Lucene search
K

1707 matches found

NVD
NVD
added 2026/06/01 3:16 p.m.12 views

CVE-2025-60495

A segmentation violation in the gfmediagetcolorinfo function /mediatools/isomtools.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted data file...

5.5CVSS0.00133EPSS
Exploits0References5
OSV
OSV
added 2026/06/01 3:16 p.m.9 views

UBUNTU-CVE-2025-60495

A segmentation violation in the gfmediagetcolorinfo function /mediatools/isomtools.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted data file...

5.5CVSS5.8AI score0.00133EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/01 1:54 p.m.26 views

openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

A flaw was found in OpenSSL. A remote attacker could exploit this vulnerability by sending a specially crafted Cryptographic Message Syntax CMS EnvelopedData message. During the processing of a KeyTransportRecipientInfo with RSA-OAEP encryption, the system attempts to access an optional parameter...

7.5CVSS5.8AI score0.00805EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2026/06/01 12:0 a.m.9 views

CVE-2025-60495

A segmentation violation in the gfmediagetcolorinfo function /mediatools/isomtools.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted data file...

5.8AI score0.00133EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/01 12:0 a.m.11 views

EUVD-2025-210007

A segmentation violation in the gfmediagetcolorinfo function /mediatools/isomtools.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted data file...

5.5CVSS5.8AI score0.00133EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/01 12:0 a.m.30 views

CVE-2025-60495

A segmentation violation in the gfmediagetcolorinfo function /mediatools/isomtools.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted data file...

0.00133EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.15 views

PT-2026-45419

A segmentation violation in the gf media get color info function /media tools/isom tools.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted data file...

5.8AI score0.00133EPSS
Exploits0References5
CVE
CVE
added 2026/06/01 12:0 a.m.24 views

CVE-2025-60495

CVE-2025-60495 describes a segmentation violation in the gf_media_get_color_info function (located in /media_tools/isom_tools.c) of the GPAC Project/MP4Box tool, vulnerable when using versions before 26.02.0. Successful exploitation via a crafted data file can cause a Denial of Service (DoS). The...

5.5CVSS5.8AI score0.00133EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/01 12:0 a.m.32 views

CVE-2025-60481

A NULL pointer dereference in the gfodfac4cfgdsiv1 function /odf/descriptors.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted AC4 file...

0.00143EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/06/01 12:0 a.m.9 views

CVE-2025-60495

A segmentation violation in the gfmediagetcolorinfo function /mediatools/isomtools.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted data file...

5.5CVSS5.8AI score0.00133EPSS
Exploits0
Snyk
Snyk
added 2026/05/29 9:14 p.m.11 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the decoding process. An attacker can cause application crashes or bypass memory allocation limits by supplying specially crafted Avro data that exploits integer arithmetic errors during decoding...

8.7CVSS5.8AI score0.00397EPSS
Exploits0References2
Redos
Redos
added 2026/05/29 12:0 a.m.13 views

ROS-20260529-73-0025

The vulnerability of the JSONSCHEMAVALID function in the MariaDB database management system is related to buffer overflows in dynamic memory. Exploiting this vulnerability can allow an attacker to cause service interruptions and execute arbitrary code by sending a specially crafted JSON file...

9.9CVSS6.3AI score0.00856EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2026/05/28 3:20 p.m.14 views

CVE-2026-47761

TinyMCE is an open source rich text editor. Prior to 5.11.1, 7.9.3, and 8.5.1, there is a stored XSS vulnerability in the media plugin. Attackers can inject malicious scripts via crafted data-mce- attributes, which are executed when content is rendered. Impacts users of TinyMCE with the media...

8.7CVSS5.8AI score0.00264EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/05/26 5:16 p.m.9 views

UBUNTU-CVE-2026-48864

A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker-controlled compressed data within .solv files due to insufficient input validation. An attacker can provide a specially crafted .solv file, which, when processed by a vulnerable application, can lea...

7.8CVSS5.9AI score0.00205EPSS
Exploits1References4
EUVD
EUVD
added 2026/05/20 8:11 p.m.11 views

EUVD-2026-31193

A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of privileges and/or arbitrary code execution via an integer overflow in the hpcups processing path when handling crafted print data...

9.3CVSS6.3AI score0.01333EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/20 8:11 p.m.32 views

CVE-2026-8631 HP Linux Imaging and Printing Software – Potential Escalation of Privilege and Arbitrary Code Execution

A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of privileges and/or arbitrary code execution via an integer overflow in the hpcups processing path when handling crafted print data...

9.3CVSS0.01333EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/20 7:57 a.m.9 views

CVE-2026-26978

FreePBX is an open source IP PBX. In versions below 16.0.71 and 17.0.6, the backup module does not properly sanitize data during restore operations, potentially leading to compromise if the backup contains carefully crafted hostile data. During backup restore operations, FreePBX extracts selected...

8.6CVSS5.8AI score0.00896EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in libvirt

A “off-by-one” error flaw was discovered in the udevListInterfacesByStatus function in libvirt, where the number of interfaces exceeds the size of the names array. This issue can be reproduced by sending specially crafted data to the libvirt daemon, allowing an unprivileged client to perform a...

5.5CVSS6.5AI score0.00398EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in netcdf

A issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxmldecode performs incorrect memory handling during the parsing of crafted XML files, resulting in a heap out-of-bounds read...

6.5CVSS6.4AI score0.00937EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2026/05/19 4:26 p.m.12 views

jq: jq: Denial of Service via crafted JSON object causing hash collisions

A flaw was found in jq, a command-line JSON processor. A remote attacker could exploit this vulnerability by providing a specially crafted JSON object. This object leverages a weakness in jq's hashing algorithm, which uses a hardcoded, publicly known seed. By crafting the JSON object to cause has...

7.5CVSS5.8AI score0.00366EPSS
Exploits0References6
Rows per page
Query Builder