Lucene search
K

1469 matches found

CVE
CVE
added 2026/03/06 12:0 a.m.33 views

CVE-2025-69652

GNU Binutils readelf (up to version 2.46) contains a vulnerability when processing crafted ELF binaries with malformed DWARF/debug info. Root cause: incomplete cleanup in process_debug_info can leave invalid debug_info_p state, causing a fatal abort in byte_get_little_endian() for certain zero-le...

6.2CVSS6.1AI score0.00173EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/03/05 8:0 p.m.2 views

SUSE-SU-2026:0834-1 Security update for libsoup2

This update for libsoup2 fixes the following issues: - CVE-2025-32049: denial of service attack to websocket server bsc1240751. - CVE-2026-1467: lack of input sanitization can lead to unintended or unauthorized HTTP requests bsc1257398. - CVE-2026-1539: proxy authentication credentials leaked via...

9.1CVSS6AI score0.00728EPSS
Exploits2References15
OSV
OSV
added 2026/03/04 9:41 a.m.5 views

SUSE-SU-2026:20644-1 Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise kernel 6.12.0-160000.5.1 fixes various security issues The following security issues were fixed: - CVE-2025-38352: posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel bsc1249205. - CVE-2025-39698: iouring/futex: ensure iofutexwait...

8.8CVSS6.6AI score0.01345EPSS
Exploits8References13
OSV
OSV
added 2026/02/28 12:44 p.m.5 views

OESA-2026-1449 libsoup security update

libsoup is an HTTP client/server library for GNOME. It uses GObjects and the glib main loop, to integrate well with GNOME applications, and also has a synchronous API, for use in threaded applications. Security Fixes: A flaw was found in SoupServer. This HTTP request smuggling vulnerability occur...

9.1CVSS5.9AI score0.00423EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2026/02/27 3:11 p.m.6 views

Security update for libsoup

This update for libsoup fixes the following issues: CVE-2025-32049: denial of Service attack to websocket server bsc1240751. CVE-2026-2369: buffer overread due to integer underflow when handling zero-length resources bsc1258120. CVE-2026-2443: out-of-bounds read when processing specially crafted...

8.3CVSS6.1AI score0.00728EPSS
Exploits1References16
Hacker One
Hacker One
added 2026/02/26 10:53 a.m.14 views

curl: RTSP RTP Interleaved Parser Assertion Failure (Zero-Length RTP Payload)

Summary: I am submitting this as a security issue primarily due to how it was discovered and that it's my first Curl submission, but I suspect I might be overly cautious here. This issue was discovered as part of the AIXCC competition, and I am assisting on reporting true positive findings to...

5.9AI score
Exploits0
OSV
OSV
added 2026/02/19 9:19 a.m.1 views

SUSE-SU-2026:20517-1 Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise kernel 6.4.0-32.1 fixes various security issues The following security issues were fixed: - CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in findhwthreadmask bsc1249480. - CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length...

5.5CVSS6.1AI score0.00184EPSS
Exploits0References7
OSV
OSV
added 2026/02/19 9:19 a.m.3 views

SUSE-SU-2026:20516-1 Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise kernel 6.4.0-34.1 fixes various security issues The following security issues were fixed: - CVE-2025-38352: posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel bsc1249205. - CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero ...

7.4CVSS5.8AI score0.01345EPSS
Exploits8References11
OSV
OSV
added 2026/02/19 9:17 a.m.1 views

SUSE-SU-2026:20457-1 Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise kernel 6.4.0-30.1 fixes various security issues The following security issues were fixed: - CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access bsc1249455. - CVE-2025-38352: posix-cpu-timers: fix race between handleposixcputimers an...

7.4CVSS6.5AI score0.01345EPSS
Exploits8References13
OSV
OSV
added 2026/02/19 9:17 a.m.2 views

SUSE-SU-2026:20468-1 Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise kernel 6.4.0-35.1 fixes various security issues The following security issues were fixed: - CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum bsc1253473. - CVE-2025-40186: tcp: Don't call reqskfastopenremove in tcpconnrequest...

5.8AI score0.00184EPSS
Exploits0References5
OSV
OSV
added 2026/02/19 9:17 a.m.7 views

SUSE-SU-2026:20501-1 Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise kernel 6.4.0-28.1 fixes various security issues The following security issues were fixed: - CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access bsc1249455. - CVE-2025-38352: posix-cpu-timers: fix race between handleposixcputimers an...

7.4CVSS5.8AI score0.01345EPSS
Exploits8References11
OSV
OSV
added 2026/02/19 9:17 a.m.3 views

SUSE-SU-2026:20467-1 Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise kernel 6.4.0-34.1 fixes various security issues The following security issues were fixed: - CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum bsc1253473. - CVE-2025-40186: tcp: Don't call reqskfastopenremove in tcpconnrequest...

5.8AI score0.00184EPSS
Exploits0References5
OSV
OSV
added 2026/02/19 9:17 a.m.2 views

SUSE-SU-2026:20461-1 Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise kernel 6.4.0-25.1 fixes various security issues The following security issues were fixed: - CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access bsc1249455. - CVE-2025-38352: posix-cpu-timers: fix race between handleposixcputimers an...

7.4CVSS6.4AI score0.01345EPSS
Exploits8References11
NVD
NVD
added 2026/02/19 7:17 a.m.6 views

CVE-2026-2681

A flaw was found in the blst cryptographic library. This out-of-bounds stack write vulnerability, specifically in the blstsha256bcopy assembly routine, occurs due to a missing zero-length guard. A remote attacker can exploit this by providing a zero-length salt parameter to key generation...

5.3CVSS0.00301EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/19 6:58 a.m.28 views

CVE-2026-2681 Github.com/supranational/blst: blst cryptographic library: denial of service via out-of-bounds stack write in key generation

A flaw was found in the blst cryptographic library. This out-of-bounds stack write vulnerability, specifically in the blstsha256bcopy assembly routine, occurs due to a missing zero-length guard. A remote attacker can exploit this by providing a zero-length salt parameter to key generation...

5.3CVSS0.00301EPSS
Exploits0References2
CVE
CVE
added 2026/02/19 6:58 a.m.10 views

CVE-2026-2681

The CVE-2026-2681 entry concerns the blst cryptographic library. The vulnerability is an out-of-bounds stack write in the blst_sha256_bcopy assembly routine caused by a missing zero-length guard. A remote attacker could exploit this by supplying a zero-length salt to key generation functions (e.g...

5.3CVSS5.6AI score0.00301EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/19 6:58 a.m.4 views

CVE-2026-2681 Github.com/supranational/blst: blst cryptographic library: denial of service via out-of-bounds stack write in key generation

A flaw was found in the blst cryptographic library. This out-of-bounds stack write vulnerability, specifically in the blstsha256bcopy assembly routine, occurs due to a missing zero-length guard. A remote attacker can exploit this by providing a zero-length salt parameter to key generation...

5.3CVSS5.6AI score0.00301EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.6 views

blst 安全漏洞

Blst is a Supranational open-source signature library. Blst has a security vulnerability, which stems from the lack of zero-length protection in the blstsha256bcopy assembly routine. This vulnerability may lead to memory corruption and denial-of-service attacks...

5.3CVSS5.8AI score0.00301EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.7 views

PT-2026-20648

A flaw was found in the blst cryptographic library. This out-of-bounds stack write vulnerability, specifically in the blst sha256 bcopy assembly routine, occurs due to a missing zero-length guard. A remote attacker can exploit this by providing a zero-length salt parameter to key generation...

5.3CVSS5.6AI score0.00301EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/02/18 4:52 p.m.7 views

CVE-2026-2681

A flaw was found in the blst cryptographic library. This out-of-bounds stack write vulnerability, specifically in the blstsha256bcopy assembly routine, occurs due to a missing zero-length guard. A remote attacker can exploit this by providing a zero-length salt parameter to key generation...

5.3CVSS5.3AI score0.00301EPSS
Exploits0References3
Rows per page
Query Builder