Lucene search
K

3823 matches found

RedhatCVE
RedhatCVE
added 4 days ago8 views

CVE-2026-38076

A flaw was found in jbig2dec. An integer overflow vulnerability in the jbig2arithiaidctxnew function allows a remote attacker to cause a Denial of Service DoS by providing a specially crafted input. This can lead to the affected system becoming unresponsive or crashing, disrupting its normal...

7.5CVSS6.1AI score0.00432EPSS
Exploits0References6
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42767

An integer overflow in the jbig2arithiaidctxnew function of Artifex commit cc37d0 allows attackers to cause a Denial of Service DoS via a crafted input...

7.5CVSS6AI score0.00432EPSS
Exploits0References4
NVD
NVD
added 5 days ago9 views

CVE-2026-38076

An integer overflow in the jbig2arithiaidctxnew function of Artifex commit cc37d0 allows attackers to cause a Denial of Service DoS via a crafted input...

7.5CVSS0.00432EPSS
Exploits0References3
Cvelist
Cvelist
added 5 days ago29 views

CVE-2026-38076

An integer overflow in the jbig2arithiaidctxnew function of Artifex commit cc37d0 allows attackers to cause a Denial of Service DoS via a crafted input...

0.00432EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 5 days ago6 views

CVE-2026-38076

An integer overflow in the jbig2arithiaidctxnew function of Artifex commit cc37d0 allows attackers to cause a Denial of Service DoS via a crafted input...

7.5CVSS6AI score0.00432EPSS
Exploits0References4
CVE
CVE
added 5 days ago12 views

CVE-2026-38076

CVE-2026-38076 concerns an integer overflow in the Artifex jbig2dec code, specifically the function jbig2_arith_iaid_ctx_new() introduced in commit cc37d0. This overflow can be triggered by a crafted input to cause a Denial of Service (DoS) by making the affected system unresponsive or crash. The...

7.5CVSS6AI score0.00432EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/07/06 9:21 p.m.10 views

kernel: fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath

A flaw was found in the Linux kernel's CIFS Common Internet File System client. When the cifssanitizeprepath function processes specially crafted input, such as an empty string or a string containing only delimiters, it can attempt to read data beyond its allocated memory buffer. This out-of-boun...

8.8CVSS6.7AI score0.00352EPSS
Exploits0References5
OSV
OSV
added 2026/07/01 11:16 p.m.3 views

DEBIAN-CVE-2026-14401

Insufficient validation of untrusted input in ANGLE in Google Chrome on Android prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00237EPSS
Exploits0References1
OSV
OSV
added 2026/07/01 5:49 p.m.3 views

GHSA-RJ4C-R689-CM87 Open Babel has out-of-bounds write in ORCA nAtoms parser

Summary A memory-safety vulnerability in Open Babel's ORCA parser allowed an out-of-bounds write when reading a crafted input file. Details The flaw was in the nAtoms handling of the ORCA reader. A malformed input caused the parser to write past the end of its destination buffer. Impact Open Babe...

7.8CVSS7.1AI score0.00816EPSS
Exploits1References6
OSV
OSV
added 2026/07/01 5:48 p.m.2 views

GHSA-8QXC-57HF-HC9J Open Babel has uninitialized pointer dereference in PQS pFormat

Summary A memory-safety vulnerability in Open Babel's PQS parser caused an uninitialized pointer dereference when reading a crafted input file. Details The flaw was in the pFormat handling of the PQS reader. A malformed input caused the parser to dereference a format pointer that had never been...

7.8CVSS5.7AI score0.00843EPSS
Exploits1References6
OSV
OSV
added 2026/07/01 5:41 p.m.3 views

GHSA-55J6-RJHX-HWFH Open Babel has NULL pointer dereference in CACAO CacaoFormat::SetHilderbrandt

Summary A memory-safety vulnerability in Open Babel's CACAO parser caused a NULL pointer dereference when reading a crafted input file. Details The flaw was in CacaoFormat::SetHilderbrandt. A malformed input caused the parser to dereference a NULL pointer while applying the Hilderbrandt...

5.5CVSS5.8AI score0.00188EPSS
Exploits1References9
OSV
OSV
added 2026/07/01 5:39 p.m.2 views

GHSA-8WQ6-QH76-WPV9 Open Babel has heap buffer overflow in ChemKin ChemKinFormat::CheckSpecies

Summary A memory-safety vulnerability in Open Babel's ChemKin parser caused a heap buffer overflow when reading a crafted input file. Details The flaw was in ChemKinFormat::CheckSpecies. A malformed species record caused the parser to write past the end of a heap-allocated buffer. Impact Open Bab...

7.8CVSS6.5AI score0.00224EPSS
Exploits1References8
EUVD
EUVD
added 2026/07/01 5:21 p.m.6 views

EUVD-2026-41101

Improper Output Neutralization for Logs CWE-117 in Kibana can lead to log injection via Log Injection-Tampering-Forging CAPEC-93. An attacker can supply specially crafted input that is written to log files without proper neutralization. When the log files are subsequently viewed in a terminal tha...

8CVSS5.8AI score0.00201EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-13149

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - brace-expansion through 5.0.6 is vulnerable to denial of service. The expand function exhibits exponential-time complexity in the number of consecutive...

8.7CVSS6.2AI score0.00361EPSS
Exploits0References4
OSV
OSV
added 2026/06/30 6:47 p.m.4 views

GHSA-4W5W-4FHM-Q483 Open Babel has NULL pointer dereference in MOL2 OBAtom::SetFormalCharge

Summary A memory-safety vulnerability in Open Babel's MOL2 file format parser caused a NULL pointer dereference when reading a crafted input file. Details The flaw was in OBAtom::SetFormalCharge as called from the MOL2 parser. A malformed atom record caused the parser to call the method on a NULL...

5.5CVSS6.1AI score0.007EPSS
Exploits1References10
OSV
OSV
added 2026/06/30 10:16 a.m.11 views

UBUNTU-CVE-2026-13149

brace-expansion through 5.0.6 is vulnerable to denial of service. The expand function exhibits exponential-time complexity in the number of consecutive non-expanding '' brace groups. An attacker who passes a crafted string to expand, directly or transitively, can cause significant CPU consumption...

8.7CVSS5.7AI score0.00361EPSS
Exploits0References4
NVD
NVD
added 2026/06/30 9:16 a.m.11 views

CVE-2026-45822

decode-uri-component through 0.4.1 is vulnerable to denial of service. The decode function splits input on '%' producing N tokens and calls decodeComponents, exhibiting super-linear parsing time: 200 '%ab' tokens takes approximately 0.7s, 700 tokens approximately 6s, and 1400 tokens approximately...

8.7CVSS0.00304EPSS
Exploits0References3
OSV
OSV
added 2026/06/30 9:16 a.m.3 views

UBUNTU-CVE-2026-45822

decode-uri-component through 0.4.1 is vulnerable to denial of service. The decode function splits input on '%' producing N tokens and calls decodeComponents, exhibiting super-linear parsing time: 200 '%ab' tokens takes approximately 0.7s, 700 tokens approximately 6s, and 1400 tokens approximately...

8.7CVSS5.8AI score0.00304EPSS
Exploits0References5
OSV
OSV
added 2026/06/30 9:15 a.m.3 views

SUSE-SU-2026:2697-1 Security update for opensc

This update for opensc fixes the following issues - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. - CVE-2025-66037: crafted input can cause an out-of-bounds read bsc1261218. - CVE-2025-66038: improper compact-TLV length validation can lead to cra...

7.8CVSS6.2AI score0.00296EPSS
Exploits2References13
OSV
OSV
added 2026/06/30 9:4 a.m.4 views

SUSE-SU-2026:2693-1 Security update for podman

This update for podman fixes the following issues - CVE-2026-34986: github.com/go-jose/go-jose/v4,github.com/go-jose/go-jose/v3: crafted JWE input with a missing encrypted key can lead to a denial of service bsc1262856. - CVE-2026-39829,CVE-2026-39830,CVE-2026-42508,CVE-2026-46598:...

9.1CVSS6.7AI score0.00651EPSS
Exploits0References8
Rows per page
Query Builder