Lucene search
K

306 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in exiv2

In Exiv2 0.27.99.0, the PngImage::readMetadata function in the pngimage.cpp file allows attackers to cause a denial of service heap-based buffer over-read through a crafted image file...

6.5CVSS6.8AI score0.01116EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in libstb

stbimage.h also known as the stb image loader version 2.23 has a heap-based buffer overflow issue in stbitgaload, which can lead to information disclosure or denial of service...

9.1CVSS8.5AI score0.02796EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in gst-plugins-good1.0

In GStreamer through 1.26.1, the isomp4 plugin’s qtdemuxparsetrak function may read past the end of a heap buffer while parsing an MP4 file, potentially leading to information disclosure...

8.1CVSS6.7AI score0.00578EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/18 8:31 p.m.3 views

CVE-2026-45696 OpenEXR HTJ2K decoder heap buffer over-read in ht_undo_impl() (DoS)

OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, the HTJ2K High-Throughput JPEG 2000 decoder, htundoimpl in OpenEXRCore is vulnerable to a heap-buffer-overflow READ. The htundoimp...

8.3CVSS5.9AI score0.00263EPSS
Exploits1References2
Microsoft CVE
Microsoft CVE
added 2026/06/13 8:6 a.m.6 views

Heap Buffer Over-read in ASN.1 Content Parsing

...

7.5CVSS5.8AI score0.00513EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/12 2:26 a.m.7 views

SUSE CVE-2026-45359

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-22, an invalid connected-components:keep-top value could result in a heap buffer over-read when performing the connected components operation. This issue has been...

5.7CVSS5.4AI score0.00122EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/10 9:26 p.m.8 views

CVE-2026-45359 ImageMagick: Out-of-Bounds Read in connected components when the user supplies an invalid keep-top define

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-22, an invalid connected-components:keep-top value could result in a heap buffer over-read when performing the connected components operation. This issue has been...

5.7CVSS5.5AI score0.00122EPSS
Exploits0References1
OSV
OSV
added 2026/06/09 2:16 p.m.10 views

DEBIAN-CVE-2026-11787

A flaw was found in 389 Directory Server. The ldaputf8prev function reads bytes before the start of a buffer without bounds checking, causing a heap buffer over-read in string filter parsing that may influence internal filter processing behavior...

6.3CVSS5.7AI score0.00177EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 1:2 p.m.34 views

CVE-2026-11787

The CVE-2026-11787 entry concerns 389 Directory Server (389-ds-base). A heap buffer over-read occurs in the ldap_utf8prev() function when reading bytes before the start of a buffer during string filter parsing (via str2simple), which may influence internal filter processing behavior. Documented i...

6.3CVSS5.7AI score0.00177EPSS
Exploits0References2Affected Software3
RedhatCVE
RedhatCVE
added 2026/06/05 7:23 p.m.10 views

CVE-2026-43916

pamauthnft is a PAM session module binding nftables firewall rules to authenticated sessions via cgroupv2 inodes. Prior to 0.2.0-alpha, a heap buffer over-read in peerlookuptcp src/peerlookup.c:134, prior to the fix allowed a crafted NETLINKSOCKDIAG reply to slip past the message-size check, then...

8.7CVSS5.7AI score0.00263EPSS
Exploits0References1
OSV
OSV
added 2026/05/29 1:33 p.m.12 views

OESA-2026-2463 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

7.5CVSS5.9AI score0.01849EPSS
Exploits2References17
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.57 views

AlmaLinux 9 : httpd (ALSA-2026:21391)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:21391 advisory. httpd: modproxyajp: heap-based buffer over-read and memory disclosure in ajpparsedata CVE-2026-34059 httpd: modproxyajp: heap-based buffer over-read due ...

9.8CVSS6.3AI score0.01325EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.15 views

SUSE SLES16 Security Update : nginx (SUSE-SU-2026:21832-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21832-1 advisory. This update for nginx fixes the following issues - CVE-2026-27651: denial of service via undisclosed requests when the...

9.2CVSS9AI score0.61469EPSS
Exploits40References19
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.12 views

ImageMagick < 6.9.13-48 / 7.x < 7.1.2-22 Vulnerability

The remote host has a version of ImageMagick installed that is prior to 6.9.13-48 or 7.x prior 7.1.2-22. It is, therefore, affected by a vulnerability. — An invalid connected-components:keep-top value could result in a heap buffer over-read when performing the connected components operation...

7.1CVSS6AI score0.00122EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2026/05/28 12:34 p.m.19 views

Security update for apache2

This update for apache2 fixes the following issues CVE-2026-23918: http2: double free and possible RCE on early reset bsc1263957. CVE-2026-24072: modrewrite elevation of privileges via apexpr bsc1263935. CVE-2026-28780: heap buffer overflow in modproxyajp via ajpmsgcheckheader bsc1264163...

9.2CVSS6.2AI score0.4581EPSS
Exploits18References44
RedhatCVE
RedhatCVE
added 2026/05/26 8:14 p.m.17 views

CVE-2026-42627

In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size validation and trigger a heap-based buffer over-read during model optimization. The overflow occurs when multiplying tensor dimensions...

6.2CVSS6AI score0.00132EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.11 views

PT-2026-47117

In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read...

5.7AI score
Exploits0References4
OSV
OSV
added 2026/05/22 1:17 p.m.15 views

OESA-2026-2388 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

7.5CVSS5.9AI score0.01849EPSS
Exploits2References17
OSV
OSV
added 2026/05/22 1:14 p.m.10 views

GHSA-6GXQ-F64P-5W6F ImageMagick: Heap Buffer Over-Read in distributed pixel cache server

An attacker who can connect to a magick -distribute-cache service can cause a heap buffer over-read in the server process...

5.7CVSS5.9AI score0.00093EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/22 1:14 p.m.17 views

ImageMagick: Heap Buffer Over-Read in distributed pixel cache server

An attacker who can connect to a magick -distribute-cache service can cause a heap buffer over-read in the server process...

5.7CVSS5.9AI score0.00093EPSS
Exploits0References2Affected Software17
Rows per page
Query Builder