Lucene search
K

37 matches found

ATTACKERKB
ATTACKERKB
added 3 days ago4 views

CVE-2026-58010

A flaw was found in GLib. An off-by-one error can occur in the gvstupleisnormal function in the glib/gvariant-serialiser.c file when doing an alignment padding check because the bounds check uses instead of =, causing an out-of-bounds read of only 1 byte. This issue can cause a minor information...

6.5CVSS5.8AI score0.00264EPSS
Exploits1References4
Cvelist
Cvelist
added 3 days ago31 views

CVE-2026-58010 Glib: buffer over-read in glib/gvariant-serialiser.c via gvs_tuple_is_normal()

A flaw was found in GLib. An off-by-one error can occur in the gvstupleisnormal function in the glib/gvariant-serialiser.c file when doing an alignment padding check because the bounds check uses instead of =, causing an out-of-bounds read of only 1 byte. This issue can cause a minor information...

6.5CVSS0.00264EPSS
Exploits1References3
NVD
NVD
added 2026/06/23 9:16 p.m.7 views

CVE-2026-12892

A flaw was found in GStreamer's gst-plugins-bad package. When processing a specially crafted H.264 video file containing malformed MVC or SVC extension slice NAL units, a 1-byte heap out-of-bounds read can occur during parsing. This happens when the parser attempts to check slice boundary...

4.4CVSS0.00124EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.13 views

Astra Linux – Vulnerability in tar

GNU Tar version 1.34 has a one-byte out-of-bounds read operation, which allows for the use of uninitialized memory during a conditional jump. Exploitation to alter the control flow has not been demonstrated. The issue occurs in the fromheader section of the list.c file, due to a V7 archive where...

5.5CVSS6.3AI score0.04524EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.11 views

SUSE CVE-2026-47104

libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed USB descriptor whose bLength equals size minus one, causing the bounds check to use the original buffer...

5.5CVSS5.9AI score0.0013EPSS
Exploits0References3
OSV
OSV
added 2026/05/27 2:17 p.m.6 views

UBUNTU-CVE-2026-47104

libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed USB descriptor whose bLength equals size minus one, causing the bounds check to use the original buffer...

5.5CVSS5.9AI score0.0013EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/05/27 1:20 p.m.47 views

CVE-2026-47104 libusb < 1.0.30 Out-of-Bounds Read in parse_iad_array()

libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed USB descriptor whose bLength equals size minus one, causing the bounds check to use the original buffer...

5.1CVSS0.0013EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/05/27 1:20 p.m.17 views

CVE-2026-47104

libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed USB descriptor whose bLength equals size minus one, causing the bounds check to use the original buffer...

5.5CVSS5.9AI score0.0013EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/27 1:20 p.m.15 views

EUVD-2026-32500

libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed USB descriptor whose bLength equals size minus one, causing the bounds check to use the original buffer...

5.1CVSS5.9AI score0.0013EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/05/27 1:20 p.m.9 views

CVE-2026-47104

libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed USB descriptor whose bLength equals size minus one, causing the bounds check to use the original buffer...

5.5CVSS5.9AI score0.0013EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.11 views

PT-2026-43972

Name of the Vulnerable Software and Affected Versions libusb versions prior to 1.0.30 Description A one-byte out-of-bounds read exists in the parse iad array function within descriptor.c. This occurs when a malformed USB descriptor is supplied where the bLength equals the size minus one, causing...

5.5CVSS5.9AI score0.0013EPSS
Exploits0References14
OSV
OSV
added 2026/05/07 4:16 a.m.5 views

UBUNTU-CVE-2026-44603

Tor before 0.4.9.7 has an out-of-bounds read by one byte via a malformed BEGIN cell, aka TROVE-2026-007...

9.1CVSS5.8AI score0.00342EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/05/07 12:0 a.m.10 views

CVE-2026-44603

Tor before 0.4.9.7 has an out-of-bounds read by one byte via a malformed BEGIN cell, aka TROVE-2026-007...

9.1CVSS5.8AI score0.00342EPSS
Exploits0References5
OSV
OSV
added 2026/04/24 1:16 p.m.9 views

JLSEC-2026-184

GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in fromheader in list.c via a V7 archive in which mtime has approximately 11 whitespace...

5.5CVSS6.1AI score0.04524EPSS
Exploits1References8
EUVD
EUVD
added 2026/03/20 12:31 a.m.8 views

EUVD-2026-13233

1-byte OOB heap read in wcPKCS7DecodeEnvelopedData via zero-length encrypted content. A vulnerability existed in wolfSSL 5.8.4 and earlier, where a 1-byte out-of-bounds heap read in wcPKCS7DecodeEnvelopedData could be triggered by a crafted CMS EnvelopedData message with zero-length encrypted...

2.1CVSS5.8AI score0.00095EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/03/19 10:16 p.m.5 views

CVE-2026-4159

1-byte OOB heap read in wcPKCS7DecodeEnvelopedData via zero-length encrypted content. A vulnerability existed in wolfSSL 5.8.4 and earlier, where a 1-byte out-of-bounds heap read in wcPKCS7DecodeEnvelopedData could be triggered by a crafted CMS EnvelopedData message with zero-length encrypted...

3.3CVSS5.8AI score0.00095EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/19 9:17 p.m.3 views

CVE-2026-4159 wc_PKCS7_DecodeEnvelopedData 1 byte out-of-bounds read

1-byte OOB heap read in wcPKCS7DecodeEnvelopedData via zero-length encrypted content. A vulnerability existed in wolfSSL 5.8.4 and earlier, where a 1-byte out-of-bounds heap read in wcPKCS7DecodeEnvelopedData could be triggered by a crafted CMS EnvelopedData message with zero-length encrypted...

2.1CVSS5.8AI score0.00095EPSS
Exploits0References1
CVE
CVE
added 2026/03/19 9:17 p.m.19 views

CVE-2026-4159

CVE-2026-4159: A 1-byte out-of-bounds heap read in wolfSSL’s wc_PKCS7_DecodeEnvelopedData can be triggered by a crafted CMS EnvelopedData message with zero-length encrypted content. Affected software: wolfSSL 5.8.4 and earlier; root cause is a 1-byte OOB read during enveloped data decoding. Impac...

3.3CVSS5.8AI score0.00095EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/19 12:0 a.m.10 views

PT-2026-26376

Name of the Vulnerable Software and Affected Versions wolfSSL versions 5.8.4 and earlier Description An out-of-bounds heap read issue exists in the wc PKCS7 DecodeEnvelopedData function when processing crafted CMS EnvelopedData messages containing zero-length encrypted content. This issue could...

3.3CVSS5.1AI score0.00095EPSS
Exploits0References9
NVD
NVD
added 2026/02/18 4:22 p.m.6 views

CVE-2025-71229

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: Fix alignment fault in rtwcoreenablebeacon rtwcoreenablebeacon reads 4 bytes from an address that is not a multiple of 4. This results in a crash on some systems. Do 1 byte reads/writes instead. Unable to handle kern...

5.5CVSS0.00118EPSS
Exploits0References5
Rows per page
Query Builder