Lucene search
K

20 matches found

Vulnrichment
Vulnrichment
added 2026/03/05 1:35 a.m.6 views

CVE-2026-3257 UnQLite versions through 0.06 for Perl uses a potentially insecure version of the UnQLite library

UnQLite versions through 0.06 for Perl uses a potentially insecure version of the UnQLite library. UnQLite for Perl embeds the UnQLite library. Version 0.06 and earlier of the Perl module uses a version of the library from 2014 that may be vulnerable to a heap-based overflow...

6AI score0.00408EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/16 12:0 a.m.5 views

CVE-2025-62291

In the eap-mschapv2 plugin client-side in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow...

8.1CVSS6.8AI score0.00879EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.5 views

TencentOS Server 4: gimp (TSSA-2025:0601)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0601 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

7.3CVSS7.2AI score0.00191EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-5650

Malware in sbrugna...

5.5CVSS5.3AI score0.01344EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.8 views

UltraVNC < 1.2.2.4 Multiple Vulnerabilities

The version of UltraVNC Service installed on the remote Windows host is prior to 1.2.2.4. It is, therefore, affected by multiple vulnerabilities: - UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside RAW decoder, which can potentially result code execution. This...

9.8CVSS8.1AI score0.08263EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/08/14 10:23 p.m.14 views

User-defined implementations of the safe trait scratchpad::Tracking can cause heap buffer overflows

The get and set methods of the public trait scratchpad::Tracking interact with unsafe code regions in the crate, and they influence the computation of addresses returned as raw pointers. However, the trait itself is not marked as unsafe, meaning users may provide custom implementations under the...

7.8AI score
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2024-6505

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the virtio-net device in QEMU. When enabling the RSS feature on the virtio-net network card, the indirectionstable data within RSS becomes...

6.8CVSS6.6AI score0.0065EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.9 views

Azure Linux 3.0 Security Update: cloud-hypervisor-cvm / crash / teckit / zlib (CVE-2022-37434)

The version of cloud-hypervisor-cvm / crash / teckit / zlib installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-37434 advisory. - zlib through 1.2.12 has a heap-based buffer over-read or buffer overfl...

9.8CVSS7.4AI score0.16004EPSS
Exploits1References2
NVD
NVD
added 2024/12/19 8:15 a.m.18 views

CVE-2020-12819

A heap-based buffer overflow vulnerability in the processing of Link Control Protocol messages in FortiGate versions 5.6.12, 6.0.10, 6.2.4 and 6.4.1 and earlier may allow a remote attacker with valid SSL VPN credentials to crash the SSL VPN daemon by sending a large LCP packet, when tunnel mode i...

7.5CVSS0.0077EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/11/08 12:0 a.m.11 views

EulerOS 2.0 SP9 : curl (EulerOS-SA-2024-2825)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libcurl's ASN1 parser code has the GTime2str function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field,...

6.5CVSS7.2AI score0.17301EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2024/03/26 12:0 a.m.7 views

PT-2024-20432 · Eclipse · Eclipse Threadx Netx Duo

Name of the Vulnerable Software and Affected Versions: Eclipse ThreadX NetX Duo versions prior to 6.4.0 Description: The issue arises when an attacker can control parameters of the portable aligned alloc function, potentially causing an integer wrap-around and an allocation smaller than expected...

9.8CVSS7.4AI score0.00902EPSS
Exploits1References9
RedHat Linux
RedHat Linux
added 2024/01/30 2:56 p.m.2 views

xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent

A flaw was found in X.Org server. In the XISendDeviceHierarchyEvent function, it is possible to exceed the allocated array length when certain new device IDs are added to the xXIHierarchyInfo struct. This can trigger a heap buffer overflow condition, which may lead to an application crash or remo...

7.8CVSS6.6AI score0.0142EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/01/16 12:0 a.m.8 views

PT-2024-1121

Name of the Vulnerable Software and Affected Versions X.Org Server affected versions not specified Description A flaw was found in the X.Org server, specifically in the DeviceFocusEvent and XIQueryPointer functions, which can lead to a heap overflow. This issue is caused by the server allocating...

9.8CVSS6.8AI score0.02106EPSS
Exploits0References165
Positive Technologies
Positive Technologies
added 2023/02/09 12:0 a.m.5 views

PT-2023-6770 · Open Design Alliance · Open Design Alliance Drawings Sdk

Name of the Vulnerable Software and Affected Versions: Open Design Alliance Drawings SDK versions prior to 2023.6 Description: The issue is related to a heap-based buffer overflow in the DXF file reading procedure. This occurs due to the lack of proper validation of the length of user-supplied...

7.8CVSS7.7AI score0.00216EPSS
Exploits0References11
CVE
CVE
added 2021/09/09 7:36 a.m.58 views

CVE-2021-30295

CVE-2021-30295 describes a heap overflow in Qualcomm Snapdragon devices (Snapdragon Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, Mobile, Wearables) caused by improper validation of local task information stored locally. This is a local issue with high impact to confidentiality, inte...

8.4CVSS7.6AI score0.00162EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/02/10 12:0 a.m.8 views

Tencent WeChat Buffer Error Vulnerability

Tencent WeChat 微信 is an online social networking application from the Chinese company Tencent. The program supports sending voice messages, videos, images, and text. A buffer error vulnerability exists in Tencent WeChat that originates when a network system or product performs an operation in...

8.8CVSS7.6AI score0.02016EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/09/25 12:0 a.m.4 views

PT-2020-14272 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.3.1 Description: The RaggedCountSparseOutput implementation does not validate that the input arguments form a valid ragged tensor, specifically that the values in the splits tensor generate a valid partitioning ...

6.8CVSS5AI score0.00563EPSS
Exploits1References14
Positive Technologies
Positive Technologies
added 2020/06/12 12:0 a.m.3 views

PT-2020-8507 · Adns +2 · Adns +2

Name of the Vulnerable Software and Affected Versions: adns versions prior to 1.5.2 Description: An issue was discovered in adns where it fails to ignore apparent answers before the first RR that was found the first time. This can cause adns to be confused by interleaving answers for the CNAME...

9.8CVSS8.2AI score0.03603EPSS
Exploits0References49
CNVD
CNVD
added 2019/12/23 12:0 a.m.2 views

Libspiro 'spiro_to_bpath0()' function buffer overflow vulnerability

Libspiro is a curve plotting library. A buffer overflow vulnerability exists in the 'spirotobpath0' function in the spiro.c file in Libspiro 20190731 and prior versions. The vulnerability stems from a networked system or product performing operations in memory without properly validating data...

8.1CVSS7.4AI score0.01365EPSS
Exploits1References1
OSV
OSV
added 2017/03/22 2:59 p.m.6 views

CVE-2014-9834

Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file...

7.8CVSS7.6AI score
Exploits0References4
Rows per page
Query Builder