Lucene search
K

293 matches found

Debian CVE
Debian CVE
added 2026/04/24 2:45 p.m.6 views

CVE-2026-31648

In the Linux kernel, the following vulnerability has been resolved: mm: filemap: fix nrpages calculation overflow in filemapmappages When running stress-ng on my Arm64 machine with v7.0-rc3 kernel, I encountered some very strange crash issues showing up as "Bad page state": " 734.496287 BUG: Bad...

7.8CVSS5.4AI score0.0012EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/04/21 1:33 a.m.9 views

CVE-2026-40250

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.4.0 through 3.4.9, 3.3.0 through 3.3.9, and 3.2.0 through 3.2.7, internaldwacompressor.h:1040 performs chan-width chan-bytesperelement in...

8.4CVSS5.8AI score0.0045EPSS
Exploits1References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010751)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010751 advisory. In the Linux kernel, the following vulnerability has been resolved: vhost: fix hung thread due to erroneous iotlb entries In vhostiotlbaddrangectx, range size can...

5.5CVSS5.7AI score0.00207EPSS
Exploits0References3
NVD
NVD
added 2026/04/03 5:16 p.m.5 views

CVE-2026-5474

A vulnerability was found in NASA cFS up to 7.0.0. This affects the function CFEMSGGetSize of the file apps/tolab/fsw/src/tolabpassthruencode.c of the component CCSDS Packet Header Handler. Performing a manipulation results in heap-based buffer overflow. The attacker must have access to the local...

8.8CVSS0.00374EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/01 12:0 a.m.1 views

CVE-2026-25833

Mbed TLS 3.5.0 to 3.6.5 fixed in 3.6.6 and 4.1.0 has a buffer overflow in the x509inetptonipv6 function...

6.1AI score0.00308EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/31 1:28 p.m.8 views

EUVD-2026-17413

RAUC controls the update process on embedded Linux systems. Prior to version 1.15.2, RAUC bundles using the 'plain' format exceeding a payload size of 2 GiB cause an integer overflow which results in a signature which covers only the first few bytes of the payload. Given such a bundle with a...

7.2CVSS5.8AI score0.00141EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/31 1:28 p.m.24 views

CVE-2026-34155 RAUC: Improper Signing of Plain Bundles Exceeding 2 GiB

RAUC controls the update process on embedded Linux systems. Prior to version 1.15.2, RAUC bundles using the 'plain' format exceeding a payload size of 2 GiB cause an integer overflow which results in a signature which covers only the first few bytes of the payload. Given such a bundle with a...

7.2CVSS0.00141EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/26 4:32 p.m.20 views

CVE-2026-27816 EVerest's ISO15118 update_energy_transfer_modes overflow can corrupt EVSE state

EVerest is an EV charging software stack. Prior to versions to 2026.02.0, ISO15118chargerImpl::handleupdateenergytransfermodes copies a variable-length list into a fixed-size array of length 6 without bounds checking. With schema validation disabled by default, oversized MQTT Cmd payloads can...

6.9CVSS0.00197EPSS
Exploits0References1
CVE
CVE
added 2026/03/26 4:32 p.m.15 views

CVE-2026-27816

EVerest prior to version 2026.02.0 has a buffer overflow in ISO15118_chargerImpl::handle_update_energy_transfer_modes where a variable-length list is copied into a fixed-size 6-element array without bounds checks. With default schema validation disabled, oversized MQTT Cmd payloads can cause out-...

9.1CVSS5.8AI score0.00197EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/03/20 3:54 a.m.21 views

CVE-2026-32945 PJSIP is vulnerable to Heap-based Buffer Overflow through DNS parser

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a Heap-based Buffer Overflowvulnerability in the DNS parser's name length handler. Thisimpacts applications using PJSIP's built-in DNS resolver, such as those configured with...

8.4CVSS0.00308EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2026/03/20 1:34 a.m.5 views

CVE-2026-4463

Heap buffer overflow in WebRTC in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.8AI score0.00301EPSS
Exploits0
OSV
OSV
added 2026/03/11 5:16 p.m.2 views

UBUNTU-CVE-2026-31853

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-16 and 6.9.13-41, an overflow on 32-bit systems can cause a crash in the SFW decoder when processing extremely large images. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41...

5.7CVSS5.8AI score0.00093EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/03/11 5:9 p.m.2 views

CVE-2026-31853

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-16 and 6.9.13-41, an overflow on 32-bit systems can cause a crash in the SFW decoder when processing extremely large images. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41...

5.7CVSS5.9AI score0.00093EPSS
Exploits0
Snyk
Snyk
added 2026/03/09 9:42 p.m.5 views

Out-of-bounds Write

Overview Magick.NET-Q8-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

9.2CVSS5.8AI score0.00334EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/03/09 9:42 p.m.4 views

CVE-2026-28693

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an integer overflow in DIB coder can result in out of bounds read or write. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41...

8.1CVSS7.7AI score0.00334EPSS
Exploits0
Cvelist
Cvelist
added 2026/03/06 1:2 a.m.28 views

CVE-2026-3613 Wavlink WL-NU516U1 login.cgi sub_401A0C stack-based overflow

A vulnerability was identified in Wavlink WL-NU516U1 V240425. This vulnerability affects the function sub401A0C of the file /cgi-bin/login.cgi. Such manipulation of the argument ipaddr leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit is publicly...

8.6CVSS0.00709EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/02/26 10:35 p.m.5 views

CVE-2026-27691

iccDEV provides a set of libraries and tools for working with ICC color management profiles. In versions up to and including 2.3.1.4, signed integer overflow in iccFromCube.cpp during multiplication triggers undefined behavior, potentially causing crashes or incorrect ICC profile generation when...

6.2CVSS5.4AI score0.0016EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/02/24 1:44 a.m.5 views

CVE-2026-2588

Crypt::NaCl::Sodium versions through 2.001 for Perl has an integer overflow flaw on 32-bit systems. Sodium.xs casts a STRLEN sizet to unsigned long long when passing a length pointer to libsodium functions. On 32-bit systems sizet is typically 32-bits while an unsigned long long is at least 64-bi...

9.1CVSS5.4AI score0.00346EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2026/02/12 11:45 a.m.5 views

Security update for xrdp

This update for xrdp fixes the following issues: CVE-2025-68670: Fix a potential overflow when processing user domain information. bsc1257362 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you c...

9.2CVSS5.5AI score0.01318EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/01/29 10:15 p.m.5 views

CVE-2026-25061

tcpflow is a TCP/IP packet demultiplexer. In versions up to and including 1.61, wifipcap parses 802.11 management frame elements and performs a length check on the wrong field when handling the TIM element. A crafted frame with a large TIM length can cause a 1-byte out-of-bounds write past...

7.5CVSS5.9AI score0.00517EPSS
Exploits1References2
Rows per page
Query Builder