Lucene search
K

1674 matches found

Vulnrichment
Vulnrichment
added 2026/03/03 2:32 p.m.4 views

CVE-2026-22891

A heap-based buffer overflow vulnerability exists in the Intan CLP parsing functionality of The Biosig Project libbiosig 3.9.2 and Master Branch db9a9a63. A specially crafted Intan CLP file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerabilit...

9.8CVSS6.3AI score0.00589EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/03/03 12:0 a.m.7 views

PT-2026-22739

A heap-based buffer overflow vulnerability exists in the Nicolet WFT parsing functionality of The Biosig Project libbiosig 3.9.2 and Master Branch db9a9a63. A specially crafted .wft file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...

8.1CVSS6.3AI score0.00511EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/02 9:47 p.m.8 views

Directory Traversal

Overview openchatbi is an OpenChatBI - Natural language business intelligence powered by LLMs for intuitive data analysis and SQL generation Affected versions of this package are vulnerable to Directory Traversal via insufficient sanitization of the fileformat parameter in the savereport tool. An...

9.8CVSS6.5AI score0.00443EPSS
Exploits0References2
OSV
OSV
added 2026/03/02 9:47 p.m.7 views

GHSA-VMWQ-8G8C-JM79 OpenChatBI has a Path Traversal Vulnerability in save_report Tool

Impact The savereport tool in openchatbi/tool/savereport.py suffers from a critical path traversal vulnerability due to insufficient input sanitization of the fileformat parameter. The function only removes leading dots of fileformat using fileformat.lstrip"." but allows path traversal sequences...

8.7CVSS6.2AI score0.00443EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/03/02 9:47 p.m.11 views

OpenChatBI has a Path Traversal Vulnerability in save_report Tool

Impact The savereport tool in openchatbi/tool/savereport.py suffers from a critical path traversal vulnerability due to insufficient input sanitization of the fileformat parameter. The function only removes leading dots of fileformat using fileformat.lstrip"." but allows path traversal sequences...

9.8CVSS6.2AI score0.00443EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/02 12:0 a.m.11 views

PT-2026-23001

Name of the Vulnerable Software and Affected Versions OpenChatBI versions prior to 0.2.2 Description OpenChatBI is a chat-based BI tool that allows users to query and analyze data using natural language. The save report tool within the openchatbi/tool/save report.py component is susceptible to a...

9.8CVSS6AI score0.00443EPSS
Exploits0References13
CNNVD
CNNVD
added 2026/02/26 12:0 a.m.9 views

psd-tools 安全漏洞

psd-tools is an open-source Python package designed for reading Adobe Photoshop PSD files. Versions of psd-tools prior to 1.12.2 contained security vulnerabilities. These vulnerabilities occurred due to the lack of handling of ValueError exceptions when processing PSD files containing...

9.1CVSS5.8AI score0.0041EPSS
Exploits1References3
AlpineLinux
AlpineLinux
added 2026/02/24 12:29 a.m.4 views

CVE-2026-24481

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap information disclosure vulnerability exists in ImageMagick's PSD Adobe Photoshop format handler. When processing a maliciously crafted PSD file containin...

7.5CVSS5.5AI score0.00348EPSS
Exploits0
OSV
OSV
added 2026/02/20 11:16 p.m.3 views

UBUNTU-CVE-2026-2047

GIMP ICNS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page ...

7.8CVSS6.2AI score0.0062EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/02/20 11:16 p.m.6 views

CVE-2026-2047

GIMP ICNS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page ...

7.8CVSS7.4AI score0.0062EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/02/20 10:10 p.m.3 views

CVE-2026-0797 GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS7.8AI score0.01157EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/20 12:0 a.m.9 views

GIMP 安全漏洞

GIMP is an open-source bitmap image editor developed by the GIMP team. GIMP has a security vulnerability that stems from the improper validation of data length during the parsing of ICO files. This issue occurs when data provided by users is copied into a heap-based buffer without proper validati...

7.8CVSS7.6AI score0.01157EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/19 4:32 a.m.3 views

CVE-2026-2704 Open Babel CIF File transform3d.cpp DescribeAsString out-of-bounds

A security vulnerability has been detected in Open Babel up to 3.1.1. The affected element is the function OpenBabel::transform3d::DescribeAsString of the file src/math/transform3d.cpp of the component CIF File Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the...

5.3CVSS5.4AI score0.00759EPSS
Exploits1References7
CVE
CVE
added 2026/02/19 4:32 a.m.24 views

CVE-2026-2704

Open Babel (up to 3.1.1) contains a vulnerability in CIF File Handler, specifically OpenBabel::transform3d::DescribeAsString in src/math/transform3d.cpp, causing an out-of-bounds read. The issue can be triggered remotely and has public exploit/public disclosure. A patch exists (identifier: e23a22...

8.1CVSS5.2AI score0.00759EPSS
Exploits1References9Affected Software1
Packet Storm
Packet Storm
added 2026/02/13 12:0 a.m.426 views

📄 OpenSSL 3.x PKCS#12 PBMAC1 KeyLength Buffer Overflow

This proof of concept demonstrates a buffer overflow vulnerability in OpenSSL versions 3.4 to 3.6 related to improper handling of the PBMAC1 keyLength parameter in PKCS12 files. By crafting a malicious PKCS12 structure with an excessively large keyLength value, the proof of concept triggers a...

9.8CVSS6.4AI score0.47621EPSS
Exploits7
Packet Storm
Packet Storm
added 2026/02/09 12:0 a.m.198 views

📄 Samsung QuramDng Warp Out-Of-Bounds Read

This python proof of concept demonstrates an out-of-bounds read vulnerability in Samsung's QuramDng image processing library, triggered via a specially crafted DNG Digital Negative file. The script programmatically builds a minimal but valid DNG file containing a malformed WarpRectilinear opcode,...

9.1CVSS5.5AI score0.00393EPSS
Exploits2
OSV
OSV
added 2026/01/30 2:5 p.m.10 views

CLEANSTART-2026-LA13761 vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device

Multiple security vulnerabilities affect the clamav package. A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. See references for individual vulnerability details...

9.8CVSS5.8AI score0.84841EPSS
Exploits16References73
Packet Storm
Packet Storm
added 2026/01/29 12:0 a.m.208 views

📄 Samsung libimagecodec.quram.so Buffer Overflow / Denial of Service

This proof of concept demonstrates a denial of service vulnerability in Samsung's libimagecodec.quram.so JPEG decoder. By crafting a structurally valid JPEG file with maliciously large image dimensions height 65535, width 2862 in the SOF0 marker, the decoder performs unsafe size calculations duri...

7.5CVSS5.9AI score0.00223EPSS
Exploits1
EUVD
EUVD
added 2026/01/27 4:1 p.m.10 views

EUVD-2025-206393

Issue summary: Processing a malformed PKCS12 file can trigger a NULL pointer dereference in the PKCS12itemdecryptd2iex function. Impact summary: A NULL pointer dereference can trigger a crash which leads to Denial of Service for an application processing PKCS12 files. The PKCS12itemdecryptd2iex...

6.2AI score0.00844EPSS
Exploits1References6
OSV
OSV
added 2026/01/11 5:15 p.m.3 views

OPENSUSE-SU-2026:20022-1 Security update for matio

This update for matio fixes the following issues: - update to version 1.5.29: Fix printing rank-1-variable in MatVarPrint Fix array index out of bounds in MatVarPrint when printing UTF-8 character data boo1239678, CVE-2025-2337 Fix heap-based buffer overflow in strdupvprintf boo1239677,...

8.1CVSS6.8AI score0.00534EPSS
Exploits2References4
Rows per page
Query Builder