Lucene search
K

15 matches found

RedHat Linux
RedHat Linux
added 2026/07/01 9:21 p.m.8 views

dnsmasq: RRSIG rdlen underflow leading to heap OOB read

A heap out-of-bounds read vulnerability was discovered in dnsmasq's DNSSEC validation. When processing RRSIG records, dnsmasq calculates the signature length by subtracting the fixed field size from the record's declared data length. A crafted RRSIG record with a data length smaller than the fixe...

7.5CVSS5.8AI score0.06226EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.21 views

Astra Linux – Vulnerability in libssh

A flaw was discovered in libssh, where a malicious SFTP SSH File Transfer Protocol server can exploit this by sending a malformed ‘longname’ field within an SSHFXPNAME message during a file listing operation. This missing null check can lead to reading beyond the allocated memory on the heap. Thi...

3.1CVSS6.6AI score0.00442EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/19 7:3 p.m.44 views

CVE-2026-32738 libheif has a Heap OOB Read/SEGV Crash via Zero samples_per_chunk

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 792-byte HEIF sequence file with samplesperchunk=0 in the stsc box causes an unsigned integer underflow in the Chunk constructor mlastsample = 0 + 0 - 1 = UINT32MAX, mapping all samples to an empty...

6.5CVSS0.00301EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.8 views

PT-2026-36530

Name of the Vulnerable Software and Affected Versions dtrace affected versions not specified Description An unprivileged attacker can create a user-space process with a malicious ELF binary containing an out-of-range sh link field. When a root-level dtrace process attaches to or instruments that...

4.4CVSS5.8AI score0.00108EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/04/10 11:25 p.m.5 views

SUSE CVE-2026-39855

osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an integer underflow vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash computation code pepagehashcalc. When page hash processing is performed on a PE file, the function...

5.5CVSS6AI score0.00143EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2015-1484

Malware in sbrugna...

2.1CVSS8.9AI score0.00486EPSS
Exploits1References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-8783

Malware in sbrugna...

5.5CVSS6.8AI score0.01532EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-51054

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00233EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:49 a.m.3 views

SUSE CVE-2017-5834

The parsedictnode function in bplist.c in libplist allows attackers to cause a denial of service out-of-bounds heap read and crash via a crafted file...

5.5CVSS6.6AI score0.01297EPSS
Exploits0References5
Prion
Prion
added 2020/01/14 5:15 p.m.37 views

Out-of-bounds

The compilebranch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of service out-of-bounds heap read and crash, or possibly have other unspecified impact via a regular expression with a group containing a forward reference repeated a large...

6.8CVSS7.4AI score0.01575EPSS
Exploits1References4Affected Software4
OSV
OSV
added 2018/05/22 7:29 p.m.3 views

UBUNTU-CVE-2018-11375

The instlds function in radare2 2.5.0 allows remote attackers to cause a denial of service heap-based out-of-bounds read and application crash via a crafted binary file...

5.5CVSS7.2AI score0.01148EPSS
Exploits0References4
CNVD
CNVD
added 2017/07/24 12:0 a.m.5 views

ImageMagick Denial of Service Vulnerability (CNVD-2017-18362)

ImageMagick is a set of open-source image processing software from the U.S. company ImageMagick Studio. The software can read, convert and write pictures in a variety of formats. A denial of service vulnerability exists in the 'WriteUILImage' function in the coders/uil.c file in ImageMagick versi...

6.5CVSS6.8AI score0.01928EPSS
Exploits1References1
CNVD
CNVD
added 2016/04/14 12:0 a.m.1 views

QEMU Denial of Service Vulnerability (CNVD-2016-02207)

QEMU is a suite of analog processor software developed by French programmer Fabrice Bellard. A security vulnerability in the netchecksumcalculate function in QEMU's net/checksum.c file can be exploited by an attacker to cause a denial of service out-of-bounds heap read and crash with the help of...

8.4CVSS7.3AI score0.00564EPSS
Exploits0References1
ArchLinux
ArchLinux
added 2015/03/05 12:0 a.m.24 views

grep: denial of service

The bmexectrans function in kwset.c allows local users to cause a denial of service out-of-bounds heap read and crash via crafted input when using the -F option. grep's read buffer is often filled to its full size, except when reading the final buffer of a file. In that case, the number of bytes...

2.1CVSS8.7AI score0.00486EPSS
Exploits1References3
OSV
OSV
added 2015/02/12 4:59 p.m.4 views

CVE-2015-1345

The bmexectrans function in kwset.c in grep 2.19 through 2.21 allows local users to cause a denial of service out-of-bounds heap read and crash via crafted input when using the -F option...

5.9AI score
Exploits0References7
Rows per page
Query Builder