Lucene search
K

105 matches found

OPENSUSE Linux
OPENSUSE Linux
added 20 hours ago2 views

Security update for trivy (important)

openSUSE security update: security update for trivy ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21249-1 Rating: important References: bsc1269269 bsc1269271 Cross-References: CVE-2026-54448 CVE-2026-55092 CVSS scores: CVE-2026-54448 SUSE : 6.5...

8.6CVSS6.1AI score0.00292EPSS
Exploits0References2
OSV
OSV
added 6 days ago6 views

UBUNTU-CVE-2026-20217

Fixed a bug in the PESpin unpacker cleanup path that could free pointers into the scanned file buffer and crash the scanner...

7.5CVSS5.9AI score0.00389EPSS
Exploits0References3
OSV
OSV
added 6 days ago3 views

UBUNTU-CVE-2026-20214

Fixed an FSG unpacker loop underflow that could write past the section array while scanning a malformed PE file...

7.5CVSS5.8AI score0.00463EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 6 days ago6 views

Linux Distros Unpatched Vulnerability : CVE-2026-57585

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MessagePack is the serializer implementation for Python msgpack.org. Prior to 1.2.1, there is an Out-of- bounds read/crash on Unpacker reuse after a caught erro...

7.5CVSS6AI score0.00278EPSS
Exploits0References3
OSV
OSV
added 2026/06/30 10:16 p.m.2 views

DEBIAN-CVE-2026-57585

MessagePack is the serializer implementation for Python msgpack.org. Prior to 1.2.1, there is an Out-of-bounds read/crash on Unpacker reuse after a caught error, potentially leading to a DoS attack. If the Unpacker is used repeatedly after an error occurs, the process may crash with a SEGV. This...

7.5CVSS5.7AI score0.00278EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 10:16 p.m.7 views

CVE-2026-57585

MessagePack is the serializer implementation for Python msgpack.org. Prior to 1.2.1, there is an Out-of-bounds read/crash on Unpacker reuse after a caught error, potentially leading to a DoS attack. If the Unpacker is used repeatedly after an error occurs, the process may crash with a SEGV. This...

7.5CVSS0.00278EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 10:16 p.m.3 views

UBUNTU-CVE-2026-57585

MessagePack is the serializer implementation for Python msgpack.org. Prior to 1.2.1, there is an Out-of-bounds read/crash on Unpacker reuse after a caught error, potentially leading to a DoS attack. If the Unpacker is used repeatedly after an error occurs, the process may crash with a SEGV. This...

7.5CVSS5.7AI score0.00278EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/30 9:36 p.m.25 views

CVE-2026-57585 MessagePack: Out-of-bounds read/crash on Unpacker reuse after caught error

MessagePack is the serializer implementation for Python msgpack.org. Prior to 1.2.1, there is an Out-of-bounds read/crash on Unpacker reuse after a caught error, potentially leading to a DoS attack. If the Unpacker is used repeatedly after an error occurs, the process may crash with a SEGV. This...

7.5CVSS0.00278EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 9:36 p.m.17 views

CVE-2026-57585

The CVE concerns MessagePack for Python (msgpack). Prior to version 1.2.1, reusing an Unpacker after a caught error can trigger an out-of-bounds read/crash, potentially causing a DoS via SEGV. A fix is available in version 1.2.1. This entry uses concrete details from the connected records (produc...

7.5CVSS5.7AI score0.00278EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 9:36 p.m.3 views

CVE-2026-57585

MessagePack is the serializer implementation for Python msgpack.org. Prior to 1.2.1, there is an Out-of-bounds read/crash on Unpacker reuse after a caught error, potentially leading to a DoS attack. If the Unpacker is used repeatedly after an error occurs, the process may crash with a SEGV. This...

7.5CVSS5.7AI score0.00278EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.6 views

PT-2026-54004

Name of the Vulnerable Software and Affected Versions MessagePack versions prior to 1.2.1 Description An out-of-bounds read occurs when an Unpacker is reused after an error has been caught, which can lead to a denial of service DoS attack. If the Unpacker is used repeatedly following such an erro...

7.5CVSS5.9AI score0.00278EPSS
Exploits0References6
NVD
NVD
added 2026/06/25 5:16 p.m.7 views

CVE-2026-54448

Trivy is a security scanner. Prior to 0.71.0, when Trivy scans a Helm chart archive .tgz, its custom tar unpacker reads each entry with io.ReadAlltr and no size limit. An attacker who can place a malicious .tgz file in the scanned path can craft a small compressed archive that decompresses to...

6.9CVSS0.0025EPSS
Exploits0References2
OSV
OSV
added 2026/06/19 9:42 p.m.23 views

GHSA-6V7P-G79W-8964 MessagePack for Python: Out-of-bounds read / crash on Unpacker reuse after a caught error

Impact If the Unpacker is used repeatedly after an error occurs, the process may crash with a SEGV. If the Unpacker is used repeatedly to unpack untrusted input from external sources, it may be vulnerable to a DoS attack. Patches v1.2.1 Workarounds Users should create a new Unpacker instead of...

7.5CVSS5.8AI score0.00278EPSS
Exploits0References4
Snyk
Snyk
added 2026/06/19 9:42 p.m.11 views

Use After Free

Overview msgpack is an efficient binary serialization format. Affected versions of this package are vulnerable to Use After Free in the unpacker' when it is reused after an error has occurred. An attacker can cause a crash or denial of service by repeatedly triggering errors and reusing the same...

8.7CVSS5.8AI score0.00278EPSS
Exploits0References2
OSV
OSV
added 2026/05/28 8:16 p.m.7 views

DEBIAN-CVE-2026-49127

Music Player Daemon MPD before version 0.24.11 contains a stack buffer overflow vulnerability in the pcmunpack24be function in src/pcm/Pack.cxx that allows unauthenticated attackers to corrupt stack memory by triggering an off-by-one write in the PCM decoder plugin. Attackers can issue two MPD...

8.8CVSS6.1AI score0.0051EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/31 3:36 p.m.4 views

EUVD-2026-17494

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, a heap out-of-bounds read vulnerability exists in PJSIP's VP9 RTP unpacketizer that occurs when parsing crafted VP9 Scalability Structure SS data. Insufficient bounds checking on the payload...

6.9CVSS5.8AI score0.00405EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/31 12:0 a.m.8 views

PJSIP 缓冲区错误漏洞

PJSIP is an open-source, free and open-source multimedia communication library developed in C language. It implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Prior to PJSIP 2.17, there was a buffer error vulnerability. This vulnerability stemmed from the VP9 RTP...

9.1CVSS6AI score0.00405EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/16 12:0 a.m.10 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from unaligned memory accesses in the unpacker, which could lead to a system crash...

6AI score0.00169EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-2866

Malware in sbrugna...

10CVSS6.4AI score0.01707EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-7256

Malware in sbrugna...

5.5CVSS6.9AI score0.01315EPSS
Exploits0References12
Rows per page
Query Builder