Lucene search
K

14 matches found

CVE
CVE
added 2026/06/09 10:49 p.m.31 views

CVE-2026-46433

CVE-2026-46433 affects lldpd (LLDP implementation). Prior to version 1.0.22, lldpd_decode() incorrectly shifts frame payload when removing 802.1Q VLAN tags, using a length calculation that causes a 4-byte heap OOB read if the frame size equals the interface MTU. This vulnerability is fixed in ver...

6.5CVSS5.5AI score0.00225EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.10 views

libheif 缓冲区错误漏洞

LibHEIF is a open-source decoder and encoder for the ISO/IEC 23008-12:2017 HEIF file format developed by Struktur. Versions of LibHEIF prior to 1.21.2 contain a buffer error vulnerability. This vulnerability stems from excessive heap buffer reading in the HeifPixelImage::overlay function, where a...

7.1CVSS6AI score0.00323EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2026/05/10 12:41 p.m.18 views

Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak

Cybersecurity researchers have disclosed a critical security vulnerability in Ollama that, if successfully exploited, could allow a remote, unauthenticated attacker to leak its entire process memory. The out-of-bounds read flaw, which likely impacts over 300,000 servers globally, is tracked as...

9.1CVSS6.9AI score0.01001EPSS
Exploits3
OSV
OSV
added 2026/04/23 6:35 p.m.8 views

CLSA-2026-1776873238 libarchive: Fix of CVE-2026-4424

CVE-2026-4424: fix heap out-of-bounds read in RAR reader due to LZSS window size mismatch after PPMd block...

7.5CVSS7.1AI score0.00882EPSS
Exploits0References1
Rockylinux
Rockylinux
added 2026/04/19 12:4 a.m.11 views

libarchive security update

An update is available for libarchive. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libarchive programming library can create and read several different...

9.8CVSS6.2AI score0.01073EPSS
Exploits0
CVE
CVE
added 2026/03/31 3:36 p.m.16 views

CVE-2026-34235

CVE-2026-34235 affects the PJSIP library (C) prior to version 2.17, where the VP9 RTP unpacketizer has a heap out-of-bounds read when parsing crafted VP9 SS data. The vulnerability stems from insufficient bounds checking on the payload descriptor length, causing reads beyond the RTP payload buffe...

9.1CVSS5.8AI score0.00405EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/30 8:48 p.m.2 views

CVE-2025-66037

A flaw was found in OpenSC, an open-source smart card tools and middleware. An attacker could exploit this vulnerability by providing a specially crafted input. This crafted input causes an out-of-bounds heap read, where the software attempts to read data beyond its allocated memory. Mitigation...

6.8CVSS5.8AI score0.00253EPSS
Exploits1References5
OSV
OSV
added 2026/03/20 9:16 a.m.3 views

UBUNTU-CVE-2026-33069

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a cascading out-of-bounds heap read in pjsipmultipartparse. After boundary string matching, curptr is advanced past the delimiter without verifying it has not reached the buffer end. This...

7.5CVSS6AI score0.0026EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/10 5:53 p.m.3 views

CVE-2026-30984 iccDEV has a heap out-of-bounds read in CIccCalculatorFunc::ApplySequence()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap out-of-bounds read in CIccCalculatorFunc::ApplySequence causing an application crash. This vulnerability is fixed in 2.3.1.5...

6.1CVSS5.8AI score0.0015EPSS
Exploits0References4
OSV
OSV
added 2026/02/10 9:31 p.m.3 views

GHSA-CP6G-7HQX-QXHP mongo-go-driver has Heap Out-of-Bounds Read in GSSAPI Error Handling

The mongo-go-driver repository contains CGo bindings for GSSAPI Kerberos authentication on Linux and macOS. The C wrapper implementation contains a heap out-of-bounds read vulnerability due to incorrect assumptions about string termination in the GSSAPI standard. Since GSSAPI buffers are not...

6.9CVSS5.4AI score0.00223EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:45 a.m.3 views

SUSE CVE-2017-9182

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service use-after-free and invalid heap read, related to the GETCOLOR function in color.c:16:11...

7.5CVSS8.4AI score0.02228EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/11/08 9:20 a.m.6 views

wavpack: Heap out-of-bounds read in WavpackPackSamples()

A heap out-of-bounds read flaw was found in WavPacks' WavpackPackSamples function of src/packutils.c and only affects the command-line program of WavPack not libwavpack. This flaw allows an attacker to exploit this flaw for a website that uses the WavPack command-line program on user-provided...

5.5CVSS5.8AI score0.01155EPSS
Exploits1References4
OSV
OSV
added 2022/02/02 12:15 p.m.5 views

CVE-2021-24043

A missing bound check in RTCP flag parsing code prior to WhatsApp for Android v2.21.23.2, WhatsApp Business for Android v2.21.23.2, WhatsApp for iOS v2.21.230.6, WhatsApp Business for iOS 2.21.230.7, and WhatsApp Desktop v2.2145.0 could have allowed an out-of-bounds heap read if a user sent a...

9.1CVSS5.8AI score0.01119EPSS
Exploits0References2
CNVD
CNVD
added 2017/09/13 12:0 a.m.2 views

GraphicsMagick 'DrawImage' Function Denial of Service Vulnerability

GraphicsMagick is a simple set of image processing tools. The tool provides resizing, rotating, highlighting and other functions to images. A security vulnerability exists in the 'DrawImage' function of the magick/render.c file in GraphicsMagick version 1.3.26. A remote attacker can exploit this...

6.5CVSS7.3AI score0.01861EPSS
Exploits0References1
Rows per page
Query Builder