Lucene search
K

84 matches found

OSV
OSV
added 2026/06/28 2:16 a.m.4 views

UBUNTU-CVE-2026-58050

libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response and uses it in the allocation numattrs sizeoflibssh2publickeyattribute without bounds checking, so on 32-bit platforms the multiplication overflows to an undersized buffer. A malicious S...

8.3CVSS6AI score0.00333EPSS
Exploits0References7
OSV
OSV
added 2026/06/28 1:32 a.m.4 views

CVE-2026-58050 libssh2 - Integer Overflow in publickey Subsystem Attribute Allocation

libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response and uses it in the allocation numattrs sizeoflibssh2publickeyattribute without bounds checking, so on 32-bit platforms the multiplication overflows to an undersized buffer. A malicious S...

8.3CVSS7.2AI score0.00333EPSS
Exploits0References5
Rockylinux
Rockylinux
added 2026/06/24 12:1 p.m.8 views

libpq security update

An update is available for libpq. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libpq package provides the PostgreSQL client library, which allows client...

8.8CVSS5.9AI score0.00668EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.14 views

PT-2026-51028

Name of the Vulnerable Software and Affected Versions libde265 versions prior to 1.1.0 Description An open source implementation of the h.265 video codec contains a signed integer overflow in the de265 image get buffer function. This occurs when processing a crafted H.265 bitstream with 16-bit bi...

7.1CVSS5.9AI score0.00227EPSS
Exploits1References9
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

A issue was discovered in the drivers/usb/storage/eneub6250.c file for the ENE UB6250 reader driver within the Linux kernel, prior to version 6.2.5. An object could potentially extend beyond the end of an allocation...

5.5CVSS6.4AI score0.00282EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/19 12:0 a.m.10 views

SUSE SLED15 / SLES15 Security Update : postgresql17 (SUSE-SU-2026:1943-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1943-1 advisory. This update for postgresql17 fixes the following issues Update to version 17.10. Security issues: -...

8.8CVSS6.1AI score0.00668EPSS
Exploits0References33
OSV
OSV
added 2026/05/18 7:47 a.m.5 views

SUSE-SU-2026:1944-1 Security update for postgresql18

This update for postgresql18 fixes the following issues Update to version 18.4. Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard agains...

8.8CVSS6.1AI score0.00668EPSS
Exploits0References24
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.14 views

libsixel 安全漏洞

Libsixel is a software package developed by Hayaki Saito, which provides encoding/decoding implementations for DEC SIXEL graphics and other conversion programs. Versions of Libsixel 1.8.7-r1 and earlier contained security vulnerabilities. These vulnerabilities stemmed from a signed integer overfl...

7.8CVSS6.2AI score0.00104EPSS
Exploits0References1
OSV
OSV
added 2026/05/06 2:45 p.m.4 views

BIT-JAVA-2024-47606 GHSL-2024-166: GStreamer Integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemuxparsetheoraextension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a large unintended...

9.8CVSS7.4AI score0.01344EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.13 views

PT-2026-38023

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemux parse theora extension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a large unintended...

9.8CVSS7.5AI score0.01344EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/04/21 12:16 p.m.7 views

SUSE CVE-2026-41445

KissFFT before commit 8a8e66e contains an integer overflow vulnerability in the kissfftndralloc function in kissfftndr.c where the allocation size calculation dimOtherdimReal+2sizeofkissfftscalar overflows signed 32-bit integer arithmetic before being widened to sizet, causing malloc to allocate ...

8.8CVSS6AI score0.00288EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.5 views

PT-2026-33804

Name of the Vulnerable Software and Affected Versions KissFFT versions prior to commit 8a8e66e Description An integer overflow occurs in the kiss fftndr alloc function within kiss fftndr.c. The allocation size calculation dimOtherdimReal+2sizeofkiss fft scalar overflows signed 32-bit integer...

8.8CVSS6AI score0.00288EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2026/03/30 8:16 a.m.8 views

CVE-2026-5121

A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for...

9.8CVSS6.5AI score0.01073EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/26 8:0 p.m.24 views

CVE-2026-2271 Gimp: gimp: denial of service via crafted psp image file

A flaw was found in GIMP's PSP Paint Shop Pro file parser. A remote attacker could exploit an integer overflow vulnerability in the readcreatorblock function by providing a specially crafted PSP image file. This vulnerability occurs when a 32-bit length value from the file is used for memory...

3.3CVSS0.00494EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/02/24 6:35 a.m.7 views

CVE-2026-25794

A flaw was found in ImageMagick. When processing images with large dimensions, the WriteUHDRImage function in coders/uhdr.c uses integer arithmetic that can overflow. This overflow leads to an undersized memory allocation, followed by an out-of-bounds write. A remote attacker could exploit this...

8.2CVSS6AI score0.0042EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/24 12:0 a.m.7 views

CVE-2026-25794

ImageMagick is free and open-source software used for editing and manipulating digital images. WriteUHDRImage in coders/uhdr.c uses int arithmetic to compute the pixel buffer size. Prior to version 7.1.2-15, when image dimensions are large, the multiplication overflows 32-bit int, causing an...

8.2CVSS6AI score0.0042EPSS
Exploits0References3
OSV
OSV
added 2026/02/20 4:11 p.m.3 views

SUSE-SU-2026:20587-1 Security update for postgresql14

This update for postgresql14 fixes the following issues: Update to version 14.21. Security issues fixed: - CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. - CVE-2026-2004: intarray missing validation of type of input to selectivit...

8.8CVSS6.4AI score0.01208EPSS
Exploits3References13
OSV
OSV
added 2026/01/29 10:55 a.m.4 views

OPENSUSE-SU-2026:20130-1 Security update for postgresql16

This update for postgresql16 fixes the following issues: Security fixes: - CVE-2025-12817: Missing check for CREATE privileges on the schema in CREATE STATISTICS allowed table owners to create statistics in any schema, potentially leading to unexpected naming conflicts bsc1253332 - CVE-2025-12818...

5.9CVSS6.2AI score0.00332EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ptp: Added an upper bound on maxvclocks. The syzbot report indicated a WARNING regarding maxvclocksstore. This issue occurs when the argument max is too large for kcalloc to handle. The protection mechanism has been extended to...

5.9AI score0.00194EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.3 views

Astra Linux – Vulnerability in libde265

The Buffer Overflow vulnerability in libde265 v1.0.12 allows a local attacker to cause a denial of service by exceeding the maximum allocated size of 0x10000000000...

3.3CVSS6.1AI score0.00232EPSS
Exploits0References3
Rows per page
Query Builder