Lucene search
K

313 matches found

EUVD
EUVD
added yesterday4 views

EUVD-2026-43602

In OpENer 2.3.0 commit 76b95cf when parsing incoming CIP Common Industrial Protocol network packets, the length parameter is inconsistently typed across the call stack. Specifically, an upstream length calculated as an int is passed to a downstream function that expects an EipInt16 a 16-bit signe...

9.1CVSS6.1AI score0.00193EPSS
Exploits0References3
Cvelist
Cvelist
added 2 days ago34 views

CVE-2026-57433 Storable versions before 3.41 for Perl have a signed integer overflow when deserializing a crafted SX_HOOK record

Storable versions before 3.41 for Perl have a signed integer overflow when deserializing a crafted SXHOOK record. retrievehookcommon reads a signed 32-bit item count from an SXHOOK record and calls avextend with that count plus one. A count of I32MAX wraps the addition to a negative value. A...

0.00174EPSS
Exploits0References1
Rockylinux
Rockylinux
added 5 days ago6 views

gstreamer1-plugins-bad-free security update

An update is available for gstreamer1-plugins-bad-free. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GStreamer is a streaming media framework based on graphs ...

8.8CVSS6.2AI score0.0053EPSS
Exploits0
RedHat Linux
RedHat Linux
added last week7 views

gstreamer1-plugins-bad-free: GStreamer: Signed integer overflow in VMnc decoder cursor payload handling

A signed integer overflow vulnerability was found in GStreamer's VMnc decoder. A crafted VMnc stream with large cursor dimensions can overflow signed integer payload-size arithmetic, bypassing a length check and leading to out-of-bounds reads. A remote attacker could trick a user into opening a...

7.1CVSS6AI score0.0031EPSS
Exploits0References5
OSV
OSV
added 2026/07/07 9:17 p.m.4 views

DEBIAN-CVE-2026-58472

GNU Wget through 1.25.0, fixed in commit dd692d9, contains a heap buffer overflow vulnerability in the htmlquotestring function in src/convert.c that allows a remote attacker to trigger memory corruption by supplying a crafted HTML attribute with a large number of characters requiring entity...

7.1CVSS6.3AI score0.00221EPSS
Exploits0References1
NVD
NVD
added 2026/07/07 9:17 p.m.9 views

CVE-2026-58470

GNU Wget through 1.25.0, fixed in commit 43d3ba9, contains an integer overflow vulnerability in the parsecontentrange function within src/http.c that allows server-controlled values to cause signed integer arithmetic to overflow. Attackers can supply malicious Content-Range header values to trigg...

6.9CVSS0.00247EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/07/01 5:14 p.m.3 views

php: signed integer overflow in metaphone()

A flaw was found in PHP. The metaphone function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. When an input string is longer than 2,147,483,647 bytes, a signed integer overflow can occur, leading to undefined behavior and an...

7.5CVSS5.8AI score0.00455EPSS
Exploits0References5
OSV
OSV
added 2026/06/30 12:0 a.m.5 views

ALSA-2026:33449 Important: php security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: php-soap: php-src: PHP SOAP extension: Remote Code Execution via use-after-free vulnerability CVE-2026-6722 PHP: PHP: Denial of Service via improper handling of signed characters in ctype...

9.8CVSS7.1AI score0.0078EPSS
Exploits1References16
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.7 views

EulerOS 2.0 SP15 : libtiff (EulerOS-SA-2026-2450)

According to the versions of the libtiff packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile...

7.8CVSS7.1AI score0.00553EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/19 8:12 p.m.24 views

CVE-2026-49346 libde265 has a heap buffer overflow in de265_image_get_buffer via SPS dimension integer overflow

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.1.0, a crafted H.265 bitstream with large SPS dimensions and 16-bit bit depth causes a signed integer overflow in de265imagegetbuffer libde265/image.cc:128. The overflow wraps the plane allocation size to a sma...

7.1CVSS0.00227EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/15 7:15 p.m.37 views

CVE-2026-52722 Gstreamer1-plugins-bad-free: gstreamer: signed integer overflow in vmnc decoder cursor payload handling

A signed integer overflow vulnerability was found in GStreamer's VMnc decoder. A crafted VMnc stream with large cursor dimensions can overflow signed integer payload-size arithmetic, bypassing a length check and leading to out-of-bounds reads. A remote attacker could trick a user into opening a...

7.1CVSS0.0031EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/15 2:5 a.m.12 views

Important: Red Hat Security Advisory: libtiff security update

An update for libtiff is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

7.8CVSS6.1AI score0.00553EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/15 12:0 a.m.8 views

RHEL 7 : libtiff (RHSA-2026:25910)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:25910 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: libtiff: Arbitrar...

7.8CVSS6AI score0.00553EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.13 views

EulerOS Virtualization 2.13.0 : libtiff (EulerOS-SA-2026-2406)

According to the versions of the libtiff packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the...

7.8CVSS5.7AI score0.00553EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 5:17 p.m.24 views

CVE-2026-7383

Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1mbstringncopy can lead to a heap buffer overflow. Impact summary: A heap buffer overflow may lead to a crash or possibly attacker controlled code execution or other undefined behaviour. In...

8.1CVSS0.00358EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/09 4:3 p.m.49 views

CVE-2026-7383 Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion

Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1mbstringncopy can lead to a heap buffer overflow. Impact summary: A heap buffer overflow may lead to a crash or possibly attacker controlled code execution or other undefined behaviour. In...

0.00358EPSS
Exploits0References6
CVE
CVE
added 2026/06/09 4:3 p.m.79 views

CVE-2026-7383

The CVE concerns OpenSSL’s ASN1 mbstring handling (functions ASN1_mbstring_copy() and ASN1_mbstring_ncopy()). A signed integer overflow in sizing the destination buffer for Unicode output can cause a heap buffer overflow, potentially crashing a process or enabling attacker-controlled code executi...

8.1CVSS6.3AI score0.00358EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/09 4:3 p.m.13 views

CVE-2026-7383 Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion

Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1mbstringncopy can lead to a heap buffer overflow. Impact summary: A heap buffer overflow may lead to a crash or possibly attacker controlled code execution or other undefined behaviour. In...

6.3AI score0.00358EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.17 views

RHEL 9 : php:8.2 (RHSA-2026:22143)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22143 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: PHP: PHP: Denial of Service via...

8.8CVSS5.6AI score0.0078EPSS
Exploits1References10
Rockylinux
Rockylinux
added 2026/06/05 12:4 p.m.15 views

php8.4 security update

An update is available for php8.4. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list PHP is an HTML-embedded scripting language. PHP attempts to make it easy for...

9.1CVSS5.7AI score0.0078EPSS
Exploits1
Rows per page
Query Builder