Lucene search
K

14 matches found

RedhatCVE
RedhatCVE
added 2026/04/14 7:23 p.m.6 views

CVE-2026-5445

An out-of-bounds read vulnerability exists in the DecodeLookupTable function within DicomImageDecoder.cpp. The lookup-table decoding logic used for PALETTE COLOR images does not validate pixel indices against the lookup table size. Crafted images containing indices larger than the palette size...

9.1CVSS7.2AI score0.00666EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/09 3:35 p.m.7 views

EUVD-2026-20926

An out-of-bounds read vulnerability exists in the DecodeLookupTable function within DicomImageDecoder.cpp. The lookup-table decoding logic used for PALETTE COLOR images does not validate pixel indices against the lookup table size. Crafted images containing indices larger than the palette size...

5.9AI score0.00666EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/04/09 3:16 p.m.3 views

CVE-2026-5445

An out-of-bounds read vulnerability exists in the DecodeLookupTable function within DicomImageDecoder.cpp. The lookup-table decoding logic used for PALETTE COLOR images does not validate pixel indices against the lookup table size. Crafted images containing indices larger than the palette size...

9.1CVSS5.8AI score0.00666EPSS
Exploits0References4
OSV
OSV
added 2026/04/09 3:16 p.m.6 views

UBUNTU-CVE-2026-5445

An out-of-bounds read vulnerability exists in the DecodeLookupTable function within DicomImageDecoder.cpp. The lookup-table decoding logic used for PALETTE COLOR images does not validate pixel indices against the lookup table size. Crafted images containing indices larger than the palette size...

9.1CVSS5.8AI score0.00666EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/09 12:0 a.m.12 views

PT-2026-31634

Name of the Vulnerable Software and Affected Versions DicomImageDecoder affected versions not specified Description An out-of-bounds read issue exists in the DecodeLookupTable function within DicomImageDecoder.cpp. The lookup-table decoding logic for PALETTE COLOR images does not validate pixel...

5.8AI score0.00666EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/05/28 12:0 a.m.5 views

TeleMessage 安全漏洞

TeleMessage is a secure and compliant messaging solution for organizations from TeleMessage Israel. A security vulnerability exists in TeleMessage version 2025-05-05 and earlier, which stems from the heap content of a JSP application containing a password sent over HTTP...

4CVSS9.3AI score0.00366EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2024/11/04 12:0 a.m.14 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-2795)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.5AI score0.16212EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2024/10/09 12:0 a.m.11 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-2575)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.6AI score0.16212EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/07/31 12:0 a.m.2 views

curl 安全漏洞

curl is a cURL open source tool for transferring data from or to a server. A security vulnerability exists in curl, which stems from the fact that given a syntactically incorrect field, the contents of the heap may be returned to the application or cause a crash...

6.5CVSS6.8AI score0.16212EPSS
Exploits1References8
UbuntuCve
UbuntuCve
added 2024/07/31 12:0 a.m.349 views

CVE-2024-7264

libcurl's ASN1 parser code has the GTime2str function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field, the parser might end up using -1 for the length of the time fraction, leading to a strlen getting performed on a pointer to a heap buffer area that i...

6.5CVSS6.9AI score0.16212EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2022/02/21 8:55 a.m.3 views

ruby: BasicSocket#read_nonblock method leads to information disclosure

An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocketreadnonblockrequestedsize, buffer, exception: false, the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous valu...

5.3CVSS7.5AI score0.02564EPSS
Exploits1References5
CNNVD
CNNVD
added 2021/10/04 12:0 a.m.6 views

Redis Labs Redis 输入验证错误漏洞

Redis Labs Redis is an open source, network-enabled, memory-based, persistent logging, key-value Key-Value storage database written in ANSI C with a multilingual API from Redis Labs, Inc. An input validation error vulnerability exists in Redis, which could expose arbitrary contents of the heap or...

7.5CVSS7.1AI score0.03839EPSS
Exploits0References33
Microsoft CVE
Microsoft CVE
added 2020/09/25 7:0 a.m.4 views

An issue was discovered in Ruby 2.5.x through 2.5.7 2.6.x through 2.6.5 and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size buffer exception: false) the method resizes the buffer to fit the requested size but no data is copied. Thus the buffer string provides the previous value of the heap. This may expose possibly sensitive data from the interpreter.

...

5.3CVSS7AI score0.02564EPSS
Exploits1
OPENSUSE Linux
OPENSUSE Linux
added 2014/10/09 1:9 p.m.36 views

xen: security and bugfix update (important)

XEN was updated to fix security issues and bugs. Security issues fixed: - bnc897657 - CVE-2014-7188: XSA-108 Improper MSR range used for x2APIC emulation - bnc895802 - CVE-2014-7156: XSA-106: Missing privilege level checks in x86 emulation of software interrupts - bnc895799 - CVE-2014-7155:...

8.3CVSS1.1AI score0.04554EPSS
Exploits0References14
Rows per page
Query Builder