Lucene search
K

31 matches found

Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.4 views

PT-2026-53727

Name of the Vulnerable Software and Affected Versions Safari versions prior to 26.5.2 iOS versions prior to 26.5.2 iPadOS versions prior to 26.5.2 macOS Tahoe versions prior to 26.5.2 Description Processing maliciously crafted web content may result in the disclosure of process memory due to...

6.5CVSS5.9AI score0.00203EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/06/25 11:42 p.m.11 views

CVE-2026-45358

A flaw was found in ImageMagick, a free and open-source software for editing and manipulating digital images. A remote attacker could exploit an off-by-one error in the meta encoder to read a single byte outside of allocated memory. This out-of-bounds read could lead to the disclosure of sensitiv...

5.3CVSS5.7AI score0.0024EPSS
Exploits0References4
NVD
NVD
added 2026/06/23 5:17 p.m.7 views

CVE-2026-56968

GNU SASL before 2.2.4 lacks sanitization of a short challenge in gsaslntlmclientstep in the NTLM client, which could result in memory disclosure via a crafted server...

5.3CVSS0.00241EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2026/06/20 2:48 a.m.11 views

SUSE CVE-2025-15661

libssh2 through 1.11.1, fixed in commit 2dae302, contains an out-of-bounds heap read vulnerability in the sftpsymlink function in src/sftp.c that allows a malicious SSH server or man-in-the-middle attacker to disclose heap memory contents or cause a crash by sending a crafted SSHFXPNAME response...

6.8CVSS6AI score0.00267EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in PostgresSQL 11

A flaw was discovered in PostgreSQL. By using an INSERT...ON CONFLICT...DO UPDATE command on a specially crafted table, an authenticated database user could read arbitrary bytes of server memory. The most significant threat of this vulnerability is to data confidentiality...

6.5CVSS7.1AI score0.01449EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-26824

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libxls through version 1.6.3 contains a use of uninitialized memory vulnerability in the OLE container parser. Memory allocated for the Master Sector Allocation...

6.5CVSS5.5AI score0.00228EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/06/02 3:25 p.m.41 views

CVE-2026-45683 OpenTelemetry eBPF Instrumentation: Java TLS ioctl kprobe allows kernel memory disclosure

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the Java TLS ioctl probe reads user-controlled ioctl pointers with bpfproberead instead of bpfprobereaduser. An instrumented local process can therefore point OBI at kerne...

3.8CVSS0.00174EPSS
Exploits1References2
Rosalinux
Rosalinux
added 2026/05/19 1:25 p.m.13 views

Advisory ROSA-SA-2026-3270

software: nginx 1.30.1 OS: ROSA-CHROME unaffected versions = nginx-1.30.1-1 affected versions nginx-1.30.1-1 CVE-ID: CVE-2026-42926 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in NGINX Open Source allows an attacker to inject frame headers and data into the upstream when proxying...

9.2CVSS6.6AI score0.61469EPSS
Exploits41
EUVD
EUVD
added 2026/02/25 11:39 p.m.5 views

EUVD-2026-8767

NanaZip is an open source file archive. Starting in version 5.0.1252.0 and prior to versions 6.0.1638.0 and 6.5.1638.0, NanaZip’s .NET Single File Application parser has an out-of-bounds read vulnerability in manifest parsing. A crafted bundle can provide a malformed RelativePathLength so the...

5.1CVSS5.5AI score0.00144EPSS
Exploits1References1
EUVD
EUVD
added 2026/01/28 5:26 p.m.6 views

EUVD-2025-206454

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 26.1 and iPadOS 26.1, Pages 15.1, macOS Tahoe 26.1. Processing a maliciously crafted Pages document may result in unexpected termination or disclosure of process memory...

4.3CVSS5.9AI score0.00278EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/12/09 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-40341

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - futex: Don't leak robustlist pointer on exec race sysgetrobustlist and compatgetrobustlist use ptracemayaccess to check if the calling task is allowed to access...

6AI score0.00191EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-25070

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00436EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-24530

Malicious code in bioql PyPI...

5.5CVSS6.4AI score0.00188EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-43608

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00481EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.5 views

Adobe Substance 3D Sampler <= 5.0.3 Out-of-bounds Read (APSB25-78)

The version of Adobe Substance 3D Sampler installed on the remote host is prior or equal to 5.0.3 It is, therefore, affected by a out-of-bounds read vulnerability as referenced in the APSB25-78 advisory. - Substance3D - Sampler versions 5.1.0 and earlier are affected by an out-of-bounds read...

5.5CVSS5.6AI score0.00189EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/06 9:18 p.m.6 views

CVE-2025-49128 Jackson-core Vulnerable to Memory Disclosure via Source Snippet in JsonLocation

Jackson-core contains core low-level incremental "streaming" parser and generator abstractions used by Jackson Data Processor. Starting in version 2.0.0 and prior to version 2.13.0, a flaw in jackson-core's JsonLocation.appendSourceDesc method allows up to 500 bytes of unintended memory content t...

4CVSS4.6AI score0.00314EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 7:39 p.m.8 views

CVE-2021-30709

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may disclose memory contents...

5.5CVSS5.7AI score0.009EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2021-36053

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XMP Toolkit SDK versions 2020.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory. An attacker...

4.3CVSS6.3AI score0.01964EPSS
Exploits0References2
OSV
OSV
added 2025/01/14 7:20 p.m.15 views

BIT-PHP-MIN-2024-11233 Single byte overread with convert.quoted-printable-decode filter

In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas...

8.2CVSS7.3AI score0.01618EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/12/19 12:0 a.m.23 views

Xen 安全漏洞

Xen is an open source virtual machine monitor product from Xen Open Source. The product enables different and incompatible operating systems to run on the same computer and supports migration at runtime to ensure uptime and avoid downtime. A security vulnerability exists in Xen that stems from th...

5.5CVSS5.9AI score0.00294EPSS
Exploits0References5
Rows per page
Query Builder