Lucene search
+L

63 matches found

vulnrichment
vulnrichment
added 2 days ago3 views

CVE-2026-50347 Windows Data.dll Remote Code Execution Vulnerability

...

7.8CVSS6.1AI score0.00444EPSS
Exploits0References1
cve
cve
added 2 days ago7 views

CVE-2026-50347

CVE-2026-50347 is a Windows Data.dll vulnerability characterized by a heap-based buffer overflow that allows an unauthorized, local attacker to execute code. The affected component is Windows Data.dll; the underlying issue is a heap overflow leading to remote-code-execution-style impact via local...

7.8CVSS6.2AI score0.00444EPSS
Exploits0References1
nessus
nessus
added 2026/06/13 12:0 a.m.74 views

Linux Distros Unpatched Vulnerability : CVE-2026-12143

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - form-data is a library for creating readable multipart/form-data streams. In versions through 4.0.5, the field argument to FormDataappend and the filename optio...

8.7CVSS6AI score0.00409EPSS
Exploits0References3
debiancve
debiancve
added 2026/06/12 6:1 p.m.8 views

CVE-2026-12143

form-data is a library for creating readable multipart/form-data streams. In versions through 4.0.5, the field argument to FormDataappend and the filename option are concatenated verbatim into the Content-Disposition header without escaping carriage return CR, line feed LF, or double-quote "...

8.7CVSS5.4AI score0.00409EPSS
Exploits0
ptsecurity
ptsecurity
added 2026/06/12 12:0 a.m.23 views

PT-2026-48950

Name of the Vulnerable Software and Affected Versions form-data versions prior to 2.5.6 form-data versions prior to 3.0.5 form-data versions prior to 4.0.6 Description The field argument to FormDataappend and the filename option are concatenated verbatim into the Content-Disposition header withou...

8.7CVSS5.2AI score0.00409EPSS
Exploits0References32
cgr
cgr
added 2026/06/08 7:18 p.m.13 views

CVE-2026-8087 vulnerabilities

Vulnerabilities for packages: gdal...

7.8CVSS5.8AI score0.00223EPSS
Exploits1
cvelist
cvelist
added 2026/05/27 1:39 a.m.36 views

CVE-2026-49014

In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...

7.4CVSS0.00102EPSS
Exploits0References1
cve
cve
added 2026/05/27 1:39 a.m.32 views

CVE-2026-49014

CVE-2026-49014 affects GDAL versions 3.1.0–3.13.0 via the netCDF driver. The vulnerability resides in scanForGeometryContainers (frmts/netcdf/netcdfsg.cpp), where a geometry attribute is read into a fixed-size stack buffer without validating its length, allowing a stack-based buffer overflow that...

7.8CVSS6.7AI score0.00102EPSS
Exploits0References1Affected Software1
debiancve
debiancve
added 2026/05/27 1:39 a.m.16 views

CVE-2026-49014

In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...

7.8CVSS6.7AI score0.00102EPSS
Exploits0
osv
osv
added 2026/05/27 1:39 a.m.2 views

CVE-2026-49014

In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...

7.4CVSS6.9AI score0.00102EPSS
Exploits0References3
astralinux
astralinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Gdal

In GDAL version 3.0.1 and later, there is a double-free in the poolDestroy function within OGRExpatRealloc in the ogr/ogrexpat.cpp file, which occurs when the 10MB threshold is exceeded...

9.8CVSS8.2AI score0.02577EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in node-form-data

The use of insufficiently random values in form-data allows for HTTP Parameter Pollution HPP. This vulnerability is associated with the program file lib/formdata.Js. This issue affects form-data versions: 2.5.4, 3.0.0 – 3.0.3, 4.0.0 – 4.0.3...

9.4CVSS6.4AI score0.01735EPSS
Exploits1References1
nvd
nvd
added 2026/05/09 11:16 p.m.65 views

CVE-2026-8212

A flaw has been found in OSGeo gdal up to 3.13.0dev-4. Affected by this vulnerability is the function SWSDfldsrch of the file frmts/hdf4/hdf-eos/SWapi.c. Executing a manipulation can lead to heap-based buffer overflow. The attack requires local access. The exploit has been published and may be...

5.5CVSS0.00205EPSS
Exploits1References8
pypa
pypa
added 2026/05/09 11:16 p.m.22 views

PYSEC-2026-4

A flaw has been found in OSGeo gdal up to 3.13.0dev-4. Affected by this vulnerability is the function SWSDfldsrch of the file frmts/hdf4/hdf-eos/SWapi.c. Executing a manipulation can lead to heap-based buffer overflow. The attack requires local access. The exploit has been published and may be...

5.5CVSS5.8AI score0.00205EPSS
Exploits1References9
osv
osv
added 2026/05/09 11:16 p.m.8 views

DEBIAN-CVE-2026-8212

A flaw has been found in OSGeo gdal up to 3.13.0dev-4. Affected by this vulnerability is the function SWSDfldsrch of the file frmts/hdf4/hdf-eos/SWapi.c. Executing a manipulation can lead to heap-based buffer overflow. The attack requires local access. The exploit has been published and may be...

5.5CVSS5.8AI score0.00205EPSS
Exploits1References1
osv
osv
added 2026/05/09 11:16 p.m.9 views

UBUNTU-CVE-2026-8212

A flaw has been found in OSGeo gdal up to 3.13.0dev-4. Affected by this vulnerability is the function SWSDfldsrch of the file frmts/hdf4/hdf-eos/SWapi.c. Executing a manipulation can lead to heap-based buffer overflow. The attack requires local access. The exploit has been published and may be...

5.5CVSS5.8AI score0.00205EPSS
Exploits1References10
osv
osv
added 2026/05/09 11:0 p.m.3 views

CVE-2026-8213 OSGeo gdal Grid File GDapi.c GDSDfldsrch heap-based overflow

A vulnerability has been found in OSGeo gdal up to 3.13.0dev-4. Affected by this issue is the function GDSDfldsrch of the file frmts/hdf4/hdf-eos/GDapi.c of the component Grid File Handler. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit h...

4.8CVSS5.4AI score0.00258EPSS
Exploits1References10
redhatcve
redhatcve
added 2026/05/09 2:21 a.m.9 views

CVE-2026-8084

A vulnerability was determined in OSGeo gdal up to 3.13.0dev-4. This vulnerability affects the function memmove of the file frmts/hdf4/hdf-eos/SWapi.c of the component HDF-EOS Grid File Handler. This manipulation causes out-of-bounds read. The attack is restricted to local execution. The exploit...

5.5CVSS5.4AI score0.00264EPSS
Exploits1References1
redhatcve
redhatcve
added 2026/05/09 2:21 a.m.7 views

CVE-2026-8088

A weakness has been identified in OSGeo gdal up to 3.13.0dev-4. The affected element is the function GDfieldinfo of the file frmts/hdf4/hdf-eos/GDapi.c. Executing a manipulation can lead to out-of-bounds read. The attack needs to be launched locally. The exploit has been made available to the...

5.5CVSS5.4AI score0.00246EPSS
Exploits1References1
ptsecurity
ptsecurity
added 2026/05/09 12:0 a.m.26 views

PT-2026-39424

Name of the Vulnerable Software and Affected Versions OSGeo gdal versions prior to 3.13.0RC1 Description A heap-based buffer overflow exists in the SWSDfldsrch function within the frmts/hdf4/hdf-eos/SWapi.c file. This issue can be triggered through local access by executing a manipulation...

5.5CVSS6.2AI score0.00205EPSS
Exploits1References19
Rows per page
Query Builder