Lucene search
+L

117 matches found

osv
osv
added 2026/07/07 7:43 p.m.7 views

CVE-2026-58469 GNU Wget 1.25.0 Heap Buffer Underread via Metalink URL Parsing

GNU Wget through 1.25.0, fixed in commit 37a40fc, contains a heap buffer underread vulnerability in the cleanmetalinkstring function within src/metalink.c that allows a malicious server to trigger memory corruption by serving a Metalink document containing a whitespace-only URL. Attackers can cau...

8.7CVSS6.2AI score0.00351EPSS
Exploits0References5
rocky
rocky
added 2026/07/05 12:5 p.m.9 views

coreutils security update

An update is available for coreutils. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The coreutils packages contain the GNU Core Utilities and represent a...

4.4CVSS6AI score0.00224EPSS
Exploits0
redhat
redhat
added 2026/06/29 3:32 p.m.7 views

Moderate: Red Hat Security Advisory: coreutils security update

An update for coreutils is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

4.4CVSS5.8AI score0.00224EPSS
Exploits0References2
osv
osv
added 2026/05/22 1:18 p.m.8 views

OESA-2026-2410 glibc security update

The GNU C Library project provides the core libraries for the GNU system and GNU/Linux systems, as well as many other systems that use Linux as the kernel. These libraries provide critical APIs including ISO C11, POSIX.1-2008, BSD, OS-specific APIs and more. These APIs include such foundational...

9.8CVSS5.9AI score0.00502EPSS
Exploits2References3
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in htmldoc

A buffer under-reading issue based on stacks in the htmldoc before version 1.9.12 allows attackers to cause a denial of service by using a crafted BMP image with the imageloadbmp function...

5.5CVSS5.7AI score0.00871EPSS
Exploits1References1
osv
osv
added 2026/05/06 2:45 p.m.9 views

BIT-JAVA-MIN-2025-32415

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used...

7.5CVSS6.8AI score0.00559EPSS
Exploits1References3
nessus
nessus
added 2026/04/21 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-5928

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Calling the ungetwc function on a FILE stream with wide characters encoded in a character set that has overlaps between its single byte and multi-byte character...

7.5CVSS6AI score0.00369EPSS
Exploits1References4
euvd
euvd
added 2026/04/20 9:31 p.m.12 views

EUVD-2026-23980

Calling the ungetwc function on a FILE stream with wide characters encoded in a character set that has overlaps between its single byte and multi-byte character encodings, in the GNU C Library version 2.43 or earlier, may result in an attempt to read bytes before an allocated buffer, potentially...

6AI score0.00369EPSS
Exploits1References2
nvd
nvd
added 2026/04/20 9:16 p.m.4 views

CVE-2026-5928

Calling the ungetwc function on a FILE stream with wide characters encoded in a character set that has overlaps between its single byte and multi-byte character encodings, in the GNU C Library version 2.43 or earlier, may result in an attempt to read bytes before an allocated buffer, potentially...

7.5CVSS0.00369EPSS
Exploits1References2
debiancve
debiancve
added 2026/04/20 8:37 p.m.9 views

CVE-2026-5928

Calling the ungetwc function on a FILE stream with wide characters encoded in a character set that has overlaps between its single byte and multi-byte character encodings, in the GNU C Library version 2.43 or earlier, may result in an attempt to read bytes before an allocated buffer, potentially...

7.5CVSS5.5AI score0.00369EPSS
Exploits1
attackerkb
attackerkb
added 2026/04/20 8:37 p.m.6 views

CVE-2026-5928

Calling the ungetwc function on a FILE stream with wide characters encoded in a character set that has overlaps between its single byte and multi-byte character encodings, in the GNU C Library version 2.43 or earlier, may result in an attempt to read bytes before an allocated buffer, potentially...

6AI score0.00369EPSS
Exploits1References2Affected Software1
cve
cve
added 2026/04/20 8:37 p.m.46 views

CVE-2026-5928

CVE-2026-5928 affects glibc’s ungetwc on FILE streams with wide characters where overlaps between single-byte and multi-byte encodings occur, in version 2.43 or earlier. A bug in the wide character pushback (_IO_wdefault_pbackfail) causes ungetwc() to operate on the regular input buffer (fp->_...

7.5CVSS6AI score0.00369EPSS
Exploits1References2Affected Software1
cvelist
cvelist
added 2026/04/20 8:37 p.m.36 views

CVE-2026-5928 Potential buffer under-read in ungetwc

Calling the ungetwc function on a FILE stream with wide characters encoded in a character set that has overlaps between its single byte and multi-byte character encodings, in the GNU C Library version 2.43 or earlier, may result in an attempt to read bytes before an allocated buffer, potentially...

0.00369EPSS
Exploits1References1
osv
osv
added 2026/04/20 8:37 p.m.2 views

CVE-2026-5928 Potential buffer under-read in ungetwc

Calling the ungetwc function on a FILE stream with wide characters encoded in a character set that has overlaps between its single byte and multi-byte character encodings, in the GNU C Library version 2.43 or earlier, may result in an attempt to read bytes before an allocated buffer, potentially...

7.5CVSS6.1AI score0.00369EPSS
Exploits1References4
ptsecurity
ptsecurity
added 2026/04/20 12:0 a.m.20 views

PT-2026-33852

Name of the Vulnerable Software and Affected Versions gnu C Library versions prior to 2.44 Description Calling the ungetwc function on a FILE stream with wide characters encoded in a character set with overlaps between single byte and multi-byte character encodings can lead to an attempt to read...

9.8CVSS5.3AI score0.00502EPSS
Exploits2References35
redhat
redhat
added 2026/04/10 7:54 p.m.3 views

glib: Buffer Under-read on GLib through glib/gfileutils.c via get_tmp_file()

A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potentially perform path traversal or access private temporary file content by creating symbolic links. This vulnerability allows a local attacker to...

3.7CVSS6AI score0.0037EPSS
Exploits0References5
nessus
nessus
added 2026/03/17 12:0 a.m.6 views

EulerOS Virtualization 2.12.1 : coreutils (EulerOS-SA-2026-1420)

According to the versions of the coreutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program ma...

4.4CVSS5.9AI score0.00224EPSS
Exploits0References2
nessus
nessus
added 2026/01/31 12:0 a.m.4 views

EulerOS Virtualization 2.10.0 : glib2 (EulerOS-SA-2026-1166)

According to the versions of the glib2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an...

5.2CVSS6AI score0.00756EPSS
Exploits1References5
mageia
mageia
added 2026/01/28 10:42 p.m.63 views

Updated glib2.0 packages fix security vulnerabilities

Glib prior to 2.82.5 is vulnerable to integer overflow and buffer under-read when parsing a very long invalid iso 8601 timestamp with gdatetimenewfromiso8601. CVE-2025-3360 Buffer under-read on glib through glib/gfileutils.c via gettmpfile. CVE-2025-7039 Integer overflow in gescapeuristring...

9.8CVSS7AI score0.00767EPSS
Exploits1References2
osv
osv
added 2026/01/28 10:42 p.m.5 views

MGASA-2026-0023 Updated glib2.0 packages fix security vulnerabilities

Glib prior to 2.82.5 is vulnerable to integer overflow and buffer under-read when parsing a very long invalid iso 8601 timestamp with gdatetimenewfromiso8601. CVE-2025-3360 Buffer under-read on glib through glib/gfileutils.c via gettmpfile. CVE-2025-7039 Integer overflow in gescapeuristring...

9.8CVSS6.8AI score0.00767EPSS
Exploits1References3
Rows per page
Query Builder