Lucene search
K

1498 matches found

nessus
nessus
added 2026/06/28 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53164

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iommu/dma: Do not try to iommumap a 0 length region in swiotlb iommudmaiovalinkswiotlb processes a mapping that is unaligned in three parts, the head, middle an...

5.5CVSS6AI score0.00121EPSS
Exploits0References3
nessus
nessus
added 2026/06/28 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-53150

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - thunderbolt: Reject zero-length property entries in validator tbpropertyentryvalid accepts entries with length == 0 for DIRECTORY, DATA, and TEXT types. A...

5.5CVSS6AI score0.00128EPSS
Exploits0References2
mscve
mscve
added 2026/06/27 8:9 a.m.6 views

thunderbolt: Reject zero-length property entries in validator

...

7CVSS5.8AI score0.00128EPSS
Exploits0
redhatcve
redhatcve
added 2026/06/26 5:31 p.m.9 views

CVE-2026-53029

A flaw was found in the Linux kernel's ntfs3 filesystem driver. This vulnerability occurs due to an uninitialized local variable lcn when handling zero-length data during I/O operations. An attacker could potentially exploit this flaw to cause a denial of service or information disclosure due to...

5.8AI score0.00172EPSS
Exploits0References4
redhatcve
redhatcve
added 2026/06/26 8:20 a.m.11 views

CVE-2026-53132

A flaw was found in the Linux kernel's vsock/virtio component. A remote attacker could send specially crafted packets with zero length and an End-of-Message EOM flag. This could lead to an unbounded queue of packets, consuming excessive memory and potentially causing a Denial of Service DoS due t...

7.1CVSS5.8AI score0.0014EPSS
Exploits0References4
redhatcve
redhatcve
added 2026/06/26 7:34 a.m.10 views

CVE-2026-53164

A flaw was found in the Linux kernel's input/output memory management unit IOMMU Direct Memory Access DMA subsystem, specifically within the software IOMMU bounce buffer SWIOTLB mechanism. This vulnerability occurs when the system attempts to map a zero-length memory region, which can be triggere...

5.5CVSS5.9AI score0.00121EPSS
Exploits0References4
redhatcve
redhatcve
added 2026/06/26 7:27 a.m.8 views

CVE-2026-53210

A flaw was found in the Linux kernel's Trusted Execution Environment TEE subsystem. A shared memory shm leak occurs in the registershmhelper function when TEEIOCSHMREGISTER is called with a zero-length shared memory registration. This can be triggered by a local attacker, potentially leading to a...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References4
susecve
susecve
added 2026/06/26 2:14 a.m.8 views

SUSE CVE-2026-52964

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Bound MIDI 2.0 endpoint descriptor scans The USB MIDI 2.0 endpoint parser has the same descriptor walking pattern as the legacy MIDI parser. It validates bLength against bNumGrpTrmBlock before reading...

5.8AI score0.00175EPSS
Exploits0References3
euvd
euvd
added 2026/06/26 12:32 a.m.6 views

EUVD-2026-39565

HMAC zero-length tag forgery in EVPDigestVerifyFinal, where a zero-length tag could be accepted as valid during HMAC verification. In the OpenSSL-compatibility HMAC verify path the supplied signature length was only checked as not exceeding the MAC length, so a zero-length or otherwise truncated...

2.1CVSS5.8AI score0.00147EPSS
Exploits0References3
nessus
nessus
added 2026/06/26 12:0 a.m.18 views

Curl 8.18.0 < 8.21.0 QUIC Zero-Length UDP Datagrams DoS

The version of curl installed on the remote host is 8.18.0 prior to 8.21.0. It is, therefore, affected by a denial of service vulnerability: - An issue in curl's QUIC UDP receive function allows a malicious HTTP/3 server to trigger a remote denial of service by continuously streaming empty...

7.5CVSS6.3AI score0.0101EPSS
Exploits1References2
nvd
nvd
added 2026/06/25 10:17 p.m.9 views

CVE-2026-6331

HMAC zero-length tag forgery in EVPDigestVerifyFinal, where a zero-length tag could be accepted as valid during HMAC verification. In the OpenSSL-compatibility HMAC verify path the supplied signature length was only checked as not exceeding the MAC length, so a zero-length or otherwise truncated...

7.5CVSS0.00147EPSS
Exploits0References2
osv
osv
added 2026/06/25 10:17 p.m.3 views

DEBIAN-CVE-2026-6331

HMAC zero-length tag forgery in EVPDigestVerifyFinal, where a zero-length tag could be accepted as valid during HMAC verification. In the OpenSSL-compatibility HMAC verify path the supplied signature length was only checked as not exceeding the MAC length, so a zero-length or otherwise truncated...

7.5CVSS5.8AI score0.00147EPSS
Exploits0References1
osv
osv
added 2026/06/25 10:17 p.m.5 views

UBUNTU-CVE-2026-6331

HMAC zero-length tag forgery in EVPDigestVerifyFinal, where a zero-length tag could be accepted as valid during HMAC verification. In the OpenSSL-compatibility HMAC verify path the supplied signature length was only checked as not exceeding the MAC length, so a zero-length or otherwise truncated...

7.5CVSS5.7AI score0.00147EPSS
Exploits0References5
cve
cve
added 2026/06/25 9:2 p.m.18 views

CVE-2026-6329

CVE-2026-6329 describes a vulnerability in PKCS#12 MAC verification in wolfSSL where the verification uses an attacker-controlled comparison length. The PKCS#12 verify path compares the locally computed HMAC against the MAC parsed from the PKCS#12 structure using a length taken directly from atta...

6.5CVSS5.9AI score0.0016EPSS
Exploits0References2Affected Software1
attackerkb
attackerkb
added 2026/06/25 9:2 p.m.7 views

CVE-2026-6329

PKCS12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. The PKCS12 verify path compared the locally computed HMAC against the MAC parsed from the PKCS12 structure using a length taken directly fr...

6CVSS5.9AI score0.0016EPSS
Exploits0References3Affected Software1
attackerkb
attackerkb
added 2026/06/25 8:56 p.m.5 views

CVE-2026-6331

HMAC zero-length tag forgery in EVPDigestVerifyFinal, where a zero-length tag could be accepted as valid during HMAC verification. In the OpenSSL-compatibility HMAC verify path the supplied signature length was only checked as not exceeding the MAC length, so a zero-length or otherwise truncated...

2.1CVSS5.8AI score0.00147EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2026/06/25 8:56 p.m.25 views

CVE-2026-6331 HMAC zero-length tag forgery in EVP_DigestVerifyFinal

HMAC zero-length tag forgery in EVPDigestVerifyFinal, where a zero-length tag could be accepted as valid during HMAC verification. In the OpenSSL-compatibility HMAC verify path the supplied signature length was only checked as not exceeding the MAC length, so a zero-length or otherwise truncated...

2.1CVSS0.00147EPSS
Exploits0References2
cve
cve
added 2026/06/25 8:56 p.m.20 views

CVE-2026-6331

CVE-2026-6331 describes an HMAC zero-length tag forgery in EVP_DigestVerifyFinal. The OpenSSL-compatibility HMAC verify path allowed a zero-length or truncated tag to pass because the signature length check only ensured it did not exceed the MAC length. The fixed behavior now requires the supplie...

7.5CVSS5.8AI score0.00147EPSS
Exploits0References2Affected Software1
debiancve
debiancve
added 2026/06/25 8:56 p.m.6 views

CVE-2026-6331

HMAC zero-length tag forgery in EVPDigestVerifyFinal, where a zero-length tag could be accepted as valid during HMAC verification. In the OpenSSL-compatibility HMAC verify path the supplied signature length was only checked as not exceeding the MAC length, so a zero-length or otherwise truncated...

7.5CVSS5.8AI score0.00147EPSS
Exploits0
redhat
redhat
added 2026/06/25 6:37 p.m.6 views

gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment

A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service...

9.1CVSS5.7AI score0.00805EPSS
Exploits0References4
Rows per page
Query Builder