Lucene search
K

2051 matches found

Vulnrichment
Vulnrichment
added 2026/05/31 10:15 p.m.8 views

CVE-2026-10198 Assimp glTFImporter glTFImporter.cpp ImportMeshes null pointer dereference

A flaw has been found in Assimp up to 6.0.4. Affected by this vulnerability is the function Assimp::glTFImporter::ImportMeshes of the file glTFImporter.cpp of the component glTFImporter. This manipulation causes null pointer dereference. The attack is restricted to local execution. The exploit ha...

4.8CVSS5.3AI score0.00113EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/31 12:0 a.m.13 views

PT-2026-45215

Name of the Vulnerable Software and Affected Versions Assimp versions prior to 6.0.5 Description A null pointer dereference occurs in the glTFImporter component within the Assimp::glTFImporter::ImportMeshes function of the glTFImporter.cpp file. This issue allows for local execution attacks...

4.8CVSS5.9AI score0.00113EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/05/28 6:26 p.m.13 views

CVE-2026-47326 Memory leak in Ubuntu Linux AppArmor large notification response allocation

Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by an unprivileged local user. The memory leak could lead to resource exhaustion...

5.5CVSS5.8AI score0.00093EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/28 5:44 p.m.16 views

compliance-trestle - jinja has an Arbitrary File Write via Path Traversal

Relevant Products/Components: trestle/core/commands/author/jinja.py trestle author jinja --- Detailed Description: The -o/--output argument in trestle author jinja allows writing files outside the intended workspace. The application does not properly validate: ../ ..\ absolute paths This allows...

6.2AI score0.0005EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/05/26 5:45 p.m.30 views

CVE-2026-9567 GPAC MP4Box isom_intern.c MergeFragment null pointer dereference

A security flaw has been discovered in GPAC up to 2.4.0. Affected is the function MergeFragment of the file src/isomedia/isomintern.c of the component MP4Box. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit has been released to the publ...

4.8CVSS0.00115EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/05/26 2:4 a.m.15 views

SUSE CVE-2018-25356

SIPp 3.6 and earlier contains a local buffer overflow vulnerability in command-line argument handling that allows local attackers to crash the application or execute arbitrary code. Attackers can trigger the vulnerability by supplying oversized input to the -3pcc, -i, or -logfile parameters,...

8.6CVSS6.2AI score0.00162EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/25 9:15 p.m.10 views

CVE-2026-9504

A weakness has been identified in GNU LibreDWG up to 0.14. Affected is the function bitconvertTU of the file programs/dwggrep.c of the component Dwggrep Utility. This manipulation causes out-of-bounds read. The attack needs to be launched locally. The exploit has been made available to the public...

4.8CVSS5.3AI score0.00176EPSS
Exploits0References7Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/25 9:0 p.m.10 views

CVE-2026-9503

A security flaw has been discovered in GNU LibreDWG up to 0.14. This impacts the function dwgnextentity of the file src/decode.c of the component DWG File Handler. The manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been releas...

4.8CVSS5.4AI score0.00143EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2026/05/25 8:30 p.m.24 views

CVE-2026-9501 GNU LibreDWG Dwgread Utility decode.c decompress_R2004_section assertion

A vulnerability was determined in GNU LibreDWG up to 0.14. The impacted element is the function decompressR2004section of the file src/decode.c of the component Dwgread Utility. Executing a manipulation can lead to reachable assertion. The attack is restricted to local execution. The exploit has...

4.8CVSS0.00144EPSS
Exploits0References7
EUVD
EUVD
added 2026/05/12 6:30 p.m.23 views

EUVD-2026-29593

Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00298EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/05/11 7:23 p.m.83 views

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

Обзор Copy Fail CVE-2026-31431 — это логическая уязвим...

7.8CVSS6AI score0.96267EPSS
Exploits228
PyPA
PyPA
added 2026/05/09 11:16 p.m.18 views

PYSEC-2026-4

A flaw has been found in OSGeo gdal up to 3.13.0dev-4. Affected by this vulnerability is the function SWSDfldsrch of the file frmts/hdf4/hdf-eos/SWapi.c. Executing a manipulation can lead to heap-based buffer overflow. The attack requires local access. The exploit has been published and may be...

5.5CVSS5.8AI score0.00205EPSS
Exploits1References9
SUSE CVE
SUSE CVE
added 2026/05/09 2:46 a.m.8 views

SUSE CVE-2026-8084

A vulnerability was determined in OSGeo gdal up to 3.13.0dev-4. This vulnerability affects the function memmove of the file frmts/hdf4/hdf-eos/SWapi.c of the component HDF-EOS Grid File Handler. This manipulation causes out-of-bounds read. The attack is restricted to local execution. The exploit...

5.5CVSS5.3AI score0.00264EPSS
Exploits1References3
EUVD
EUVD
added 2026/05/08 6:32 a.m.8 views

EUVD-2022-31079

The socket connection handler in aswArPot.sys in the Avast and AVG Windows Anti Rootkit driver before 22.1 allows local attackers to execute arbitrary code in kernel mode or cause a denial of service memory corruption and OS crash due to a double fetch vulnerability at aswArPot+0xc4a3...

7.8CVSS6.4AI score0.00217EPSS
Exploits0References3
CVE
CVE
added 2026/05/08 12:0 a.m.26 views

CVE-2026-8119

CVE-2026-8119 affects Open5GS up to 2.7.7, specifically the NSSF path. The vulnerable element is the function ogs_sbi_stream_find_by_id in the file /lib/sbi/nghttp2-server.c of the NSSF component. A manipulation leads to a denial of service . The vulnerability requires a local attacker (attack ve...

5.5CVSS5.5AI score0.00202EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2026/05/07 9:30 p.m.28 views

EUVD-2026-28417

A vulnerability was determined in OSGeo gdal up to 3.13.0dev-4. This vulnerability affects the function memmove of the file frmts/hdf4/hdf-eos/SWapi.c of the component HDF-EOS Grid File Handler. This manipulation causes out-of-bounds read. The attack is restricted to local execution. The exploit...

4.8CVSS5.4AI score0.00264EPSS
Exploits1References10
CVE
CVE
added 2026/05/07 6:45 p.m.24 views

CVE-2026-8086

OSGeo GDAL contains a local heap-based buffer overflow in SWnentries (SWapi.c) affecting versions up to 3.13.0dev-4. The vulnerability arises from incorrect handling of DimensionName. Local exploitation is possible; a public exploit exists. Remediation: upgrade to 3.12.4RC1 (patch 9491e794f1757f0...

7.8CVSS6.2AI score0.00237EPSS
Exploits1References9Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.12 views

PT-2026-38571

Name of the Vulnerable Software and Affected Versions OSGeo gdal versions prior to 3.13.0RC1 Description A weakness in the GDfieldinfo function within the frmts/hdf4/hdf-eos/GDapi.c file can lead to an out-of-bounds read, which occurs when a program reads data past the end of the intended buffer...

5.5CVSS5.7AI score0.00246EPSS
Exploits1References11
RedhatCVE
RedhatCVE
added 2026/05/01 4:35 p.m.7 views

CVE-2026-43015

A flaw was found in the Linux kernel’s macb network driver. Improper handling of clock resources during the removal of a PCI Peripheral Component Interconnect device driver can lead to a use-after-free vulnerability. A local attacker could exploit this by performing specific module operations,...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/01 12:0 a.m.3 views

CVE-2026-37526

AGL app-framework-binder afb-daemon through v19.90.0 allows any local process to execute privileged supervision commands Exit, Do, Sclose, Config, Trace, Debug, Token, slist without authentication via the abstract Unix socket @urn:AGL:afs:supervision:socket. The onsupervisioncall function in...

7.8CVSS6AI score0.00123EPSS
Exploits0References3
Rows per page
Query Builder