Lucene search
K

25 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in openimageio

There is an information disclosure vulnerability in the IFFOutput channel interleaving functionality of the OpenImageIO Project, specifically in OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to the leakage of heap data. An attacker can provide malicious input to trigger th...

5.9CVSS7.3AI score0.01132EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/04/24 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of verification of EaNameLength in smb2getea, potentially leading to the leakage of...

7.5CVSS5.8AI score0.00415EPSS
Exploits0References1
OSV
OSV
added 2026/04/09 3:16 p.m.4 views

DEBIAN-CVE-2026-5441

An out-of-bounds read vulnerability exists in the DecodePsmctRle1 function of DicomImageDecoder.cpp. The PMSCTRLE1 decompression routine, which decodes the proprietary Philips Compression format, does not properly validate escape markers placed near the end of the compressed data stream. A crafte...

7.1CVSS5.6AI score0.00136EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/04/09 3:16 p.m.6 views

CVE-2026-5441

An out-of-bounds read vulnerability exists in the DecodePsmctRle1 function of DicomImageDecoder.cpp. The PMSCTRLE1 decompression routine, which decodes the proprietary Philips Compression format, does not properly validate escape markers placed near the end of the compressed data stream. A crafte...

7.1CVSS6AI score0.00136EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/09 2:41 p.m.2 views

EUVD-2026-20897

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.0.9 to before 1.6.57, passing a pointer obtained from pnggetPLTE, pnggettRNS, or pnggethIST back into the corresponding setter on the same...

5.1CVSS6AI score0.00195EPSS
Exploits1References5
Talos
Talos
added 2025/12/16 12:0 a.m.5 views

Grassroot DICOM RLECodec::DecodeByStreams out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2025-2214 Grassroot DICOM RLECodec::DecodeByStreams out-of-bounds read vulnerability December 16, 2025 CVE Number CVE-2025-48429 SUMMARY An out-of-bounds read vulnerability exists in the RLECodec::DecodeByStreams functionality of Grassroot DICOM 3.024. A specially...

9.1CVSS7.1AI score0.00294EPSS
Exploits1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-18309

Malware in sbrugna...

6.5CVSS6.3AI score0.00936EPSS
Exploits1References5
OSV
OSV
added 2025/10/01 12:15 p.m.3 views

UBUNTU-CVE-2023-53456

In the Linux kernel, the following vulnerability has been resolved: scsi: qla4xxx: Add length check when parsing nlattrs There are three places that qla4xxx parses nlattrs: - qla4xxxsetchapentry - qla4xxxifacesetparam - qla4xxxsysfsddbsetparam and each of them directly converts the nlattr to...

5.5CVSS5.9AI score0.00149EPSS
Exploits0References12
OSV
OSV
added 2024/07/31 8:15 a.m.1 views

ALPINE-CVE-2024-7264

libcurl's ASN1 parser code has the GTime2str function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field, the parser might end up using -1 for the length of the time fraction, leading to a strlen getting performed on a pointer to a heap buffer area that i...

6.5CVSS7.3AI score0.16212EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2024/06/04 12:36 p.m.3 views

SUSE CVE-2023-3773

A flaw was found in the Linux kernel's IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to cause a 4 byte out-of-bounds read of XFRMAMTIMERTHRESH when parsing netlink attributes, leading to potential leakage of sensitive heap...

5.5CVSS5.9AI score0.00237EPSS
Exploits0References3
OSV
OSV
added 2024/05/17 11:8 a.m.7 views

OESA-2024-1608 ruby security update

Ruby is a fast and easy interpreted scripting language for object-oriented programming. It has many functions for processing text Files and perform system management tasks such as Perl. Security Fixes: An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the...

6.6CVSS6.8AI score0.00629EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/11/07 9:3 a.m.3 views

kernel: xfrm: out-of-bounds read of XFRMA_MTIMER_THRESH nlattr

A flaw was found in the Linux kernel’s IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to cause a 4 byte out-of-bounds read of XFRMAMTIMERTHRESH when parsing netlink attributes, leading to potential leakage of sensitive heap...

5.5CVSS6.6AI score0.00237EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/08/15 5:37 p.m.6 views

curl: use after free in SSH sha256 fingerprint check

A use-after-free flaw was found in the Curl package. This flaw risks inserting sensitive heap-based data into the error message that users might see or is otherwise leaked and revealed...

7.5CVSS7.3AI score0.02489EPSS
Exploits1References5
CNNVD
CNNVD
added 2023/08/14 12:0 a.m.4 views

Google Wear OS Security Vulnerability

Google Wear OS is a Google-developed operating system from Google, Inc. that is specifically designed for use in smartwatches, smart bands, and other wearable devices. Google Wear OS suffers from a security vulnerability that stems from the presence of uninitialized data in multiple locations of...

7.5CVSS6.8AI score0.00338EPSS
Exploits0References2
OSV
OSV
added 2023/07/25 4:15 p.m.18 views

AZL-33496 CVE-2023-3773 affecting package hyperv-daemons for versions less than 5.15.158.1-1

A flaw was found in the Linux kernel’s IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to cause a 4 byte out-of-bounds read of XFRMAMTIMERTHRESH when parsing netlink attributes, leading to potential leakage of sensitive heap...

4.4CVSS6.4AI score0.00237EPSS
Exploits0References1
OSV
OSV
added 2023/07/25 4:15 p.m.2 views

UBUNTU-CVE-2023-3773

A flaw was found in the Linux kernel’s IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to cause a 4 byte out-of-bounds read of XFRMAMTIMERTHRESH when parsing netlink attributes, leading to potential leakage of sensitive heap...

5.5CVSS6.5AI score0.00237EPSS
Exploits0References13
CNNVD
CNNVD
added 2023/07/23 12:0 a.m.3 views

Linux kernel 缓冲区错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to cause a 4-byte out-of-bounds read of XFRMAMTIMERTHRESH when parsing...

5.5CVSS8.5AI score0.00237EPSS
Exploits0References13
SUSE CVE
SUSE CVE
added 2023/02/15 3:22 a.m.2 views

SUSE CVE-2022-43596

An information disclosure vulnerability exists in the IFFOutput channel interleaving functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to leaked heap data. An attacker can provide malicious input to trigger this vulnerability...

5.9CVSS7.2AI score0.01132EPSS
Exploits1References2
OSV
OSV
added 2022/12/22 10:15 p.m.3 views

UBUNTU-CVE-2022-43592

An information disclosure vulnerability exists in the DPXOutput::close functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to leaked heap data. An attacker can provide malicious input to trigger this vulnerability...

5.9CVSS7.3AI score0.01123EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2022/10/26 12:0 a.m.30 views

SUSE SLED12 / SLES12 Security Update : bluez (SUSE-SU-2022:3718-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3718-1 advisory. - CVE-2019-8921: Fixed heap-based buffer overflow via crafted request bsc1193237. - CVE-2016-9803: Fixed memor...

6.5CVSS6.9AI score0.02473EPSS
Exploits2References7
Rows per page
Query Builder