46170 matches found
EUVD-2026-45163
A vulnerability has been found in liftoff-sr CIPster up to 632336d414ef708a542377c1aa8d6fdb7c70a760. Affected by this issue is the function CipAppPath::deserializesymbolic of the file source/src/cip/cipepath.cc. Such manipulation leads to out-of-bounds read. The attack may be launched remotely. T...
CVE-2026-16013
CVE-2026-16013 affects liftoff-sr CIPster; vulnerable is the function CipAppPath::deserialize_symbolic in source/src/cip/cipepath.cc. The issue enables an out-of-bounds read and may be exploitable remotely. Public disclosure of the exploit is noted. There are no version details due to the rolling...
CVE-2026-57077
YAML::Syck versions before 1.47 for Perl allow an out-of-bounds read via an unbounded newline scan in newlinelen. In the bundled libsyck newlinelen and isnewline dereference the scan pointer, and the following byte for a "\r\n" pair, with no NUL-terminator or bounds check. During block-scalar...
CVE-2026-57077 YAML::Syck versions before 1.47 for Perl allow an out-of-bounds read via an unbounded newline scan in newline_len
YAML::Syck versions before 1.47 for Perl allow an out-of-bounds read via an unbounded newline scan in newlinelen. In the bundled libsyck newlinelen and isnewline dereference the scan pointer, and the following byte for a "\r\n" pair, with no NUL-terminator or bounds check. During block-scalar...
CVE-2026-57077
YAML::Syck versions before 1.47 for Perl allow an out-of-bounds read via an unbounded newline scan in newlinelen. In the bundled libsyck newlinelen and isnewline dereference the scan pointer, and the following byte for a "\r\n" pair, with no NUL-terminator or bounds check. During block-scalar...
CVE-2026-57075 YAML::Syck versions before 1.47 for Perl allow an out-of-bounds read via a signed-char lookup-table index in syck_base64dec
YAML::Syck versions before 1.47 for Perl allow an out-of-bounds read via a signed-char lookup-table index in syckbase64dec. The base64 decoder in the bundled libsyck indexes the 256-entry static table b64xtable with a signed char, so any !!binary byte = 0x80 sign-extends to a negative index and...
CVE-2026-60073
An out-of-bounds read in the Productivity Suite allows a physical attacker to control the length of data sent to a USB device. This can lead to a system crash or disclosure of kernel memory...
CVE-2026-57896
An out-of-bounds read vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption by sending a crafted IOCTL request. This could lead to limited information disclosure or disruption of the affected product...
EUVD-2026-45036
An out-of-bounds read in the Productivity Suite allows a physical attacker to control the length of data sent to a USB device. This can lead to a system crash or disclosure of kernel memory...
CVE-2026-57896
An out-of-bounds read vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption by sending a crafted IOCTL request. This could lead to limited information disclosure or disruption of the affected product...
CVE-2026-57896 AutomationDirect Productivity Suite Out-of-bounds Read
An out-of-bounds read vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption by sending a crafted IOCTL request. This could lead to limited information disclosure or disruption of the affected product...
EUVD-2026-45035
An out-of-bounds read vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption by sending a crafted IOCTL request. This could lead to limited information disclosure or disruption of the affected product...
CVE-2026-57896
The CVE-2026-57896 relates to an out-of-bounds read in AutomationDirect Productivity Suite exploitable via a crafted IOCTL request from a local attacker, potentially causing kernel memory corruption with information disclosure and disruption. Affected component/behavior is the Productivity Suiteā...
EUVD-2026-45026
An out-of-bounds read vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption by sending a crafted IOCTL request. This can lead to exposing sensitive information or causing the affected product to become unstable or unavailable...
CVE-2026-60140 AutomationDirect Productivity Suite Out-of-bounds Read
An out-of-bounds read vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption by sending a crafted IOCTL request. This can lead to exposing sensitive information or causing the affected product to become unstable or unavailable...
CVE-2026-60140
The CVE-2026-60140 entry concerns AutomationDirect Productivity Suite with an out-of-bounds read in IOCTL handling that can allow a local attacker to trigger kernel memory corruption, exposing sensitive information and potentially making the product unstable or unavailable. The advisory notes a l...
CVE-2026-57073
HTML::Bare versions through 0.04 for Perl have an unbounded character lookahead. The parsercparse function attempts to check for multicharacter strings such as "" without checking that the offsets are within the buffer. Truncated strings such as "a/" can trigger an out-of-bounds read. Note that t...
CVE-2026-43676
A flaw was found in WebKitGTK. Processing maliciously crafted web content can trigger an out-of-bounds read due to improper bounds checking, resulting in an unexpected process crash...
CVE-2026-54058
A flaw was found in Pillow prior to 12.3.0. When an uncompressed McIdas AREA image is loaded from a filename through the mmap raw codec path, attacker-controlled header words can set a row stride smaller than the natural row width. Pixel access such as Image.tobytes, getpixel, convert, or save ca...
kernel: smb: client: fix OOB reads parsing symlink error response
A flaw was found in the Linux kernel's Server Message Block SMB client. A remote, untrusted server could send a specially crafted symlink error response, leading to an out-of-bounds read vulnerability. This could result in the disclosure of sensitive information from the kernel's memory to a loca...