Lucene search
K

915 matches found

CVE
CVE
added yesterday7 views

CVE-2026-15720

Open5GS up to version 2.7.7 is affected by a pre-authentication heap out-of-bounds read in the AMF NAS 5GS mobile-identity handler, which may cause subscriber-wide denial of service. The CVE entry consolidates this as CVE-2026-15720. The connected sources (NVD/NVD CVE records) confirm the vulnera...

8.6CVSS6.1AI score
Exploits0References1
NVD
NVD
added 2 days ago8 views

CVE-2026-57432

Perl versions through 5.43.10 have an integer overflow in Smeasurestruct leading to an out-of-bounds heap read in pack and unpack. Smeasurestruct adds each item's size times its repeat count to a running total with no overflow check, so a large repeat count in a pack or unpack template wraps the...

8.4CVSS0.00207EPSS
Exploits0References3
Cvelist
Cvelist
added 2 days ago33 views

CVE-2026-57432 Perl versions through 5.43.10 have an integer overflow in S_measure_struct leading to an out-of-bounds heap read in pack and unpack

Perl versions through 5.43.10 have an integer overflow in Smeasurestruct leading to an out-of-bounds heap read in pack and unpack. Smeasurestruct adds each item's size times its repeat count to a running total with no overflow check, so a large repeat count in a pack or unpack template wraps the...

0.00207EPSS
Exploits0References2
CVE
CVE
added 2 days ago11 views

CVE-2026-57432

CVE-2026-57432 detail (supported by connected docs): Perl versions through 5.43.10 contain an integer overflow in the S_measure_struct function that sums item sizes (size × repeat) without overflow checks. A large repeat count in a pack or unpack template can wrap the signed SSize_t total negativ...

8.4CVSS6.2AI score0.00207EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2 days ago3 views

CVE-2026-57432 Perl versions through 5.43.10 have an integer overflow in S_measure_struct leading to an out-of-bounds heap read in pack and unpack

Perl versions through 5.43.10 have an integer overflow in Smeasurestruct leading to an out-of-bounds heap read in pack and unpack. Smeasurestruct adds each item's size times its repeat count to a running total with no overflow check, so a large repeat count in a pack or unpack template wraps the...

8.4CVSS6.2AI score0.00207EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 5 days ago5 views

CVE-2026-57157

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. FreeRDP server implementations with the MS-RDPECAM camera device enumerator channel enabled are vulnerable to an out-of-bounds heap read. A malicious RDP client can exploit this by manipulating the DeviceName a...

6.5CVSS6AI score0.00539EPSS
Exploits1References9
NVD
NVD
added 5 days ago5 views

CVE-2026-57157

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.28.0, FreeRDP server implementations with the MS-RDPECAM camera device enumerator channel enabled scan attacker-supplied DeviceName and VirtualChannelName fields for a NUL terminator in...

6.5CVSS0.00539EPSS
Exploits1References6
EUVD
EUVD
added 5 days ago6 views

EUVD-2026-43006

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.28.0, FreeRDP server implementations with the MS-RDPECAM camera device enumerator channel enabled scan attacker-supplied DeviceName and VirtualChannelName fields for a NUL terminator in...

6.5CVSS6.1AI score0.00539EPSS
Exploits1References6
OSV
OSV
added 5 days ago2 views

CVE-2026-57157 Out-of-bounds read in the camera device enumerator server (rdpecam) via unterminated DeviceName / VirtualChannelName

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.28.0, FreeRDP server implementations with the MS-RDPECAM camera device enumerator channel enabled scan attacker-supplied DeviceName and VirtualChannelName fields for a NUL terminator in...

6.5CVSS6.1AI score0.00539EPSS
Exploits1References8
CVE
CVE
added 5 days ago14 views

CVE-2026-57158

FreeRDP (Remote Desktop Protocol client) is affected in versions 3.21.0 through 3.27.x where the GFX pipeline’s planar_decompress_plane_rle_only fix is incomplete, allowing a malicious RDP server to send a truncated RDPGFX_CMDID_WIRETOSURFACE_1 planar payload that may read one byte past the input...

9.1CVSS6.1AI score0.0069EPSS
Exploits1References4Affected Software1
CVE
CVE
added last week10 views

CVE-2026-57257

CVE-2026-57257 impacts Foxit PDF Editor/Reader (PRC 3D BRep Renderer). During PRC parsing, there is a boundary-verification flaw for the PRC entity index, causing an out-of-bounds read of the entity array and resulting in a crash. CVSS: 6.1 (Local, Low attack complexity, User interaction required...

6.1CVSS5.9AI score0.00107EPSS
Exploits0References1Affected Software2
OSV
OSV
added 2026/07/06 6:27 a.m.4 views

OESA-2026-2845 perl security update

Perl 5 is a highly capable, feature-rich programming language with over 30 years of development. Perl 5 runs on over 100 platforms from portables to mainframes and is suitable for both rapid prototyping and large scale development projects. Security Fixes: Socket versions before 2.041 for Perl ha...

9.1CVSS5.9AI score0.00389EPSS
Exploits0References2
OSV
OSV
added 2026/07/06 6:27 a.m.4 views

OESA-2026-2843 perl security update

Perl 5 is a highly capable, feature-rich programming language with over 30 years of development. Perl 5 runs on over 100 platforms from portables to mainframes and is suitable for both rapid prototyping and large scale development projects. Security Fixes: Socket versions before 2.041 for Perl ha...

9.1CVSS5.9AI score0.00389EPSS
Exploits0References2
CVE
CVE
added 2026/07/03 12:56 p.m.21 views

CVE-2026-56015

CVE-2026-56015 affects Net::IP::LPM v1.10 and earlier for Perl, enabling a heap out-of-bounds read when adding prefixes with unbounded lengths. The bug arises in addPrefixToTrie() which walks the prefix buffer by prefix_length bits without verifying it against the address width (4 bytes IPv4, 16 ...

9.1CVSS6AI score0.00537EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/07/01 9:21 p.m.8 views

dnsmasq: RRSIG rdlen underflow leading to heap OOB read

A heap out-of-bounds read vulnerability was discovered in dnsmasq's DNSSEC validation. When processing RRSIG records, dnsmasq calculates the signature length by subtracting the fixed field size from the record's declared data length. A crafted RRSIG record with a data length smaller than the fixe...

7.5CVSS5.8AI score0.06226EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/29 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-12892

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in GStreamer's gst-plugins-bad package. When processing a specially crafted H.264 video file containing malformed MVC or SVC extension slice NA...

4.4CVSS6AI score0.00119EPSS
Exploits0References4
OSV
OSV
added 2026/06/28 9:26 a.m.2 views

SUSE-SU-2026:22382-1 Security update for giflib

This update for giflib fixes the following issue - CVE-2026-26740: heap out-of-bounds read when processing a specially crafted GIF file containing a GCE block with a truncated extension byte count bsc1259836...

8.2CVSS7.2AI score0.00618EPSS
Exploits1References3
NVD
NVD
added 2026/06/25 8:17 p.m.7 views

CVE-2026-12340

Out-of-bounds heap read during SM2/SM3 certificate signature verification. When parsing a certificate with an SM3wSM2 signature, the Subject Key Identifier computation reads the trailing 65 bytes of the public key without checking that the key is at least that long. A public key shorter than 65...

7.5CVSS0.00226EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/25 7:36 p.m.25 views

CVE-2026-12340 Out-of-bounds heap read in SM2/SM3 certificate Subject Key Identifier computation

Out-of-bounds heap read during SM2/SM3 certificate signature verification. When parsing a certificate with an SM3wSM2 signature, the Subject Key Identifier computation reads the trailing 65 bytes of the public key without checking that the key is at least that long. A public key shorter than 65...

6.3CVSS0.00226EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/25 7:36 p.m.6 views

CVE-2026-12340

Out-of-bounds heap read during SM2/SM3 certificate signature verification. When parsing a certificate with an SM3wSM2 signature, the Subject Key Identifier computation reads the trailing 65 bytes of the public key without checking that the key is at least that long. A public key shorter than 65...

6.3CVSS5.8AI score0.00226EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder