.9CVSS6AI score0.00376EPSS
Exploits0References3
OSV
OSV
added 2026/04/09 12:0 p.m.3 views

RUSTSEC-2026-0092 Panic when transcoding misaligned component model UTF-16 strings

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-jxhv-7h78-9775 For more information see the GitHub-hosted security advisory...

5.9CVSS5.8AI score0.00354EPSS
Exploits0References3
Rows per page
Query Builder