Lucene search
+L

272 matches found

osv
osv
added 2026/05/06 11:27 a.m.2 views

CVE-2026-43129 ima: verify the previous kernel's IMA buffer lies in addressable RAM

In the Linux kernel, the following vulnerability has been resolved: ima: verify the previous kernel's IMA buffer lies in addressable RAM Patch series "Address page fault in imarestoremeasurementlist", v3. When the second-stage kernel is booted via kexec with a limiting command line such as "mem="...

5.5CVSS6.1AI score0.00122EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2026/05/06 12:0 a.m.10 views

PT-2026-37612

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix possible dereference of uninitialized pointer There is a pointer head page in rb meta validate events which is not initialized at the beginning of a function. This pointer can be dereferenced if there is a failur...

5.7AI score0.00115EPSS
Exploits0References4
attackerkb
attackerkb
added 2026/04/22 8:15 a.m.5 views

CVE-2026-31433

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial OOB in getfileallinfo for compound requests When a compound request consists of QUERYDIRECTORY + QUERYINFO FILEALLINFORMATION and the first command consumes nearly the entire maxtranssize, getfileallinfo woul...

5.8AI score0.006EPSS
Exploits0References8Affected Software1
osv
osv
added 2026/04/22 8:15 a.m.1 views

CVE-2026-31433 ksmbd: fix potencial OOB in get_file_all_info() for compound requests

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial OOB in getfileallinfo for compound requests When a compound request consists of QUERYDIRECTORY + QUERYINFO FILEALLINFORMATION and the first command consumes nearly the entire maxtranssize, getfileallinfo woul...

8.8CVSS6.8AI score0.006EPSS
Exploits0References10
debiancve
debiancve
added 2026/04/21 6:4 p.m.4 views

CVE-2026-40614

PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is a buffer overflow when decoding Opus audio frames due to insufficient buffer size validation in the Opus codec decode path. The FEC decode buffers decframe.buf were allocated based on a...

8.8CVSS5.8AI score0.00224EPSS
Exploits0
nvd
nvd
added 2026/04/18 12:16 a.m.4 views

CVE-2026-40335

libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read in ptpunpackDPV in camlibs/ptp2/ptp-pack.c lines 622–629. The UINT128 and INT128 cases advance offset += 16 without verifying that 16 bytes remain in the buffer. The entry check at li...

5.2CVSS0.00198EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/04/18 12:0 a.m.11 views

libgphoto2 安全漏洞

libgphoto2 is an open-source camera access and control library developed by gPhoto. Versions of libgphoto2 prior to 2.5.33 contained security vulnerabilities. These vulnerabilities stemmed from the ptpunpackSonyDPD function in the camlibs/ptp2/ptp-pack.c file, which did not validate the remaining...

5.2CVSS5.9AI score0.00198EPSS
Exploits0References1
nvd
nvd
added 2026/04/11 1:16 a.m.11 views

CVE-2026-5494

Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Labcenter Electronics Proteus. User interaction is required to exploit this vulnerability in...

7.8CVSS0.00284EPSS
Exploits0References1
cve
cve
added 2026/04/11 12:13 a.m.45 views

CVE-2026-5495

Labcenter Proteus PDSPRJ file parsing vulnerability (CVE-2026-5495) is an out-of-bounds write leading to remote code execution. Affected software: Labcenter Proteus; vulnerability resides in PDSPRJ file processing due to insufficient input validation, allowing code execution in the process contex...

7.8CVSS7.6AI score0.00265EPSS
Exploits0References1Affected Software1
euvd
euvd
added 2026/04/06 6:33 p.m.4 views

EUVD-2026-19327

Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validation...

7.8CVSS6AI score0.00113EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/04/06 3:33 p.m.4 views

CVE-2026-21371 Buffer Over-read in WinBlast Driver

Memory Corruption when retrieving output buffer with insufficient size validation...

7.8CVSS6AI score0.00096EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/04/06 12:0 a.m.8 views

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. There are security vulnerabilities in Qualcomm Chipsets, which stem from insufficient buffer size validation when processing commands for auxiliary sensor input/output control, potentially leading t...

7.8CVSS5.9AI score0.00113EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/04/06 12:0 a.m.12 views

PT-2026-30644

Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validation...

7.8CVSS6AI score0.00113EPSS
Exploits0References2
nvd
nvd
added 2026/04/03 2:16 p.m.8 views

CVE-2026-23424

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Validate command buffer payload count The count field in the command header is used to determine the valid payload size. Verify that the valid payload does not exceed the remaining buffer space...

7.1CVSS0.00118EPSS
Exploits0References3
nvd
nvd
added 2026/03/16 2:19 p.m.5 views

CVE-2026-2922

GStreamer RealMedia Demuxer Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...

7.8CVSS0.00431EPSS
Exploits0References11
osv
osv
added 2026/03/16 2:19 p.m.6 views

UBUNTU-CVE-2026-3086

GStreamer H.266 Codec Parser Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...

7.8CVSS6.2AI score0.00421EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/02/27 12:0 a.m.10 views

PT-2026-22391

Name of the Vulnerable Software and Affected Versions pillow heif versions prior to 1.3.0 Description An integer overflow in the encode path buffer validation within pillow heif.c allows an attacker to bypass bounds checks by providing large image dimensions. This can lead to a heap out-of-bounds...

6.9CVSS6.1AI score0.00632EPSS
Exploits1References7
osv
osv
added 2026/02/26 8:53 a.m.5 views

BIT-VALKEY-2026-21863 Malformed Valkey Cluster bus message can lead to Remote DoS

Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious actor with access to the Valkey clusterbus port can send an invalid packet that may cause an out bound read, which might result in the system crashing. The Valkey clusterbus packet processin...

7.5CVSS5.9AI score0.00552EPSS
Exploits0References9
cnnvd
cnnvd
added 2026/02/21 12:0 a.m.12 views

SAIL 安全漏洞

SAIL is an open-source image decoding library developed by SAIL. SAIL has a security vulnerability that stems from the XWD parser’s use of the bytesperline value. This value is read directly from the file and used as the reading size, but it is not compared with the actual size of the target...

9.8CVSS6AI score0.00397EPSS
Exploits1References1
nessus
nessus
added 2026/02/16 12:0 a.m.5 views

Siemens SIMATIC S7-1500 Out-of-bounds Read (CVE-2025-39787)

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: mdtloader: Ensure we don't read past the ELF header When the MDT loader is used in remoteproc, the ELF header is sanitized beforehand, but that's not necessary the case for other clients. Validate the size of the...

5.5CVSS5.5AI score0.00148EPSS
Exploits0References2
Rows per page
Query Builder