Lucene search
K

430 matches found

Vulnrichment
Vulnrichment
added 2026/03/23 8:21 p.m.3 views

CVE-2026-3055 Insufficient input validation leading to memory overread

Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overread...

9.3CVSS5.8AI score0.83996EPSS
Exploits7References1
CVE
CVE
added 2026/03/23 8:21 p.m.77 views

CVE-2026-3055

CVE-2026-3055 affects Citrix NetScaler ADC/NetScaler Gateway when configured as a SAML IDP, causing a memory overread due to insufficient input validation. Affected versions per Nessus plugin: NetScaler ADC/Gateway 14.1 prior to 14.1-66.59; 13.1 prior to 13.1-62.23; and 13.1-FIPS/NDcPP prior to 1...

9.8CVSS5.8AI score0.83996EPSS
In wildExploits7References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/23 8:21 p.m.21 views

CVE-2026-3055

Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overread...

9.8CVSS5.8AI score0.83996EPSS
In wildExploits7References4Affected Software2
NCSC
NCSC
added 2026/03/23 1:43 p.m.5 views

Vulnerabilities fixed in Citrix Netscaler ADC and Netscaler Gateway

Citrix has fixed vulnerabilities in their software related to insufficient input validation and a race condition in session management. The input validation vulnerability occurs because the software does not correctly check for input sizes or limits, which can lead to memory overreads. This can...

9.8CVSS5.8AI score0.83996EPSS
Exploits7References1
Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.12 views

PT-2026-27202

Name of the Vulnerable Software and Affected Versions NetScaler ADC versions prior to 14.1-60.58 NetScaler Gateway versions prior to 13.1-662.23 Description Insufficient input validation in the SAML processing module of NetScaler ADC and NetScaler Gateway, when configured as a SAML Identity...

10CVSS7.5AI score0.83996EPSS
Exploits7References304
Tenable Nessus
Tenable Nessus
added 2026/03/02 12:0 a.m.7 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005411)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005411 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: add bounds checking in getmaxinlinexattrvaluesize Normally the extended attributes in the...

7.8CVSS6.8AI score0.00145EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/02/25 12:24 a.m.11 views

SUSE CVE-2026-25987

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in the MAP image decoder when processing crafted MAP files, potentially leading to crashes or unintended memory...

5.3CVSS5.9AI score0.0037EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/02/24 6:11 a.m.39 views

CVE-2026-25982

A flaw was found in ImageMagick, a software suite for image manipulation. When processing specially crafted DICOM Digital Imaging and Communications in Medicine files, a vulnerability allows the software to read beyond its intended memory boundaries. This can lead to a Denial of Service, causing...

6.5CVSS5.5AI score0.0034EPSS
Exploits0References4
Rosalinux
Rosalinux
added 2026/02/16 7:7 a.m.8 views

Advisory ROSA-SA-2026-3133

Software: curl 7.61.1 OS: ROSA Virtualization 2.1 unaffected versions = curl-7.61.1-34.0.2.rv3.9 affected versions curl-7.61.1-34.0.2.rv3.9 CVE-ID: CVE-2025-9086 BDU-ID: 2025-12599 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the cURL command line utility is related to reading data beyond buffer...

7.5CVSS5.8AI score0.01301EPSS
Exploits1
Redos
Redos
added 2026/02/02 12:0 a.m.6 views

ROS-20260202-73-0026

A vulnerability in the dwc3checkeventbuf function of the Linux kernel is related to reading memory outside of the allocated buffer. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality of protected information...

7.8CVSS5.5AI score0.00192EPSS
Exploits0
Redos
Redos
added 2026/01/29 12:0 a.m.9 views

ROS-20260129-73-0062

A vulnerability in the ssh-agent library ssh-agent server for the Go crypto programming language involves reading beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

5.3CVSS6AI score0.00484EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/01/13 3:28 p.m.3 views

CVE-2025-68785

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix middle attribute validation in pushnsh action The pushnsh action structure looks like this: OVSACTIONATTRPUSHNSHOVSKEYATTRNSHOVSNSHKEYATTRBASE,... The outermost OVSACTIONATTRPUSHNSH attribute is OK'ed by the...

5.5AI score0.00186EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2026/01/12 11:15 p.m.6 views

ALPINE-CVE-2026-22695

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.6.51 to 1.6.53, there is a heap buffer over-read in the libpng simplified API function pngimagefinishread when processing interlaced 16-bit PNGs with...

7.1CVSS5.8AI score0.00172EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.7 views

PT-2026-4857

Name of the Vulnerable Software and Affected Versions Wasmtime versions prior to 36.0.5 Wasmtime versions 36.0.5 through 40.0.2 Wasmtime versions 40.0.3 through 41.0.0 Wasmtime versions 41.0.1 Description A flaw in Wasmtime's Cranelift compiler can lead to a host-level segmentation fault when...

5.5CVSS5.9AI score0.00214EPSS
Exploits0References23
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.6 views

Unity Linux 20.1070e Security Update: nginx (UTSA-2025-993314)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993314 advisory. NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication...

6.3CVSS5.8AI score0.00371EPSS
Exploits0References4
OSV
OSV
added 2025/12/03 11:44 a.m.3 views

BIT-NGINX-GATEWAY-2024-7347 NGINX MP4 module vulnerability

NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngxhttpmp4module and the mp4 directi...

5.7CVSS6.2AI score0.0032EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.4 views

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-41017)

jfs: vulnerability involves the risk of accessing memory beyond the end of ealist, which can lead to undefined behavior or crashes. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

5.5CVSS6.8AI score0.00239EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-5819

Malware in sbrugna...

5.5CVSS5.5AI score0.00204EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-9790

Malware in sbrugna...

7.5CVSS7.6AI score0.00887EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-9046

Malware in sbrugna...

7.5CVSS7.6AI score0.00889EPSS
Exploits0References3
Rows per page
Query Builder