Lucene search
+L

18 matches found

NVD
NVD
added 2026/06/24 5:17 p.m.9 views

CVE-2026-52964

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Bound MIDI 2.0 endpoint descriptor scans The USB MIDI 2.0 endpoint parser has the same descriptor walking pattern as the legacy MIDI parser. It validates bLength against bNumGrpTrmBlock before reading...

5.5CVSS0.00127EPSS
Exploits0References5
CVE
CVE
added 2026/06/24 4:28 p.m.16 views

CVE-2026-52964

Summary of CVE-2026-52964 : A flaw in the Linux kernel’s ALSA USB-audio path (USB MIDI 2.0 endpoint parser) fails to validate descriptor lengths for the MIDI 2.0 endpoint, allowing a malformed device to cause out-of-bounds reads on baAssoGrpTrmBlkID[] due to walking endpoint extras before verifyi...

5.5CVSS5.7AI score0.00127EPSS
Exploits0References5Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

A flaw was discovered in vringhkiovadvance in drivers/vhost/vringh.c, located in the host side of a virtio ring within the Linux Kernel. This issue may lead to a denial of service from the guest to the host through zero-length descriptors...

6.5CVSS6.6AI score0.00199EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/04/20 11:26 p.m.18 views

SUSE CVE-2026-35215

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the sdldesc function does not validate the length of a decoded SDL descriptor from a slice packet. A zero-length descriptor is later used to calculate the number of slice items, causing...

7.5CVSS5.7AI score0.00466EPSS
Exploits1References4
NVD
NVD
added 2026/04/17 8:16 p.m.4 views

CVE-2026-35215

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the sdldesc function does not validate the length of a decoded SDL descriptor from a slice packet. A zero-length descriptor is later used to calculate the number of slice items, causing...

7.5CVSS0.00466EPSS
Exploits1References4
OSV
OSV
added 2026/04/17 6:59 p.m.3 views

CVE-2026-35215 Firebird: DoS via malicious slice descriptor in slice packet

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the sdldesc function does not validate the length of a decoded SDL descriptor from a slice packet. A zero-length descriptor is later used to calculate the number of slice items, causing...

7.5CVSS7AI score0.00466EPSS
Exploits1References6
EUVD
EUVD
added 2026/04/17 6:59 p.m.11 views

EUVD-2026-23490

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the sdldesc function does not validate the length of a decoded SDL descriptor from a slice packet. A zero-length descriptor is later used to calculate the number of slice items, causing...

7.5CVSS5.7AI score0.00466EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-57496

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00199EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-5158

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in vringhkiovadvance in drivers/vhost/vringh.c in the host side of a virtio ring in the Linux Kernel. This issue may result in a denial of...

6.5CVSS6.2AI score0.00199EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/09/27 2:3 a.m.2 views

SUSE CVE-2023-5158

A flaw was found in vringhkiovadvance in drivers/vhost/vringh.c in the host side of a virtio ring in the Linux Kernel. This issue may result in a denial of service from guest to host via zero length descriptor...

6.5CVSS6.4AI score0.00199EPSS
Exploits0References9
NVD
NVD
added 2023/09/25 4:15 p.m.24 views

CVE-2023-5158

A flaw was found in vringhkiovadvance in drivers/vhost/vringh.c in the host side of a virtio ring in the Linux Kernel. This issue may result in a denial of service from guest to host via zero length descriptor...

6.5CVSS7.3AI score0.00199EPSS
Exploits0References2
OSV
OSV
added 2023/09/25 4:15 p.m.2 views

DEBIAN-CVE-2023-5158

A flaw was found in vringhkiovadvance in drivers/vhost/vringh.c in the host side of a virtio ring in the Linux Kernel. This issue may result in a denial of service from guest to host via zero length descriptor...

5.5CVSS6.2AI score0.00199EPSS
Exploits0References1
Prion
Prion
added 2023/09/25 4:15 p.m.28 views

Design/Logic Flaw

A flaw was found in vringhkiovadvance in drivers/vhost/vringh.c in the host side of a virtio ring in the Linux Kernel. This issue may result in a denial of service from guest to host via zero length descriptor...

1.7CVSS5.4AI score0.00199EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/09/25 4:15 p.m.4 views

UBUNTU-CVE-2023-5158

A flaw was found in vringhkiovadvance in drivers/vhost/vringh.c in the host side of a virtio ring in the Linux Kernel. This issue may result in a denial of service from guest to host via zero length descriptor...

6.5CVSS6.5AI score0.00199EPSS
Exploits0References15
RedhatCVE
RedhatCVE
added 2023/09/25 12:24 p.m.29 views

CVE-2023-5158

A flaw was found in vringhkiovadvance in drivers/vhost/vringh.c in the host side of a virtio ring in the Linux Kernel. This issue may result in a denial of service from guest to host via zero length descriptor...

6.5CVSS6.5AI score0.00199EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/09/25 12:0 a.m.5 views

PT-2023-5514 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: The issue is related to a flaw in the vringh kiov advance function in the drivers/vhost/vringh.c module of the Linux Kernel. This flaw may result in a denial of service from guest to...

9.8CVSS7.4AI score0.09141EPSS
Exploits6References299
SUSE CVE
SUSE CVE
added 2023/02/15 4:57 a.m.3 views

SUSE CVE-2016-7908

The mcffecdotx function in hw/net/mcffec.c in QEMU aka Quick Emulator does not properly limit the buffer descriptor count when transmitting packets, which allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash via vectors involving a buffer descript...

4.4CVSS8.6AI score0.00409EPSS
Exploits0References18
OSV
OSV
added 2016/10/05 4:59 p.m.3 views

DEBIAN-CVE-2016-7908

The mcffecdotx function in hw/net/mcffec.c in QEMU aka Quick Emulator does not properly limit the buffer descriptor count when transmitting packets, which allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash via vectors involving a buffer descript...

4.4CVSS8.6AI score0.00409EPSS
Exploits0References1
Rows per page
Query Builder