CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

5.5CVSS6.3AI score0.00033EPSS

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: - In blkdeviomapbegin, the EOF check has been refined. - In blkdeviomapbegin, the offset is rounded down to the logical block size before being stored in iomap-offset. It is also checked that the value remains within the inode...

6.6CVSS6.7AI score0.01481EPSS

Astra Linux - уязвимость в linux-5.10

A flaw was discovered in the Linux kernel, specifically in the linux/net/netfilter/nftablesapi.c file of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds write issue...

Exploits10References2

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в ntp

In the file libntp/mstolfp.c, within the NTP version 4.2.8p15, there is a buffer overflow vulnerability in the while loop of the cpcpdec function. An adversary could potentially attack a client NTPQ process, but they cannot attack the ntpd process...

5.6CVSS7.1AI score0.0035EPSS

7.8CVSS7.7AI score0.10805EPSS

Astra Linux – Vulnerability in p7zip

7-Zip SquashFS File Parsing: Out-of-Bounds Write Vulnerability Leading to Remote Code Execution. This vulnerability allows remote attackers to execute arbitrary code on affected 7-Zip installations. User interaction is required to exploit this vulnerability, as the target must visit a malicious...

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в tiff

A flaw was discovered in Libtiff. This vulnerability operates under the “write-what-where” condition, and is triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file’s metadata, an attacker can trick the library into...

8.8CVSS6.8AI score0.00053EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: tpm: fix reference counting for struct tpmchip The following sequence of operations results in a refcount warning: 1. Open device /dev/tpmrm. 2. Remove module tpmtisspi. 3. Write a TPM command to the file descriptor opened at ste...

7.8CVSS6.1AI score0.00021EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Fixed a NULL pointer dereference in ‘niwrite inode’. Syzbot identified the following issue: Unable to handle a NULL pointer dereference at the virtual address 0000000000000016. Memory abort information: ESR =...

5.8AI score0.00028EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: can: xilinxcan: xcanwriteframe: fixed the issue of releasing the SKB after its use. canputechoskb takes ownership of the SKB, and it might be released during or after the call. However, xilinxcan xcanwriteframe continues to us...

7.8CVSS6AI score0.00024EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в webkit2gtk

A vulnerability related to out-of-bounds writes operations has been addressed through improved checks to prevent unauthorized actions. This issue is fixed in Safari 18.3.1, iOS 15.8.4, and iPadOS 15.8.4; iOS 16.7.11 and iPadOS 16.7.11; iOS 18.3.2 and iPadOS 18.3.2; iPadOS 17.7.6; macOS Sequoia...

10CVSS7.2AI score0.0021EPSS

Exploits4References2

7.8CVSS6.9AI score0.00103EPSS

Astra Linux – Vulnerability in ntfs-3g

A properly crafted NTFS image can cause a heap-based buffer overflow in ntfscompressedpwrite in NTFS-3G 2021.8.22...

SUSE CVE•added 2026/05/20 2:40 a.m.•7 views

SUSE CVE-2025-57807

ImageMagick is free and open-source software used for editing and manipulating digital images. ImageMagick versions lower than 14.8.2 include insecure functions: SeekBlob, which permits advancing the stream offset beyond the current end without increasing capacity, and WriteBlob, which then expan...

4.2CVSS6.5AI score0.00073EPSS

Exploits1References7

NVD•added 2026/05/20 2:16 a.m.•7 views

CVE-2026-45232

Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establishproxyconnection function in socket.c that allows network attackers to corrupt stack memory by sending a malformed HTTP proxy response. Attackers can exploit this by positioning themselves...

3.7CVSS0.00043EPSS

ATTACKERKB•added 2026/05/20 12:45 a.m.•3 views

CVE-2026-45232

3.1CVSS5.8AI score0.00043EPSS

Exploits0References4

AlpineLinux•added 2026/05/20 12:45 a.m.•7 views

CVE-2026-45232

3.7CVSS5.8AI score0.00043EPSS

Cvelist•added 2026/05/20 12:45 a.m.•36 views

CVE-2026-45232 Rsync < 3.4.3 Off-by-One Stack Write via HTTP Proxy

3.1CVSS0.00043EPSS

Vulnrichment•added 2026/05/20 12:45 a.m.•4 views

CVE-2026-45232 Rsync < 3.4.3 Off-by-One Stack Write via HTTP Proxy

3.1CVSS5.8AI score0.00043EPSS

Debian CVE•added 2026/05/20 12:45 a.m.•8 views

CVE-2026-45232

3.7CVSS5.8AI score0.00043EPSS

Exploits0

Positive Technologies•added 2026/05/20 12:0 a.m.•9 views

PT-2026-42229

A path traversal vulnerability exists in the Altium Enterprise Server ComparisonService due to missing filename sanitization in the Gerber file upload APIs. A regular authenticated workspace user can supply a crafted filename in the multipart Content-Disposition header to escape the intended...

9.4CVSS6.5AI score0.00625EPSS