Lucene search
K

27 matches found

SUSE CVE
SUSE CVE
added 2026/04/07 11:25 p.m.2 views

SUSE CVE-2026-34588

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.1.0 to before 3.2.7, 3.3.9, and 3.4.9, internalexrundopiz advances the working wavelet pointer with signed 32-bit arithmetic. Because nx, ny, and...

7CVSS5.8AI score0.00482EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.5 views

OpenEXR 缓冲区错误漏洞

OpenEXR is an open standard for high dynamic range image file formats, open-sourced by the Academy Software Foundation. Versions of OpenEXR prior to 3.1.0 and 3.2.7, as well as versions prior to 3.3.9 and 3.4.9, contain a buffer error vulnerability. This vulnerability stems from integer overflows...

8.6CVSS6AI score0.00482EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/03/13 12:0 a.m.6 views

FreeRDP 缓冲区错误漏洞

FreeRDP is an open-source RDP protocol implementation developed by the FreeRDP team. Versions of FreeRDP prior to 3.24.0 contained a buffer error vulnerability, which stemmed from a minor error in the bitmap caching subsystem. This vulnerability could lead to out-of-bounds reads and writes...

8.2CVSS6AI score0.00309EPSS
Exploits1References3
NVD
NVD
added 2026/02/14 3:16 p.m.8 views

CVE-2026-23123

In the Linux kernel, the following vulnerability has been resolved: interconnect: debugfs: initialize srcnode and dstnode to empty strings The debugfscreatestr API assumes that the string pointer is either NULL or points to valid kmalloc memory. Leaving the pointer uninitialized can cause problem...

5.5CVSS0.00119EPSS
Exploits0References4
NVD
NVD
added 2026/01/27 5:16 p.m.5 views

CVE-2026-22039

Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1.16.3 and 1.15.3 have a critical authorization boundary bypass in namespaced Kyverno Policy apiCall. The resolved urlPath is executed using the Kyverno admission controller ServiceAccount, with no...

9.9CVSS0.00516EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/10/31 12:0 a.m.5 views

Xen 安全漏洞

Xen is an open source virtual machine monitor product from Xen Open Source. The product enables different and incompatible operating systems to run on the same computer and supports migration at runtime to ensure uptime and avoid downtime. A security vulnerability exists in Xen that stems from a...

7.5CVSS6.1AI score0.00347EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/10/16 11:38 p.m.2 views

SUSE CVE-2025-11709

A compromised web process was able to trigger out of bounds reads and writes in a more privileged process using manipulated WebGL textures. This vulnerability was fixed in Firefox 144, Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4...

9.8CVSS7.2AI score0.00385EPSS
Exploits0References11
FreeBSD
FreeBSD
added 2025/10/14 12:0 a.m.7 views

Mozilla -- Out-of-bounds reads and writes

[email protected] reports: A compromised web process was able to trigger out of bounds reads and writes in a more privileged process using manipulated WebGL textures...

9.8CVSS6.9AI score0.00385EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/06 6:35 p.m.15 views

CVE-2025-0034

Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRVSOCCMDIDSRIOVSPATIALPART and cause read or write past the end of allocated arrays, potentially resulting in a loss of platform integrity or denial of service...

4.7CVSS0.00118EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/04 12:0 a.m.3 views

Google Pixel 安全漏洞

Google Pixel is a smartphone from Google USA. Google Pixel suffers from a security vulnerability that stems from insufficient input validation, which could lead to out-of-bounds reads and writes and local elevation of privilege...

7.8CVSS6.2AI score0.00078EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/02/08 12:0 a.m.21 views

EulerOS 2.0 SP9 : xorg-x11-server (EulerOS-SA-2024-1210)

According to the versions of the xorg-x11-server package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by...

7.8CVSS7.1AI score0.01631EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/08/29 8:50 a.m.2 views

kernel: UAF in nftables when nft_set_lookup_global triggered after handling named and anonymous sets in batch requests

A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can lead to performing arbitrary reads and writes in kernel memory. This flaw allows a local user with CAPNETADMIN capability to crash or potentially...

7.8CVSS6.8AI score0.00871EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/01/24 10:13 a.m.3 views

kernel: memory corruption in AX88179_178A based USB ethernet device.

A flaw was found in the Linux kernel’s driver for the ASIX AX88179178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes...

7.8CVSS6.6AI score0.00294EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/09/09 12:0 a.m.2 views

Linux kernel 缓冲区错误漏洞

The Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel that originates from multiple out-of-bounds reads and possibly out-of-bounds writes contained in the Linux kernel driver for USB 2.0/3.0 Gigabit...

7.8CVSS6.7AI score0.00294EPSS
Exploits0References16
Veracode
Veracode
added 2022/08/18 7:14 a.m.29 views

Denial Of Service (DoS)

libtiff.so is vulnerable to denial of service.The vulnerability exists ingetcropfffsets function intiffcrop.c,which allows an attacker to send crafted file leading to out of bound reads and writes...

5.5CVSS6AI score0.003EPSS
Exploits0References5Affected Software4
CNNVD
CNNVD
added 2022/08/18 12:0 a.m.1 views

Adobe Acrobat Reader DC 缓冲区错误漏洞

Adobe Acrobat Reader DC is the United States of America Audobee Adobe company of a Pdf reading tool. It is used to reliably view, print and annotate Pdf documents. A buffer error vulnerability exists in Adobe Acrobat Reader DC, which arises from performing operations in memory without properly...

5.5CVSS7.5AI score0.00261EPSS
Exploits0References1
OSV
OSV
added 2022/02/04 11:15 p.m.2 views

PYSEC-2022-124

Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits missing validation in the conversion from sparse tensors to dense tensors. The fix is included in TensorFlow 2.8.0. We...

8.8CVSS5.9AI score0.00837EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/02/04 12:0 a.m.6 views

Google TensorFlow 缓冲区错误漏洞

Google TensorFlow is an end-to-end open source platform for machine learning from Google Google. Google Tensorflow is vulnerable to a buffer overflow vulnerability that could be exploited by an attacker to build a TFLite model that allows limited reads and writes to the outside of arrays in TFLit...

8.8CVSS6AI score0.00837EPSS
Exploits1References4
CNVD
CNVD
added 2021/03/15 12:0 a.m.11 views

Schneider Electric Interactive Graphical SCADA System Buffer Overflow Vulnerability (CNVD-2021-31177)

Schneider Electric Interactive Graphical SCADA System IGSS is a SCADA Data Acquisition and Supervisory System system for monitoring and controlling industrial processes from Schneider Electric, France. A buffer overflow vulnerability exists in Interactive Graphical SCADA System IGSS Definition...

9.3CVSS7.2AI score0.00796EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/02/01 12:0 a.m.5 views

Qualcomm HLOS Input Validation Error Vulnerability

Qualcomm HLOS is a Qualcomm Advanced Operating Platform component used in Qualcomm products. An input validation error vulnerability exists in Qualcomm HLOS, where writes and reads are made out-of-bounds in the TA due to improper checking of the length of the command and response buffers...

7.8CVSS7.1AI score0.00161EPSS
Exploits0References4
Rows per page
Query Builder