Lucene search
K

105 matches found

NVD
NVD
added 2026/06/10 2:16 a.m.10 views

CVE-2026-45160

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.7, 5.3.5, 5.4.4, 5.5.4, and 6.0.1, an out-of-bounds read flaw exists in the DHCP server option parser parseoptions in components/lwip/apps/dhcpserver/dhcpserver.c shipped with ESP-IDF's lwIP component. The pars...

6.5CVSS0.00246EPSS
Exploits0References7
OSV
OSV
added 2026/05/05 6:3 p.m.9 views

CLSA-2026-1778004214 vim: Fix of 5 CVEs

CVE-2022-2124: fix out-of-bounds read in currentquote when searching for quotes goes over the end of the line textobject.c, upstream patch 8.2.5120 - CVE-2022-2126: fix invalid index use in suggesttriewalk when tsfidx is zero spellsuggest.c, upstream patch 8.2.5123 - CVE-2022-2207: fix read...

7.8CVSS7.1AI score0.02098EPSS
Exploits5References1
OSV
OSV
added 2026/05/05 11:22 a.m.13 views

CLSA-2026-1777980164 vim: Fix of 5 CVEs

CVE-2022-2124: fix out-of-bounds read in currentquote when searching for quotes goes over the end of the line textobject.c, upstream patch 8.2.5120 - CVE-2022-2126: fix invalid index use in suggesttriewalk when tsfidx is zero spellsuggest.c, upstream patch 8.2.5123 - CVE-2022-2207: fix read...

7.8CVSS7.1AI score0.02098EPSS
Exploits5References1
OSV
OSV
added 2026/04/30 9:11 a.m.6 views

CLSA-2026-1777540266 vim: Fix of 10 CVEs

CVE-2022-2182: in doonecmd, after ";" sets curwin-wcursor.lnum to ea.line2, call checkcursor instead of checkcursorlnum so the column is validated too, and fall back to checkcursorcol when ea.line2 is zero, preventing read past end-of-line on ":0;'". - CVE-2022-2206: in checkshellsize, clamp...

7.8CVSS7AI score0.02645EPSS
Exploits10References1
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.2 views

Adobe InDesign < 20.5.3 / 21.0 < 21.3.0 Multiple Vulnerabilities (APSB26-32) (macOS)

The version of Adobe InDesign installed on the remote macOS host is prior to 20.5.3, 21.3.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-32 advisory. - Heap-based Buffer Overflow CWE-122 potentially leading to Arbitrary code execution CVE-2026-34627,...

7.8CVSS6.5AI score0.00178EPSS
Exploits0References10
NVD
NVD
added 2026/02/10 7:15 p.m.11 views

CVE-2026-21345

Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current...

7.8CVSS0.00157EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:49 a.m.7 views

CVE-2022-37368

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

5.5CVSS5.5AI score0.0073EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:6 a.m.5 views

CVE-2020-17401

This vulnerability allows local attackers to disclose sensitive informations on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists...

6CVSS6.3AI score0.00553EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2025/11/01 1:1 a.m.3 views

bnxt: Do not read past the end of test names

...

5.5CVSS7AI score0.00176EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.7 views

EulerOS 2.0 SP12 : libarchive (EulerOS-SA-2025-2013)

According to the versions of the libarchive package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when handling prefixes and...

7.8CVSS6.7AI score0.00341EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2022-1534

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer Over-read at parserawml.c:1416 in GitHub repository bfabiszewski/libmobi prior to 0.11. The bug causes the program reads data past the end of the intente...

7.1CVSS6.5AI score0.00342EPSS
Exploits1References2
OSV
OSV
added 2025/08/05 2:15 p.m.5 views

CVE-2025-7033

A memory abuse issue exists in the Rockwell Automation Arena® Simulation. A custom file can force Arena Simulation to read and write past the end of memory space. Successful use requires user action, such as opening a bad file or webpage. If used, a threat actor could execute code or disclose...

7.8CVSS5.9AI score
Exploits0References1
OSV
OSV
added 2025/06/09 8:15 p.m.7 views

AZL-63851 CVE-2025-5918 affecting package libarchive for versions less than 3.6.1-7

A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memo...

6.6CVSS6.3AI score0.00341EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:41 p.m.6 views

CVE-2021-31446

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

4.3CVSS6.1AI score0.02682EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/01/31 12:0 a.m.7 views

PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS6AI score0.00624EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/11 12:0 a.m.5 views

PT-2024-17649 · Tungsten Automation · Tungsten Automation Power Pdf

Name of the Vulnerable Software and Affected Versions: Tungsten Automation Power PDF affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this,...

7.8CVSS7.1AI score0.00397EPSS
Exploits0References6
OSV
OSV
added 2024/11/22 10:15 p.m.2 views

CVE-2024-9767

IrfanView SID File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page...

7.8CVSS7.7AI score
Exploits0References1
CVE
CVE
added 2024/11/22 8:44 p.m.39 views

CVE-2024-11529

CVE-2024-11529 affects IrfanView due to an out-of-bounds read in the DWG file parser that can lead to remote code execution . The vulnerability arises from insufficient validation of user-supplied data, causing a read past the end of an allocated buffer. Exploitation requires user interaction (ta...

7.8CVSS8AI score0.00394EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/10/11 12:0 a.m.6 views

PT-2024-39826 · Tungsten Automation · Tungsten Automation Power Pdf

Name of the Vulnerable Software and Affected Versions: Tungsten Automation Power PDF affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. User interaction is required to exploi...

3.3CVSS6.6AI score0.0025EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/10/11 12:0 a.m.3 views

PT-2024-39821 · Tungsten Automation · Tungsten Automation Power Pdf

Name of the Vulnerable Software and Affected Versions: Tungsten Automation Power PDF affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations. User interaction is required, where the target must visit a malicious...

3.3CVSS6.9AI score0.0025EPSS
Exploits0References4
Rows per page
Query Builder