Lucene search
K

3760 matches found

CVE
CVE
added 2 hours ago3 views

CVE-2026-12244

If NSD is configured as secondary for a zone, the primary of that zone can crash NSD with an AXFR containing a DNS message with a special crafted SVCB RR with an rdata size of 65512, that let's an uint16t variable that is used to allocate space needed for the RR wrap because total size 65535,...

8.7CVSS5.9AI score
Exploits0References1
CVE
CVE
added yesterday4 views

CVE-2025-60474

GPAC MP4Box is affected by a buffer overflow in gf_media_import (in /media_tools/av_parsers.c) prior to version 26.02.0, enabling DoS via crafted input. Affected component is GPAC Project/MP4Box; remediation is to upgrade to 26.02.0 or later. Exploitation details are not provided in the available...

6.1AI score
Exploits0References5
RedHat Linux
RedHat Linux
added 3 days ago6 views

libexpat: denial of service via crafted XML input

A flaw was found in libexpat. When processing a specially crafted XML input containing a specific pattern of attributes, the parsing time increases quadratically due to checks for attribute name collisions. This consumes excessive CPU resources and eventually results in a denial of service...

7.5CVSS5.8AI score0.00311EPSS
Exploits1References5
AstraLinux
AstraLinux
added 6 days ago4 views

Astra Linux – Vulnerability in openjpeg2

There is a flaw in OpenJPEG’s T2 encoder in versions prior to 2.4.0. An attacker who can provide crafted input for OpenJPEG to process may cause a null pointer dereferencing. The most significant impact of this flaw is the availability of the application...

5.5CVSS6.5AI score0.01443EPSS
Exploits0References2
AstraLinux
AstraLinux
added 6 days ago4 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: erofs: The issue of generating a order = MAXORDER warning due to an intentionally crafted negative isize has been fixed. As reported by syzbot 1, the root cause is that the isize field is a signed type, and a negative isize value...

5.5CVSS6.2AI score0.00146EPSS
Exploits0References2
AstraLinux
AstraLinux
added 6 days ago7 views

Astra Linux – Vulnerability in libxstream-java

XStream is a simple library for serializing objects to XML and back again. In affected versions, this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream, if the library is used in versions outside the box with...

8.5CVSS7.8AI score0.04494EPSS
Exploits1References1
AstraLinux
AstraLinux
added 6 days ago5 views

Astra Linux – Vulnerability in openimageio

There are multiple code execution vulnerabilities in the IFFOutput::close function of the OpenImageIO Project, specifically in OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to exploit these vulnerabilities...

8.1CVSS9.1AI score0.01922EPSS
Exploits1References2
AstraLinux
AstraLinux
added 6 days ago8 views

Astra Linux – Vulnerability in exiv2

There is a vulnerable assertion in the Internal::TiffReader::visitDirectory function in tiffvisitor.cpp of Exiv2 0.26, which can lead to a remote denial-of-service attack due to malicious input...

6.5CVSS6.6AI score0.02663EPSS
Exploits0References2
AstraLinux
AstraLinux
added 6 days ago14 views

Astra Linux – Vulnerability in tar

A flaw was discovered in the src/list.c file of tar 1.33 and earlier. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The greatest threat posed by this vulnerability is to system availability...

4.3CVSS6.3AI score0.01092EPSS
Exploits0References2
AstraLinux
AstraLinux
added 6 days ago7 views

Astra Linux – Vulnerability in imagemagick

In the IntensityCompare function in /magick/quantize.c, there are calls to PixelPacketIntensity, which may return overflowing values to the caller when ImageMagick processes a crafted input file. To address this issue, the patch introduces and utilizes the ConstrainPixelIntensity function. This...

4.3CVSS6.5AI score0.01124EPSS
Exploits1References2
AstraLinux
AstraLinux
added 6 days ago7 views

Astra Linux – Vulnerability in libxstream-java

XStream is a simple library for serializing objects to XML and back again. In affected versions, this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available, by manipulating the processed input stream with a Java runtime version 14 to 8. ...

8.5CVSS7.1AI score0.11468EPSS
Exploits2References1
AstraLinux
AstraLinux
added 6 days ago3 views

Astra Linux – Vulnerability in libde265

It was discovered that libde265 v1.0.10 contains a NULL pointer dereference in the ffhevcputhevcepelpixels8sse function located at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS attack through a crafted input file...

5.5CVSS6.3AI score0.00292EPSS
Exploits1References2
AstraLinux
AstraLinux
added 6 days ago4 views

Astra Linux – Vulnerability in openjpeg2

A flaw was discovered in OpenJPEG’s encoder. This flaw allows an attacker to provide specially crafted x,y offset inputs to OpenJPEG during encoding. The greatest threat of this vulnerability is to confidentiality, integrity, and system availability...

7.8CVSS7AI score0.01107EPSS
Exploits0References1
AstraLinux
AstraLinux
added 6 days ago4 views

Astra Linux – Vulnerability in imagemagick

A flaw was discovered in ImageMagick, specifically in the code file coders/bmp.c. An attacker who submits a crafted file processed by ImageMagick could trigger undefined behavior, resulting in values that are outside the range of the type unsigned int. This likely leads to a disruption in the...

4.3CVSS6.5AI score0.01124EPSS
Exploits1References2
AstraLinux
AstraLinux
added 6 days ago4 views

Astra Linux – Vulnerability in openimageio

There is an information disclosure vulnerability in the DPXOutput::close function of the OpenImageIO Project, specifically in OpenImageIO v2.4.4.2. A specially crafted ImageOutput object can lead to the leakage of heap data. An attacker can provide malicious input to trigger this vulnerability...

5.9CVSS7.3AI score0.01123EPSS
Exploits1References2
AstraLinux
AstraLinux
added 6 days ago11 views

Astra Linux – Vulnerability in openjpeg2

A flaw was discovered in OpenJPEG’s encoder, specifically in the opjdwtcalcexplicitstepsizes function. This flaw allows an attacker who can provide crafted inputs for the decomposition levels to cause a buffer overflow. The greatest threat of this vulnerability is to system availability...

5.5CVSS7.3AI score0.0161EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/18 12:0 a.m.14 views

CVE-2026-38716

InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 including earlier versions were discovered to contain a command injection vulnerability in the Python application export function. This vulnerability allows remote attackers to execute arbitrary commands as root via a crafted input...

0.01316EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-12528

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in 389 Directory Server in the aclpnormalizeacltxt function of aclparse.c. A malformed ACI Access Control Instruction string can trigger...

5.4CVSS5.9AI score0.00231EPSS
Exploits0References3
NVD
NVD
added 2026/06/15 8:16 p.m.7 views

CVE-2026-50874

An OS command injection vulnerability in the /manage/features/media component of kanishka-linux Reminiscence v0.3.0 allows attackers to execute arbitrary commands via supplying a crafted input...

8.1CVSS0.01119EPSS
Exploits0References1
Mageia
Mageia
added 2026/06/12 11:28 p.m.12 views

Updated expat packages fix security vulnerabilities

CVE-2026-45186 the computational complexity of attribute name collision checks allows a denial of service via moderately sized crafted XML input...

7.5CVSS5.2AI score0.00311EPSS
Exploits1References4
Rows per page
Query Builder