Lucene search
K

23214 matches found

CVE
CVE
added 2 hours ago6 views

CVE-2026-58380

GIMP contains a vulnerability in its PNM file format parser where the function pnmscanner_gettoken() writes a null terminator one byte past the end of a stack-allocated buffer due to an off-by-one loop boundary check. This memory corruption could lead to denial of service or arbitrary code execut...

7.3CVSS
Exploits0References4
RedHat Linux
RedHat Linux
added 11 hours ago4 views

kernel: ALSA: aloop: Fix peer runtime UAF during format-change stop

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture aloop driver. This Use-After-Free UAF vulnerability occurs when loopbackcheckformat stops the capture side during a format change, while a concurrent close operation detaches or frees the runtime. An attacker could...

7.8CVSS6.2AI score0.00103EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 11 hours ago3 views

kernel: ALSA: aloop: Fix peer runtime UAF during format-change stop

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture aloop driver. This Use-After-Free UAF vulnerability occurs when loopbackcheckformat stops the capture side during a format change, while a concurrent close operation detaches or frees the runtime. An attacker could...

7.8CVSS6.2AI score0.00103EPSS
Exploits0References5
OSV
OSV
added yesterday5 views

ROOT-OS-DEBIAN-11-CVE-2024-42230 CVE-2024-42230 in rootio-linux - Patched by Root

Root has patched CVE-2024-42230 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

4.4CVSS6.8AI score0.00205EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 3 days ago4 views

CVE-2026-22547

Gitea versions before 1.25.5 lack validation constraints for repository creation fields, including length-limited template fields and trust model or object format values...

5.9AI score0.00168EPSS
Exploits0References5
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-41616

Gitea versions before 1.25.5 lack validation constraints for repository creation fields, including length-limited template fields and trust model or object format values...

5.9AI score0.00168EPSS
Exploits0References4
CVE
CVE
added 3 days ago9 views

CVE-2026-58379

The CVE-2026-58379 vulnerability affects GIMP 's Paint Shop Pro (PSP) file format parser. It is a heap buffer overflow caused by incorrect buffer size calculations when processing low bit-depth PSP images , which can lead to arbitrary code execution or DoS when a user opens a crafted image. The p...

7.3CVSS6.7AI score0.00233EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 3 days ago6 views

CVE-2026-20243

A flaw was found in ClamAV's ALZ file format parser. An unauthenticated, remote attacker can exploit this vulnerability by submitting a specially crafted ALZ Archived Link Zipped file for scanning. This improper handling of ALZ files can lead to memory corruption, causing the ClamAV scanning...

7.5CVSS5.9AI score0.00389EPSS
Exploits0References4
Nuclei
Nuclei
added 3 days ago21 views

osTicket - Arbitrary File Read

Enhancesoft osTicket versions 1.18.x prior to 1.18.3 and 1.17.x prior to 1.17.7 contain an arbitrary file read vulnerability in the ticket PDF export functionality. A remote attacker can submit a ticket containing crafted rich-text HTML that includes PHP filter expressions which are insufficientl...

8.7CVSS6.3AI score0.73125EPSS
Exploits3References3
RedhatCVE
RedhatCVE
added 3 days ago7 views

CVE-2026-20244

A flaw was found in ClamAV's DMG file format parser. An unauthenticated, remote attacker can exploit this vulnerability by submitting a specially crafted DMG file for scanning. Improper boundary checks during the scanning process can lead to an integer overflow, primarily affecting 32-bit...

7.5CVSS7AI score0.00389EPSS
Exploits0References4
EUVD
EUVD
added 3 days ago8 views

EUVD-2026-41545

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an use of externally-controlled format string vulnerability. A high privileg...

5.5CVSS6AI score0.00238EPSS
Exploits0References1
CVE
CVE
added 3 days ago11 views

CVE-2026-46465

Dell PowerProtect Data Domain (versions 7.7.1.0 through 8.7; LTS2026 8.6.1.0–8.6.1.10; LTS2025 8.3.1.0–8.3.1.30; LTS2024 7.13.1.0–7.13.1.70) contains an externally-controlled format string vulnerability. A high-privilege attacker with remote access could exploit this over the network, potentially...

5.5CVSS6AI score0.00238EPSS
Exploits0References1
CVE
CVE
added 4 days ago11 views

CVE-2026-50722

Libreswan is affected by CVE-2026-50722 through RSA_authenticate_hash_signature_pkcs1_1_5_rsa, which fails to properly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload uses RSASSA-PKCS1-v1_5 (RFC 8017). This enables a remote attacker to perform a Bleichenbacher-like variati...

8.1CVSS6.3AI score0.0033EPSS
Exploits0References4
EUVD
EUVD
added 4 days ago14 views

EUVD-2026-33432

golang.org/x/image/tiff has excessive resource consumption in PackBits decompression...

7.5CVSS5.8AI score0.00353EPSS
Exploits0References6
OSV
OSV
added 4 days ago4 views

DEBIAN-CVE-2026-58381

A flaw was found in GIMP's PSP file format parser. A double-free condition occurs in the readlayerblock function when processing a specially crafted PSP file. This could allow an attacker to cause memory corruption, potentially leading to denial of service or arbitrary code execution...

6.1CVSS6.2AI score0.00118EPSS
Exploits0References1
CVE
CVE
added 4 days ago11 views

CVE-2026-58381

CVE-2026-58381 affects GIMP's PSP file format parser. A double-free in read_layer_block() when processing a specially crafted PSP file can cause memory corruption, potentially leading to denial of service or arbitrary code execution. The provided data includes a CVSSv3.1 vector (AV:L/AC:L/PR:L/UI...

6.1CVSS6.1AI score0.00118EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 4 days ago5 views

CVE-2026-58381

A flaw was found in GIMP's PSP file format parser. A double-free condition occurs in the readlayerblock function when processing a specially crafted PSP file. This could allow an attacker to cause memory corruption, potentially leading to denial of service or arbitrary code execution...

6.1CVSS6.1AI score0.00118EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 5 days ago5 views

kernel: ALSA: aloop: Fix peer runtime UAF during format-change stop

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture aloop driver. This Use-After-Free UAF vulnerability occurs when loopbackcheckformat stops the capture side during a format change, while a concurrent close operation detaches or frees the runtime. An attacker could...

7.8CVSS6.8AI score0.00103EPSS
Exploits0References5
NVD
NVD
added 5 days ago5 views

CVE-2026-53466

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, an integer overflow in the XCF decoder can result in an out of bounds read when a crafted image is read, potentially resulting in a crash. This issue has been...

6.5CVSS0.0022EPSS
Exploits0References1
EUVD
EUVD
added 5 days ago5 views

EUVD-2022-49113

Open Babel has out-of-bounds write in MSI translationVectors...

9.8CVSS6.8AI score0.00863EPSS
Exploits1References5
Rows per page
Query Builder