Lucene search
K

1467 matches found

SUSE CVE
SUSE CVE
added 2026/05/06 1:41 a.m.6 views

SUSE CVE-2026-43006

In the Linux kernel, the following vulnerability has been resolved: iouring/rsrc: reject zero-length fixed buffer import validatefixedrange admits bufaddr at the exact end of the registered region when len is zero, because the check uses strict greater-than bufend imu-ubuf + imu-len. ioimportfixe...

7.1CVSS5.8AI score0.00124EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.19 views

PT-2026-38307

Name of the Vulnerable Software and Affected Versions fast-jwt versions prior to 6.2.4 Description An authentication bypass exists in the asynchronous key-resolver flow. When an application's key resolver returns an empty string '' or a zero-length Buffer, the software converts this to a...

9.1CVSS5.9AI score0.00236EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-43005

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hwmon: tps53679 Fix array access with zero-length block read i2csmbusreadblockdata can return 0, indicating a zero-length read. When this happens,...

7.1CVSS7.2AI score0.00124EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-43006

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iouring/rsrc: reject zero-length fixed buffer import validatefixedrange admits bufaddr at the exact end of the registered region when len is zero, because the...

7.1CVSS7.2AI score0.00124EPSS
Exploits0References2
OSV
OSV
added 2026/05/01 6:22 p.m.6 views

CLSA-2026-1777659767 libsoup: Fix of CVE-2026-2369

CVE-2026-2369: fix integer underflow in sniffunknown on zero-length buffer that caused an out-of-bounds read in the content sniffer...

9.1CVSS5.9AI score0.0042EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/01 4:5 p.m.8 views

CVE-2026-43006

A flaw was found in the Linux kernel's iouring subsystem. A local attacker can exploit a vulnerability in the ioimportfixed function by importing a zero-length fixed buffer. This can lead to an out-of-bounds read from slab memory, potentially resulting in information disclosure or a denial of...

7.1CVSS5.8AI score0.00124EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/01 4:5 p.m.7 views

CVE-2026-43005

A flaw was found in the Linux kernel's tps53679 hwmon driver. When the i2csmbusreadblockdata function returns a zero-length read, the tps53679identifychip function attempts to access memory before the allocated buffer. This out-of-bounds read could lead to information disclosure or a denial of...

7.1CVSS5.8AI score0.00124EPSS
Exploits0References4
NVD
NVD
added 2026/05/01 3:16 p.m.7 views

CVE-2026-43006

In the Linux kernel, the following vulnerability has been resolved: iouring/rsrc: reject zero-length fixed buffer import validatefixedrange admits bufaddr at the exact end of the registered region when len is zero, because the check uses strict greater-than bufend imu-ubuf + imu-len. ioimportfixe...

7.1CVSS0.00124EPSS
Exploits0References3
NVD
NVD
added 2026/05/01 3:16 p.m.6 views

CVE-2026-43005

In the Linux kernel, the following vulnerability has been resolved: hwmon: tps53679 Fix array access with zero-length block read i2csmbusreadblockdata can return 0, indicating a zero-length read. When this happens, tps53679identifychip accesses bufret - 1 which is buf-1, reading one byte before t...

7.1CVSS0.00124EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/01 2:15 p.m.28 views

CVE-2026-43017 Bluetooth: MGMT: validate mesh send advertising payload length

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: validate mesh send advertising payload length meshsend currently bounds MGMTOPMESHSEND by total command length, but it never verifies that the bytes supplied for the flexible advdata array actually match the...

0.00122EPSS
Exploits0References6
CVE
CVE
added 2026/05/01 2:15 p.m.17 views

CVE-2026-43017

CVE-2026-43017 concerns the Linux kernel Bluetooth MGMT mesh path. It fixes missing validation of adv_data_len in mesh_send, which could allow out-of-bounds access in queued commands. The description and connected advisories indicate: affected software is the Linux kernel; root cause is failure t...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/05/01 2:15 p.m.32 views

CVE-2026-43006 io_uring/rsrc: reject zero-length fixed buffer import

In the Linux kernel, the following vulnerability has been resolved: iouring/rsrc: reject zero-length fixed buffer import validatefixedrange admits bufaddr at the exact end of the registered region when len is zero, because the check uses strict greater-than bufend imu-ubuf + imu-len. ioimportfixe...

7.1CVSS0.00124EPSS
Exploits0References3
CVE
CVE
added 2026/05/01 2:15 p.m.17 views

CVE-2026-43006

CVE-2026-43006 (Linux kernel io_uring rsr/rsrc): A zero-length fixed-buffer import in io_import_fixed() could trigger a slab-out-of-bounds read due to a boundary check that allows len == 0 to be processed. The underlying issue is in validate_fixed_range(), which permits buf_addr at the end of the...

7.1CVSS5.9AI score0.00124EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/05/01 2:15 p.m.8 views

EUVD-2026-26605

In the Linux kernel, the following vulnerability has been resolved: iouring/rsrc: reject zero-length fixed buffer import validatefixedrange admits bufaddr at the exact end of the registered region when len is zero, because the check uses strict greater-than bufend imu-ubuf + imu-len. ioimportfixe...

5.9AI score0.00124EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/05/01 2:15 p.m.7 views

CVE-2026-43006

In the Linux kernel, the following vulnerability has been resolved: iouring/rsrc: reject zero-length fixed buffer import validatefixedrange admits bufaddr at the exact end of the registered region when len is zero, because the check uses strict greater-than bufend imu-ubuf + imu-len. ioimportfixe...

7.1CVSS5.8AI score0.00124EPSS
Exploits0
CVE
CVE
added 2026/05/01 2:15 p.m.17 views

CVE-2026-43005

CVE-2026-43005 affects the Linux kernel hwmon driver for tps53679. The bug arises when i2c_smbus_read_block_data() returns 0 (zero-length read); tps53679_identify_chip() then accesses buf[ret-1] (buf[-1]), causing an out-of-bounds read. The fix changes the check from ret < 0 to ret

7.1CVSS5.9AI score0.00124EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/05/01 2:15 p.m.32 views

CVE-2026-43005 hwmon: (tps53679) Fix array access with zero-length block read

In the Linux kernel, the following vulnerability has been resolved: hwmon: tps53679 Fix array access with zero-length block read i2csmbusreadblockdata can return 0, indicating a zero-length read. When this happens, tps53679identifychip accesses bufret - 1 which is buf-1, reading one byte before t...

0.00124EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/01 2:15 p.m.7 views

EUVD-2026-26604

In the Linux kernel, the following vulnerability has been resolved: hwmon: tps53679 Fix array access with zero-length block read i2csmbusreadblockdata can return 0, indicating a zero-length read. When this happens, tps53679identifychip accesses bufret - 1 which is buf-1, reading one byte before t...

5.9AI score0.00124EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/05/01 2:15 p.m.4 views

CVE-2026-43005

In the Linux kernel, the following vulnerability has been resolved: hwmon: tps53679 Fix array access with zero-length block read i2csmbusreadblockdata can return 0, indicating a zero-length read. When this happens, tps53679identifychip accesses bufret - 1 which is buf-1, reading one byte before t...

7.1CVSS5.8AI score0.00124EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/01 2:4 a.m.9 views

SUSE CVE-2026-33845

A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service...

8.2CVSS5.3AI score0.00805EPSS
Exploits0References14
Rows per page
Query Builder