Lucene search
K

2482 matches found

Cvelist
Cvelist
added last week29 views

CVE-2026-42958 Use After Free in Labcenter Proteus

The application contains a use-after-free vulnerability that can be exploited to cause memory corruption while parsing specially crafted files. This could allow an attacker to execute arbitrary code in the context of the current process...

8.4CVSS0.00128EPSS
Exploits0References1
CVE
CVE
added last week9 views

CVE-2026-42958

CVE-2026-42958 affects Labcenter Proteus. A use-after-free vulnerability is triggered while parsing specially crafted files, leading to memory corruption and potentially arbitrary code execution in the context of the current process. The available data indicate local access with low complexity an...

8.4CVSS6.3AI score0.00128EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added last week8 views

CVE-2026-42958

The application contains a use-after-free vulnerability that can be exploited to cause memory corruption while parsing specially crafted files. This could allow an attacker to execute arbitrary code in the context of the current process...

8.4CVSS6.3AI score0.00128EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/07 12:0 a.m.4 views

PT-2026-56270

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A use-after-free issue occurs during the parsing of specially crafted files, which can lead to memory corruption. This flaw may allow an attacker to execute...

8.4CVSS6.3AI score0.00128EPSS
Exploits0References4
Snyk
Snyk
added 2026/07/06 8:42 p.m.4 views

Memory Allocation with Excessive Size Value

Overview Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value in the GdImageFile.open process. An attacker can cause excessive memory allocation by supplying a crafted .gd file that bypasses decompression bomb checks. Remediation Upgrade pillow to versio...

8.7CVSS6AI score0.00361EPSS
Exploits1References2
NVD
NVD
added 2026/07/06 7:17 p.m.8 views

CVE-2026-9182

Esri ArcGIS Server contains an unrestricted file upload vulnerability. An unauthenticated attacker could exploit this issue by uploading a crafted file to the affected endpoint. Successful exploitation could allow arbitrary file upload, potentially allowing for other attacks. This issue impacts a...

9.8CVSS0.00352EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/06 6:50 p.m.6 views

CVE-2026-55380

Pillow is a Python imaging library. Prior to 12.3.0, PIL/GdImageFile.py GdImageFile.open read image dimensions from the GD 2.x header and stored them in self.size without calling Image.decompressionbombcheck, allowing a crafted .gd file to trigger excessive C-heap allocation when loaded. This iss...

7.5CVSS6AI score0.00361EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2026/07/06 6:50 p.m.18 views

CVE-2026-55380

Pillow (Python imaging library) vulnerability: Prior to 12.3.0, in GdImageFile._open(), image dimensions were read from the GD 2.x header and stored in self._size without invoking Image._decompression_bomb_check(), allowing a crafted .gd file to trigger excessive C-heap allocation. Impact: potent...

7.5CVSS6AI score0.00361EPSS
Exploits1References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/07/06 3:10 p.m.5 views

CVE-2026-55180

A flaw was found in pnpm and pacquet. A malicious repository could exploit this vulnerability by crafting specific .npmrc or pnpm-workspace.yaml files. When these package managers process these files, they improperly expand environment variable placeholders, leading to the disclosure of sensitive...

6.5CVSS5.8AI score0.00212EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.7 views

PT-2026-55968

Name of the Vulnerable Software and Affected Versions ArcGIS Server versions prior to 12.0 Description An unrestricted file upload issue exists where an unauthenticated attacker can upload a crafted file to the affected endpoint. This could allow for arbitrary file upload, potentially enabling...

9.8CVSS6.2AI score0.00352EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/07/03 4:16 p.m.8 views

CVE-2026-20213

A flaw was found in ClamAV. An unauthenticated, remote attacker could exploit this vulnerability by submitting a specially crafted file containing Portable Executable PE content for scanning. This is due to improper boundary checks during the scanning process, which may lead to an out-of-bounds...

7.5CVSS6AI score0.00463EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/07/03 2:40 p.m.7 views

CVE-2026-20243

A flaw was found in ClamAV's ALZ file format parser. An unauthenticated, remote attacker can exploit this vulnerability by submitting a specially crafted ALZ Archived Link Zipped file for scanning. This improper handling of ALZ files can lead to memory corruption, causing the ClamAV scanning...

7.5CVSS5.9AI score0.00389EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/07/03 6:17 a.m.8 views

CVE-2026-20216

A flaw was found in ClamAV's InstallShield file format parser. An unauthenticated, remote attacker could exploit this vulnerability by submitting a specially crafted InstallShield file for scanning. This improper handling of temporary resources during file scanning could lead to the termination o...

7.5CVSS6AI score0.00389EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/07/03 3:26 a.m.7 views

SUSE CVE-2026-20214

A vulnerability in the FSG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in FSG...

7.5CVSS7.3AI score0.00463EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/07/03 3:25 a.m.7 views

SUSE CVE-2026-20243

A vulnerability in the ALZ file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in ALZ...

7.5CVSS7.3AI score0.00389EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/01 5:46 p.m.4 views

EUVD-2022-46468

Open Babel has out-of-bounds write in PQS coordfile parser...

9.8CVSS6.8AI score0.00843EPSS
Exploits1References5
OSV
OSV
added 2026/07/01 5:16 p.m.3 views

DEBIAN-CVE-2026-20213

A vulnerability in the PE file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in PE file...

7.5CVSS6AI score0.00463EPSS
Exploits0References1
NVD
NVD
added 2026/07/01 5:16 p.m.6 views

CVE-2026-20213

A vulnerability in the PE file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in PE file...

7.5CVSS0.00463EPSS
Exploits0References1
NVD
NVD
added 2026/07/01 5:16 p.m.6 views

CVE-2026-20214

A vulnerability in the FSG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in FSG...

7.5CVSS0.00463EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/01 4:28 p.m.6 views

CVE-2026-20217

A vulnerability in the PESpin file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in...

7.5CVSS6AI score0.00389EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder