Lucene search
K

11662 matches found

Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.11 views

PT-2026-36493

Name of the Vulnerable Software and Affected Versions Open CASCADE Technology OCCT version V8 0 0 rc5 Description A stack-based out-of-bounds read in the VRML parser occurs within the VrmlData Scene::ReadLine function. The quoted-string escape handler utilizes ptr++anOffset without adequate bound...

5.5CVSS5.9AI score0.00098EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/05/01 12:0 a.m.4 views

CVE-2026-42476

Two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser in Open CASCADE Technology OCCT V800rc5 exist in RWStlReader::ReadAscii because buffers returned by StandardReadLineBuffer::ReadLine are not properly length-validated before strncasecmp or direct byte access...

5.8AI score0.00106EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/01 12:0 a.m.10 views

EUVD-2026-26599

Two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser in Open CASCADE Technology OCCT V800rc5 exist in RWStlReader::ReadAscii because buffers returned by StandardReadLineBuffer::ReadLine are not properly length-validated before strncasecmp or direct byte access...

7.1CVSS5.8AI score0.00106EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.8 views

PT-2026-36476

A heap-based out-of-bounds read vulnerability in RWObj Reader::read in the OBJ file parser in Open CASCADE Technology OCCT V8 0 0 rc5 allows user-assisted attackers to cause a denial of service or obtain sensitive information by persuading a victim to open a crafted OBJ file. The issue occurs...

7.1CVSS5.9AI score0.00104EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.10 views

PT-2026-36475

Two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser in Open CASCADE Technology OCCT V8 0 0 rc5 exist in RWStl Reader::ReadAscii because buffers returned by Standard ReadLineBuffer::ReadLine are not properly length-validated before strncasecmp or direct byte access...

7.1CVSS5.8AI score0.00106EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/01 12:0 a.m.4 views

CVE-2026-42478

An issue was discovered in VrmlDataIndexedFaceSet::TShape in the VRML V2.0 parser in Open CASCADE Technology OCCT V800rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because malformed VRML input can trigger dereference of a corrupt or unvalidated pointe...

5.8AI score0.00219EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/01 12:0 a.m.28 views

CVE-2026-42476

Two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser in Open CASCADE Technology OCCT V800rc5 exist in RWStlReader::ReadAscii because buffers returned by StandardReadLineBuffer::ReadLine are not properly length-validated before strncasecmp or direct byte access...

0.00106EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/05/01 12:0 a.m.8 views

CVE-2026-42481

Open CASCADE Technology OCCT V800rc5 contains multiple vulnerabilities in its IGES and STEP file parsers that can be triggered by crafted IGES or STEP files. These issues include an out-of-bounds read in Geom2dBSplineCurve::EvalD0 during IGES B-spline curve evaluation, an out-of-bounds read in...

5.5CVSS5.8AI score0.00098EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/05/01 12:0 a.m.4 views

CVE-2026-42477

A heap-based out-of-bounds read vulnerability in RWObjReader::read in the OBJ file parser in Open CASCADE Technology OCCT V800rc5 allows user-assisted attackers to cause a denial of service or obtain sensitive information by persuading a victim to open a crafted OBJ file. The issue occurs because...

7.1CVSS5.9AI score0.00104EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/05/01 12:0 a.m.5 views

CVE-2026-42478

An issue was discovered in VrmlDataIndexedFaceSet::TShape in the VRML V2.0 parser in Open CASCADE Technology OCCT V800rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because malformed VRML input can trigger dereference of a corrupt or unvalidated pointe...

7.5CVSS5.8AI score0.00219EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/05/01 12:0 a.m.7 views

CVE-2026-42476

Two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser in Open CASCADE Technology OCCT V800rc5 exist in RWStlReader::ReadAscii because buffers returned by StandardReadLineBuffer::ReadLine are not properly length-validated before strncasecmp or direct byte access...

7.1CVSS5.8AI score0.00106EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/05/01 12:0 a.m.5 views

CVE-2026-42480

A stack-based out-of-bounds read vulnerability in VrmlDataScene::ReadLine in the VRML parser in Open CASCADE Technology OCCT V800rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because the quoted-string escape handler uses ptr++anOffset without proper...

5.5CVSS5.9AI score0.00098EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/04/29 2:26 p.m.10 views

Important: Red Hat Security Advisory: Red Hat Update Infrastructure 5.2 Technology Preview security update

A new set of Red Hat Update Infrastructure container images is now available as a Technology Preview in the Red Hat container registry. Technology Preview features are not fully supported, may not be functionally complete, and are not suitable for deployment in production...

9.8CVSS6.8AI score0.01162EPSS
Exploits0References13
Snyk
Snyk
added 2026/04/28 10:0 p.m.6 views

Malicious Package

Overview @solana-launchpad/sdk is a malicious package. This package contains malicious code, and its content was not yet removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.8AI score
Exploits0References2
The Hacker News
The Hacker News
added 2026/04/28 11:58 a.m.9 views

Why Secure Data Movement Is the Zero Trust Bottleneck Nobody Talks About

Every security program is betting on the same assumption: once a system is connected, the problem is solved. Open a ticket, stand up a gateway, push the data through. Done. That assumption is wrong. It is also a major reason Zero Trust programs stall. New research my team just published puts...

5.8AI score
Exploits0
NVD
NVD
added 2026/04/28 10:16 a.m.8 views

CVE-2026-7280

AVACAST developed by eMPIA Technology has a Unquoted Service Path vulnerability, allowing privileged local attackers to place a malicious executable file in a specific directory, resulting in arbitrary code execution with system privileges when the AVACAST service starts...

8.4CVSS0.00119EPSS
Exploits0References2
NVD
NVD
added 2026/04/28 10:16 a.m.8 views

CVE-2026-7279

AVACAST developed by eMPIA Technology, has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a malicious DLL in a specific directory, resulting in arbitrary code execution with system privileges when the system loads the DLL...

8.5CVSS0.00114EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/28 9:46 a.m.29 views

CVE-2026-7280 eMPIA Technology|AVACAST - Unquoted Service Path

AVACAST developed by eMPIA Technology has a Unquoted Service Path vulnerability, allowing privileged local attackers to place a malicious executable file in a specific directory, resulting in arbitrary code execution with system privileges when the AVACAST service starts...

8.4CVSS0.00119EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/28 9:46 a.m.8 views

CVE-2026-7280 eMPIA Technology|AVACAST - Unquoted Service Path

AVACAST developed by eMPIA Technology has a Unquoted Service Path vulnerability, allowing privileged local attackers to place a malicious executable file in a specific directory, resulting in arbitrary code execution with system privileges when the AVACAST service starts...

8.4CVSS6.2AI score0.00119EPSS
Exploits0References2
CVE
CVE
added 2026/04/28 9:46 a.m.12 views

CVE-2026-7280

CVE-2026-7280 concerns AVACAST by eMPIA Technology, with a Unquoted Service Path vulnerability that enables a privileged local attacker to place a malicious executable in a targeted directory. This leads to arbitrary code execution with system privileges when the AVACAST service starts . Connecte...

8.4CVSS6.2AI score0.00119EPSS
Exploits0References2
Rows per page
Query Builder