Lucene search
K

106 matches found

Debian CVE
Debian CVE
added yesterday4 views

CVE-2026-13708

Imager::File::JPEG versions before 1.003 for Perl leak heap memory when reading a JPEG with repeated APP13 markers in ireadjpegwiol. ireadjpegwiol walks the marker list libjpeg returns and, for each APP13 marker, allocates a new buffer with iptcitext = mymalloc... and overwrites the previous...

7.5CVSS6.1AI score
Exploits0
CVE
CVE
added 2026/06/24 4:37 a.m.11 views

CVE-2026-9539

CVE-2026-9539 affects freedesktop.org libslirp (prior to v4.9.2) used on hypervisor host environments (e.g., QEMU). A vulnerability in the TCP urgent data handling (sosendoob) can cause an out-of-bounds heap read and integer underflow, enabling a privileged guest VM attacker (root or CAP_NET_RAW)...

6.5CVSS5.9AI score0.00106EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/23 7:53 p.m.7 views

EUVD-2026-38607

A flaw was found in GStreamer's gst-plugins-bad package. When processing a specially crafted H.264 video file containing malformed MVC or SVC extension slice NAL units, a 1-byte heap out-of-bounds read can occur during parsing. This happens when the parser attempts to check slice boundary...

4.4CVSS5.8AI score0.00124EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/23 7:53 p.m.6 views

CVE-2026-12892

A flaw was found in GStreamer's gst-plugins-bad package. When processing a specially crafted H.264 video file containing malformed MVC or SVC extension slice NAL units, a 1-byte heap out-of-bounds read can occur during parsing. This happens when the parser attempts to check slice boundary...

4.4CVSS5.8AI score0.00124EPSS
Exploits0
NVD
NVD
added 2026/06/08 9:16 p.m.22 views

CVE-2026-40215

A race condition in OpenVPN 2.6.0 through 2.6.19 and 2.7alpha1 through 2.7.1 allows remote attackers to potentially cause a server crash or leak heap memory via a use-after-free triggered during TLS session promotion...

6.1CVSS0.00309EPSS
Exploits0References3
OSV
OSV
added 2026/06/08 9:16 p.m.7 views

ALPINE-CVE-2026-40215

A race condition in OpenVPN 2.6.0 through 2.6.19 and 2.7alpha1 through 2.7.1 allows remote attackers to potentially cause a server crash or leak heap memory via a use-after-free triggered during TLS session promotion...

6.1CVSS5.5AI score0.00309EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/08 7:59 p.m.37 views

CVE-2026-40215

A race condition in OpenVPN 2.6.0 through 2.6.19 and 2.7alpha1 through 2.7.1 allows remote attackers to potentially cause a server crash or leak heap memory via a use-after-free triggered during TLS session promotion...

6.1CVSS0.00309EPSS
Exploits0References3
OSV
OSV
added 2026/06/04 3:16 a.m.9 views

DEBIAN-CVE-2026-8829

HTML::Entities versions before 3.84 for Perl read freed heap memory in decodeentities. The XS routine backing HTML::Entities::decodeentities cached a pointer repl into the entity-value SV returned by hvfetch on the entity2char hash. When the input SV was identical to a value SV in that hash, and...

7.5CVSS5.9AI score0.0031EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.12 views

SUSE SLES16 Security Update : libarchive (SUSE-SU-2026:21831-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21831-1 advisory. This update for libarchive fixes the following issues - CVE-2026-4111: logical deadlock the RAR5 filter subsystem and the...

9.8CVSS7.3AI score0.01073EPSS
Exploits0References13
EUVD
EUVD
added 2026/05/28 9:36 a.m.14 views

EUVD-2026-32794

In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl Just like in a previous problem in this driver, usblpctrlmsg will collapse the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferre...

5.8AI score0.00128EPSS
Exploits0References5
OSV
OSV
added 2026/05/27 2:17 p.m.8 views

UBUNTU-CVE-2026-45994

In the Linux kernel, the following vulnerability has been resolved: ibmasm: fix OOB reads in commandfilewrite due to missing size checks The commandfilewrite handler allocates a kernel buffer of exactly count bytes and copies user data into it, but does not validate the buffer against the dot...

7.1CVSS5.8AI score0.00126EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-32814

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, when decoding a HEIF grid image with strictdecoding=false the default,...

6.5CVSS5.9AI score0.00303EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/21 2:29 a.m.16 views

SUSE CVE-2026-32814

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, when decoding a HEIF grid image with strictdecoding=false the default, a corrupted tile silently fails to decode and the library returns heiferrorOk with no indication of failure, leading to an uninitialized...

5.5CVSS5.7AI score0.00303EPSS
Exploits0References6
Snyk
Snyk
added 2026/05/19 9:51 p.m.13 views

Use of Uninitialized Resource

Overview Affected versions of this package are vulnerable to Use of Uninitialized Resource in the decoding process of grid-based HEIF or AVIF images when a corrupted tile fails to decode and the library returns a success status, resulting in uninitialized heap memory being exposed as pixel data. ...

7.1CVSS5.8AI score0.00303EPSS
Exploits0References2
OSV
OSV
added 2026/05/19 9:16 p.m.8 views

UBUNTU-CVE-2026-32882

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap buffer over-read in HeifPixelImage::overlay in libheif/pixelimage.cc. When compositing an overlay image iovl whose child image has a different bit depth for the alpha channel than for the color...

7.1CVSS5.8AI score0.00323EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/05/19 9:16 p.m.9 views

CVE-2026-32814

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, when decoding a HEIF grid image with strictdecoding=false the default, a corrupted tile silently fails to decode and the library returns heiferrorOk with no indication of failure, leading to an uninitialized...

6.5CVSS5.7AI score0.00303EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/19 7:49 p.m.10 views

EUVD-2026-30980

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, when decoding a HEIF grid image with strictdecoding=false the default, a corrupted tile silently fails to decode and the library returns heiferrorOk with no indication of failure, leading to an uninitialized...

6.5CVSS5.7AI score0.00303EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/05/19 7:49 p.m.12 views

CVE-2026-32814

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, when decoding a HEIF grid image with strictdecoding=false the default, a corrupted tile silently fails to decode and the library returns heiferrorOk with no indication of failure, leading to an uninitialized...

6.5CVSS5.7AI score0.00303EPSS
Exploits0
GithubExploit
GithubExploit
added 2026/05/18 10:0 a.m.87 views

Exploit for Out-of-bounds Read in Php

CVE-2025-14177 — PHP getimagesize Heap Memory Leak Fo...

7.5CVSS7.1AI score0.00474EPSS
Exploits3
OSV
OSV
added 2026/05/14 7:20 p.m.8 views

CLSA-2026-1778493573 samba: Fix of CVE-2017-15275

CVE-2017-15275: Fix server heap memory information leak by zeroing unused area when messagepushstring grows the talloc buffer...

7.5CVSS6.8AI score0.21408EPSS
Exploits0References1
Rows per page
Query Builder