CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3427 matches found

EUVD-2026-38956

In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: fix off-by-one in bcmgenetputtxcb The writeptr points to the next open txcb. We want to return the txcb that gets rewinded, so we must rewind the pointer first then return the txcb that it points to. That way the...

5.7AI score

Exploits0References9

AstraLinux•added 5 days ago•4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fslupm: A bug in the funexecop function was fixed; a “off-by-one” test was corrected. The “op-cs” values are copied into “fun-mchipnumber”, which is used to access the “mchipoffsets” and “rnbgpio” arrays. These arra...

5.7AI score0.00175EPSS

Exploits0References2

AstraLinux•added 5 days ago•3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: scsi: sd: A “off-by-one” error has been fixed in sdreadBlockcharacteristics. If the device returns page 0xb1 with a length of 8 this occurs with QEMU v2.x, for example, sdReadBlockCharacteristics may attempt an out-of-bounds...

7.8CVSS6AI score0.00231EPSS

Exploits0References2

AstraLinux•added 5 days ago•6 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed another “off-by-one” issue with the fsmap for 1k-block file systems. It seems that syzbot discovered that issuing the FSMAP call as follows: c struct fsmaphead cmd = .fmhcount = ...; .fmhkeys = .fmrdevice = / ext4...

5.5CVSS5.8AI score0.00152EPSS

Exploits0References1

AstraLinux•added 5 days ago•4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Fixed a potential VPE leak upon error. In itsvpeirqdomainalloc, when itsvpeinit returns an error, there is an off-by-one issue with the number of VPEs that need to be freed. This issue was fixed by simply...

5.5CVSS5.2AI score0.00251EPSS

Exploits0References2

AstraLinux•added 5 days ago•4 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-0 and 6.9.13-26 have a heap buffer overflow in the InterpretImageFilename function. The issue arises from an off-by-one error that causes out-of-bounds memory access when...

9.8CVSS5.8AI score0.00623EPSS

Exploits1References2

RedHat Linux•added 2026/06/16 4:53 p.m.•3 views

gnutls: gnutls: Memory corruption due to off-by-one error in PKCS#12 bag handling

A flaw was found in gnutls. An off-by-one error exists in the PKCS12 bag element bounds check. This vulnerability allows an remote attacker to write past the internal array of a PKCS12 bag when appending to a bag that already contains 32 elements. This memory corruption could lead to a denial of...

5.3CVSS5.5AI score0.00574EPSS

Exploits0References4

RedHat Linux•added 2026/06/15 2:6 a.m.•6 views

gimp: GIMP:Memory disclosure and denial of service via specially crafted PCX image

A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible...

7.1CVSS7.5AI score0.00634EPSS

Exploits1References5

CVE•added 2026/06/14 5:10 p.m.•43 views

CVE-2026-54410

nanoMODBUS (through v1.23.0) contains an off-by-one buffer overflow in the recv_msg_header() of the Modbus/TCP server. An unauthenticated remote attacker can craft an MBAP Length=255 to force writing one attacker-controlled byte past the 260-byte receive buffer, corrupting the adjacent state stru...

9CVSS5.8AI score0.00541EPSS

Exploits0References4

SUSE CVE•added 2026/06/12 2:26 a.m.•5 views

SUSE CVE-2026-45358

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, an off by one in the meta encoder could result in an out of bounds read of a single byte in the meta encoder. This issue has been patched in versions 6.9.13-47...

5.3CVSS5.2AI score0.0024EPSS

Exploits0References3

NVD•added 2026/06/10 10:16 p.m.•10 views

CVE-2026-45380

bit7z is a cross-platform C++ static library that allows the compression/extraction of archive files. Prior to version 4.0.12, a one-byte off-by-one error in SafeOutPathBuilder::restoreSymlink allows an attacker to craft a .7z archive that, when extracted with bit7z on any non-Windows platform,...

3.6CVSS0.00116EPSS

Exploits0References2

NVD•added 2026/06/10 10:16 p.m.•8 views

CVE-2026-45358

5.3CVSS0.0024EPSS

Exploits0References1

AlpineLinux•added 2026/06/10 9:26 p.m.•9 views

CVE-2026-45358

5.3CVSS5.3AI score0.0024EPSS

Exploits0

CVE•added 2026/06/10 9:26 p.m.•19 views

CVE-2026-45358

CVE-2026-45358 concerns ImageMagick, where an off-by-one in the meta encoder can cause an out-of-bounds read of a single byte. Affected releases include 6.9.13-46, 7.1.2-21 and earlier; it has been patched in 6.9.13-47 and 7.1.2-22. Other CVEs in the related advisories (e.g., CVE-2026-42326, CVE-...

5.3CVSS5.3AI score0.0024EPSS

Exploits0References1Affected Software1

EUVD•added 2026/06/10 9:26 p.m.•9 views

EUVD-2026-36159

5.3CVSS5.3AI score0.0024EPSS

Exploits0References1