Lucene search
K

1238 matches found

ATTACKERKB
ATTACKERKB
added 3 days ago3 views

CVE-2026-12413

An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The function reassemblev2incomingfragments would ignore unknown outer payloads but still store these in a fixed size array msgdigest.digestPAYLIMIT...

7.5CVSS6.4AI score0.00597EPSS
Exploits0References3Affected Software1
NVD
NVD
added 4 days ago9 views

CVE-2026-44042

UltraVNC repeater through 1.8.2.2 contains an off-by-one error in the Base64 decode helper used for HTTP Basic authentication. In repeater/webgui/webutils.c:817, the wiuudecode function checks whether the input length exceeds the output buffer with a strict greater-than comparison , while the...

3.7CVSS0.00313EPSS
Exploits0References2
EUVD
EUVD
added 5 days ago6 views

EUVD-2026-40312

A flaw was found in GLib. An off-by-one error can occur in the gvstupleisnormal function in the glib/gvariant-serialiser.c file when doing an alignment padding check because the bounds check uses instead of =, causing an out-of-bounds read of only 1 byte. This issue can cause a minor information...

6.5CVSS5.8AI score0.00322EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/06/26 12:3 a.m.7 views

CVE-2026-53088

A flaw was found in the Linux kernel's bcmgenet network driver. An off-by-one error in the bcmgenetputtxcb function, related to the writeptr handling for transmit control blocks txcb, could lead to incorrect cleanup of these blocks. This issue may result in system instability or unexpected behavi...

9.8CVSS5.8AI score0.00404EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/24 8:20 p.m.23 views

CVE-2026-52804 Gogs: Privilege Escalation via Collaboration Access Mode Validation

Gogs is an open source self-hosted Git service. Prior to 0.14.3, a repository admin collaborator can escalate their privileges to owner-level access by exploiting an off-by-one error in the ChangeCollaborationAccessMode function. This vulnerability is fixed in 0.14.3...

7CVSS0.00499EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/06/23 4:52 p.m.6 views

Gogs Vulnerable to Privilege Escalation via Collaboration Access Mode Validation

Summary A repository admin collaborator can escalate their privileges to owner-level access by exploiting an off-by-one error in the ChangeCollaborationAccessMode function. Vulnerable Code In internal/database/repocollaboration.go, line 129: go func r Repository ChangeCollaborationAccessModeuserI...

7CVSS5.9AI score0.00499EPSS
Exploits0References5Affected Software1
Microsoft CVE
Microsoft CVE
added 2026/05/31 8:2 a.m.8 views

Gnutls: gnutls: memory corruption due to off-by-one error in pkcs#12 bag handling

...

5.3CVSS5.4AI score0.00727EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/28 6:59 p.m.9 views

CVE-2026-49127

Music Player Daemon MPD before version 0.24.11 contains a stack buffer overflow vulnerability in the pcmunpack24be function in src/pcm/Pack.cxx that allows unauthenticated attackers to corrupt stack memory by triggering an off-by-one write in the PCM decoder plugin. Attackers can issue two MPD...

8.8CVSS6.1AI score0.0051EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.13 views

PT-2026-44373

Name of the Vulnerable Software and Affected Versions bzip2 versions prior to 1.0.9 Description The bzip2recover utility contains an off-by-one error. When processing a specially crafted file, the application performs an out-of-bounds write to a global buffer, which leads to memory corruption and...

4.8CVSS5.3AI score0.00126EPSS
Exploits0References13
RedHat Linux
RedHat Linux
added 2026/05/26 3:26 a.m.14 views

gimp: GIMP:Memory disclosure and denial of service via specially crafted PCX image

A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible...

7.1CVSS7.2AI score0.00634EPSS
Exploits1References5
Snyk
Snyk
added 2026/05/21 9:42 p.m.12 views

Off-by-one Error

Overview Affected versions of this package are vulnerable to Off-by-one Error in the json and yaml encoder process. An attacker can cause a heap buffer overwrite by providing specially crafted input data. Remediation A fix was pushed into the master branch but not yet published. References - GitH...

6.9CVSS5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/05/21 9:42 p.m.13 views

Off-by-one Error

Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

6.9CVSS5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/05/21 9:42 p.m.12 views

Off-by-one Error

Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

6.9CVSS5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/05/21 9:42 p.m.13 views

Off-by-one Error

Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.9CVSS5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/05/21 9:42 p.m.13 views

Off-by-one Error

Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.9CVSS5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/05/21 9:42 p.m.16 views

Off-by-one Error

Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.9CVSS5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/05/21 9:42 p.m.15 views

Off-by-one Error

Overview Magick.NET-Q16-HDRI-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

6.9CVSS5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/05/20 3:42 a.m.8 views

Off-by-one Error

Overview Affected versions of this package are vulnerable to Off-by-one Error via the establishproxyconnection function. An attacker can corrupt stack memory by sending a specially crafted HTTP proxy response line of 1023 or more bytes without a newline terminator, potentially leading to...

5.9CVSS5.8AI score0.00337EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/18 5:48 p.m.10 views

Off-by-one Error

Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.9CVSS5.8AI score0.0024EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/18 5:48 p.m.9 views

Off-by-one Error

Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

6.9CVSS5.8AI score0.0024EPSS
Exploits0References3
Rows per page
Query Builder