Lucene search
K

7130 matches found

CVE
CVE
added 2026/04/28 8:30 a.m.16 views

CVE-2026-7247

CVE-2026-7247 affects D-Link DI-8100 firmware 16.07.26A1. The vulnerability is in the File Extension Handler’s file_exten.asp, specifically the function file_exten_asp, where manipulation of the Name argument causes a buffer overflow. This enables remote exploitation, with the exploit disclosed p...

8.6CVSS7.4AI score0.00717EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.16 views

PT-2026-45096

Name of the Vulnerable Software and Affected Versions TRENDnet TEW-432BRP version 3.10B20 Description A stack-based buffer overflow occurs due to the manipulation of the filter name argument within the formSetMACFilter function located in the /goform/formSetMACFilter file. This allows for remote...

9CVSS7.6AI score0.00472EPSS
Exploits0References13
EUVD
EUVD
added 2026/04/24 5:16 p.m.5 views

EUVD-2026-25582

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive and PkeyCtxRef::derive sets len = buf.len and passes it as the in/out length to EVPPKEYderive, relying on OpenSSL to honor it. On OpenSSL 1.1.x, X25519, X448, DH and HKDF-extra...

9.2CVSS5.3AI score0.00298EPSS
Exploits0References1
OSV
OSV
added 2026/04/24 5:16 p.m.2 views

CVE-2026-41676 rust-openssl: Deriver::derive and PkeyCtxRef::derive can overflow short buffers on OpenSSL 1.1.1

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive and PkeyCtxRef::derive sets len = buf.len and passes it as the in/out length to EVPPKEYderive, relying on OpenSSL to honor it. On OpenSSL 1.1.x, X25519, X448, DH and HKDF-extra...

9.2CVSS6AI score0.00298EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/23 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-41989

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt. CVE-2026-41989 Note th...

6.7CVSS5.8AI score0.00182EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.7 views

PT-2026-34457

Terminal Services Manager 3.1 contains a stack-based buffer overflow vulnerability in the computer names field that allows local attackers to execute arbitrary code by triggering structured exception handling. Attackers can craft a malicious input file with shellcode and jump instructions that...

8.6CVSS6.5AI score0.00189EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/04/22 12:0 a.m.11 views

Textpad 缓冲区错误漏洞

Textpad is a lightweight text editor developed by Textpad Inc. Version 8.1.2 of Textpad contains a buffer overflow vulnerability. This vulnerability stems from a denial-of-service vulnerability, which could allow local attackers to cause the application to crash by providing an overly long buffer...

6.9CVSS6.1AI score0.00183EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.6 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013619)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013619 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: rndishost: Secure rndisquery check against int overflow Variables off and len typed as uint3...

5.7AI score0.00184EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010711)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010711 advisory. Integer overflow in the firmware for some IntelR Graphics Drivers for Windows before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privilege...

7.8CVSS6.7AI score0.00359EPSS
Exploits0References3
CNVD
CNVD
added 2026/04/16 12:0 a.m.3 views

D-Link DI-8003 Buffer Overflow Vulnerability (CNVD-2026-17627)

The D-Link DI-8003 is a wireless router from China-based AUO D-Link. A buffer overflow vulnerability exists in the D-Link DI-8003. The vulnerability is caused due to incorrect boundary checking in the qostypeasp.asp script and can be exploited by an attacker to cause a denial of service...

7.5CVSS6AI score0.00516EPSS
Exploits0
Snyk
Snyk
added 2026/04/13 10:11 p.m.4 views

Integer Overflow or Wraparound

Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...

8.7CVSS5.8AI score0.00434EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/13 10:11 p.m.16 views

Heap-based Buffer Overflow

Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.8CVSS6.1AI score0.00187EPSS
Exploits0References2
OSV
OSV
added 2026/04/13 2:16 p.m.8 views

UBUNTU-CVE-2026-31415

In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid overflows in ip6datagramsendctl Yiming Qian reported : I believe I found a locally triggerable kernel bug in the IPv6 sendmsg ancillary-data path that can panic the kernel via skbunderpanic local DoS. The core issue i...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/04/13 12:0 a.m.5 views

CVE-2026-31415

In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid overflows in ip6datagramsendctl Yiming Qian reported : I believe I found a locally triggerable kernel bug in the IPv6 sendmsg ancillary-data path that can panic the kernel via skbunderpanic local DoS. The core issue i...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/13 12:0 a.m.5 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an overflow in the ip6datagramsendctl function. This vulnerability could lead to a local...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References6
OSV
OSV
added 2026/04/10 11:20 a.m.3 views

SUSE-SU-2026:21285-1 Security update for corosync

This update for corosync fixes the following issues: - CVE-2026-35091: Denial of Service and information disclosure via crafted UDP packet bsc1261299. - CVE-2026-35092: Denial of Service via integer overflow in join message validation bsc1261300...

8.2CVSS5.3AI score0.00994EPSS
Exploits2References5
AlpineLinux
AlpineLinux
added 2026/04/10 5:6 a.m.5 views

CVE-2026-5477

An integer overflow existed in the wolfCrypt CMAC implementation, that could be exploited to forge CMAC tags. The function wcCmacUpdate used the guard if cmac-totalSz != 0 to skip XOR-chaining on the first block where digest is all-zeros and the XOR is a no-op. However, totalSz is word32 and wrap...

8.2CVSS5.3AI score0.0042EPSS
Exploits0
EUVD
EUVD
added 2026/04/10 12:30 a.m.3 views

EUVD-2026-21242

A vulnerability has been found in Tenda F451 1.0.0.7. Affected by this vulnerability is the function fromSafeEmailFilter of the file /goform/SafeEmailFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been...

9CVSS7.8AI score0.00511EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/04/10 12:0 a.m.6 views

CVE-2026-5448

X.509 date buffer overflow in wolfSSLX509notAfter / wolfSSLX509notBefore. A buffer overflow may occur when parsing date fields from a crafted X.509 certificate via the compatibility layer API. This is only triggered when calling these two APIs directly from an application, and does not affect TLS...

4.3CVSS6.1AI score0.00122EPSS
Exploits0References2
OSV
OSV
added 2026/04/09 11:17 p.m.5 views

DEBIAN-CVE-2026-5503

In TLSXEchChangeSNI, the ctx-extensions branch set extensions unconditionally even when TLSXFind returned NULL. This caused TLSXUseSNI to attach the attacker-controlled publicName to the shared WOLFSSLCTX when no inner SNI was configured. TLSXEchRestoreSNI then failed to clean it up because its...

9.1CVSS5.2AI score0.00393EPSS
Exploits0References1
Rows per page
Query Builder