46176 matches found
EUVD-2026-45163
A vulnerability has been found in liftoff-sr CIPster up to 632336d414ef708a542377c1aa8d6fdb7c70a760. Affected by this issue is the function CipAppPath::deserializesymbolic of the file source/src/cip/cipepath.cc. Such manipulation leads to out-of-bounds read. The attack may be launched remotely. T...
CVE-2026-16013
CVE-2026-16013 affects liftoff-sr CIPster; vulnerable is the function CipAppPath::deserialize_symbolic in source/src/cip/cipepath.cc. The issue enables an out-of-bounds read and may be exploitable remotely. Public disclosure of the exploit is noted. There are no version details due to the rolling...
CVE-2026-57075
A flaw was found in YAML::Syck. An out-of-bounds read vulnerability exists in the base64 decoder, specifically in the syckbase64dec function. This occurs because the decoder uses a signed character to index a lookup table, allowing specially crafted !!binary YAML nodes with high-bit bytes to caus...
CVE-2026-57077
YAML::Syck versions before 1.47 for Perl allow an out-of-bounds read via an unbounded newline scan in newlinelen. In the bundled libsyck newlinelen and isnewline dereference the scan pointer, and the following byte for a "\r\n" pair, with no NUL-terminator or bounds check. During block-scalar...
CVE-2026-57077 YAML::Syck versions before 1.47 for Perl allow an out-of-bounds read via an unbounded newline scan in newline_len
YAML::Syck versions before 1.47 for Perl allow an out-of-bounds read via an unbounded newline scan in newlinelen. In the bundled libsyck newlinelen and isnewline dereference the scan pointer, and the following byte for a "\r\n" pair, with no NUL-terminator or bounds check. During block-scalar...
CVE-2026-57077
Affected software: YAML::Syck (Perl) before version 1.47. Vulnerability: out-of-bounds read via an unbounded newline scan in newline_len during block-scalar lexing at a document boundary, dereferencing scan pointers and the following byte of a "\r\n" pair without a NUL-terminator or bounds check....
CVE-2026-57075 YAML::Syck versions before 1.47 for Perl allow an out-of-bounds read via a signed-char lookup-table index in syck_base64dec
YAML::Syck versions before 1.47 for Perl allow an out-of-bounds read via a signed-char lookup-table index in syckbase64dec. The base64 decoder in the bundled libsyck indexes the 256-entry static table b64xtable with a signed char, so any !!binary byte = 0x80 sign-extends to a negative index and...
CVE-2026-60073
An out-of-bounds read in the Productivity Suite allows a physical attacker to control the length of data sent to a USB device. This can lead to a system crash or disclosure of kernel memory...
CVE-2026-57896
An out-of-bounds read vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption by sending a crafted IOCTL request. This could lead to limited information disclosure or disruption of the affected product...
EUVD-2026-45036
An out-of-bounds read in the Productivity Suite allows a physical attacker to control the length of data sent to a USB device. This can lead to a system crash or disclosure of kernel memory...
EUVD-2026-45035
An out-of-bounds read vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption by sending a crafted IOCTL request. This could lead to limited information disclosure or disruption of the affected product...
CVE-2026-57896
The CVE-2026-57896 relates to an out-of-bounds read in AutomationDirect Productivity Suite exploitable via a crafted IOCTL request from a local attacker, potentially causing kernel memory corruption with information disclosure and disruption. Affected component/behavior is the Productivity Suiteā...
CVE-2026-57896 AutomationDirect Productivity Suite Out-of-bounds Read
An out-of-bounds read vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption by sending a crafted IOCTL request. This could lead to limited information disclosure or disruption of the affected product...
CVE-2026-57896
An out-of-bounds read vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption by sending a crafted IOCTL request. This could lead to limited information disclosure or disruption of the affected product...
CVE-2026-60140
The CVE-2026-60140 entry concerns AutomationDirect Productivity Suite with an out-of-bounds read in IOCTL handling that can allow a local attacker to trigger kernel memory corruption, exposing sensitive information and potentially making the product unstable or unavailable. The advisory notes a l...
EUVD-2026-45026
An out-of-bounds read vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption by sending a crafted IOCTL request. This can lead to exposing sensitive information or causing the affected product to become unstable or unavailable...
CVE-2026-60140 AutomationDirect Productivity Suite Out-of-bounds Read
An out-of-bounds read vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption by sending a crafted IOCTL request. This can lead to exposing sensitive information or causing the affected product to become unstable or unavailable...
CVE-2026-57073
HTML::Bare for Perl versions up to 0.04 is vulnerable to an unbounded character lookahead in parserc_parse, enabling out-of-bounds reads (truncated strings like
CVE-2026-43676
A flaw was found in WebKitGTK. Processing maliciously crafted web content can trigger an out-of-bounds read due to improper bounds checking, resulting in an unexpected process crash...
CVE-2026-54058
A flaw was found in Pillow prior to 12.3.0. When an uncompressed McIdas AREA image is loaded from a filename through the mmap raw codec path, attacker-controlled header words can set a row stride smaller than the natural row width. Pixel access such as Image.tobytes, getpixel, convert, or save ca...