Lucene search
K

3761 matches found

CVE
CVE
added 7 hours ago6 views

CVE-2026-12244

NSD (the DNS server) is affected when configured as a secondary for a zone. A primary can crash NSD by sending an AXFR containing a DNS message with a specially crafted SVCB RR whose rdata size is 65512, which causes an (uint16_t) length to overflow while allocating space for the RR wrap (total s...

8.7CVSS5.9AI score
Exploits0References1
CVE
CVE
added yesterday4 views

CVE-2025-60474

GPAC MP4Box is affected by a buffer overflow in gf_media_import (in /media_tools/av_parsers.c) prior to version 26.02.0, enabling DoS via crafted input. Affected component is GPAC Project/MP4Box; remediation is to upgrade to 26.02.0 or later. Exploitation details are not provided in the available...

6.1AI score
Exploits0References5
Positive Technologies
Positive Technologies
added yesterday4 views

PT-2026-52133

Name of the Vulnerable Software and Affected Versions GPAC Project/MP4Box versions prior to 26.02.0 Description A buffer overflow exists in the gf media import function located in /media tools/av parsers.c. This flaw allows attackers to trigger a Denial of Service DoS by providing a specially...

6.2AI score
Exploits0References7
RedHat Linux
RedHat Linux
added 3 days ago6 views

libexpat: denial of service via crafted XML input

A flaw was found in libexpat. When processing a specially crafted XML input containing a specific pattern of attributes, the parsing time increases quadratically due to checks for attribute name collisions. This consumes excessive CPU resources and eventually results in a denial of service...

7.5CVSS5.8AI score0.00311EPSS
Exploits1References5
AstraLinux
AstraLinux
added 6 days ago4 views

Astra Linux – Vulnerability in openjpeg2

There is a flaw in OpenJPEG’s T2 encoder in versions prior to 2.4.0. An attacker who can provide crafted input for OpenJPEG to process may cause a null pointer dereferencing. The most significant impact of this flaw is the availability of the application...

5.5CVSS6.5AI score0.01443EPSS
Exploits0References2
AstraLinux
AstraLinux
added 6 days ago4 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: erofs: The issue of generating a order = MAXORDER warning due to an intentionally crafted negative isize has been fixed. As reported by syzbot 1, the root cause is that the isize field is a signed type, and a negative isize value...

5.5CVSS6.2AI score0.00146EPSS
Exploits0References2
AstraLinux
AstraLinux
added 6 days ago7 views

Astra Linux – Vulnerability in libxstream-java

XStream is a simple library for serializing objects to XML and back again. In affected versions, this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream, if the library is used in versions outside the box with...

8.5CVSS7.8AI score0.04494EPSS
Exploits1References1
AstraLinux
AstraLinux
added 6 days ago5 views

Astra Linux – Vulnerability in openimageio

There are multiple code execution vulnerabilities in the IFFOutput::close function of the OpenImageIO Project, specifically in OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to exploit these vulnerabilities...

8.1CVSS9.1AI score0.01922EPSS
Exploits1References2
AstraLinux
AstraLinux
added 6 days ago8 views

Astra Linux – Vulnerability in exiv2

There is a vulnerable assertion in the Internal::TiffReader::visitDirectory function in tiffvisitor.cpp of Exiv2 0.26, which can lead to a remote denial-of-service attack due to malicious input...

6.5CVSS6.6AI score0.02663EPSS
Exploits0References2
AstraLinux
AstraLinux
added 6 days ago7 views

Astra Linux – Vulnerability in imagemagick

In the IntensityCompare function in /magick/quantize.c, there are calls to PixelPacketIntensity, which may return overflowing values to the caller when ImageMagick processes a crafted input file. To address this issue, the patch introduces and utilizes the ConstrainPixelIntensity function. This...

4.3CVSS6.5AI score0.01124EPSS
Exploits1References2
AstraLinux
AstraLinux
added 6 days ago7 views

Astra Linux – Vulnerability in libxstream-java

XStream is a simple library for serializing objects to XML and back again. In affected versions, this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available, by manipulating the processed input stream with a Java runtime version 14 to 8. ...

8.5CVSS7.1AI score0.11468EPSS
Exploits2References1
AstraLinux
AstraLinux
added 6 days ago3 views

Astra Linux – Vulnerability in libde265

It was discovered that libde265 v1.0.10 contains a NULL pointer dereference in the ffhevcputhevcepelpixels8sse function located at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS attack through a crafted input file...

5.5CVSS6.3AI score0.00292EPSS
Exploits1References2
AstraLinux
AstraLinux
added 6 days ago4 views

Astra Linux – Vulnerability in openjpeg2

A flaw was discovered in OpenJPEG’s encoder. This flaw allows an attacker to provide specially crafted x,y offset inputs to OpenJPEG during encoding. The greatest threat of this vulnerability is to confidentiality, integrity, and system availability...

7.8CVSS7AI score0.01107EPSS
Exploits0References1
AstraLinux
AstraLinux
added 6 days ago4 views

Astra Linux – Vulnerability in imagemagick

A flaw was discovered in ImageMagick, specifically in the code file coders/bmp.c. An attacker who submits a crafted file processed by ImageMagick could trigger undefined behavior, resulting in values that are outside the range of the type unsigned int. This likely leads to a disruption in the...

4.3CVSS6.5AI score0.01124EPSS
Exploits1References2
AstraLinux
AstraLinux
added 6 days ago4 views

Astra Linux – Vulnerability in openimageio

There is an information disclosure vulnerability in the DPXOutput::close function of the OpenImageIO Project, specifically in OpenImageIO v2.4.4.2. A specially crafted ImageOutput object can lead to the leakage of heap data. An attacker can provide malicious input to trigger this vulnerability...

5.9CVSS7.3AI score0.01123EPSS
Exploits1References2
AstraLinux
AstraLinux
added 6 days ago11 views

Astra Linux – Vulnerability in openjpeg2

A flaw was discovered in OpenJPEG’s encoder, specifically in the opjdwtcalcexplicitstepsizes function. This flaw allows an attacker who can provide crafted inputs for the decomposition levels to cause a buffer overflow. The greatest threat of this vulnerability is to system availability...

5.5CVSS7.3AI score0.0161EPSS
Exploits0References2
AstraLinux
AstraLinux
added 6 days ago14 views

Astra Linux – Vulnerability in tar

A flaw was discovered in the src/list.c file of tar 1.33 and earlier. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The greatest threat posed by this vulnerability is to system availability...

4.3CVSS6.3AI score0.01092EPSS
Exploits0References2
AstraLinux
AstraLinux
added 6 days ago1 views

Astra Linux – Vulnerability in binutils

There is a flaw in binutils /opcodes/tic4x-dis.c. An attacker who can submit a crafted input file for processing by binutils could cause the use of uninitialized memory. The greatest threat is to the availability of the application, with a lower threat to data confidentiality. This flaw affects...

6.1CVSS6.7AI score0.01074EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/18 12:0 a.m.14 views

CVE-2026-38716

InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 including earlier versions were discovered to contain a command injection vulnerability in the Python application export function. This vulnerability allows remote attackers to execute arbitrary commands as root via a crafted input...

0.01316EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-12528

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in 389 Directory Server in the aclpnormalizeacltxt function of aclparse.c. A malformed ACI Access Control Instruction string can trigger...

5.4CVSS5.9AI score0.00231EPSS
Exploits0References3
Rows per page
Query Builder