Lucene search
K

1403 matches found

Nuclei
Nuclei
added 7 hours ago73 views

Aimhubio Aim Server 3.19.3 - Arbitrary File Overwrite

A vulnerability in the backuprun function in aimhubio/aim version 3.19.3 allows remote attackers to overwrite any file on the host server and exfiltrate arbitrary data. The vulnerability arises due to improper handling of the runhash and repo.path parameters, which can be manipulated to create an...

9.8CVSS7.6AI score0.53113EPSS
Exploits1
OSV
OSV
added 4 days ago5 views

GHSA-QRWJ-VH9X-GW5V Coder's workspace agent API insecure redirect handling allowed cross-agent file read and write

Summary agentConn.apiClient used the default redirect behavior of http.Client while its custom transport dialed the host from the request URL as long as the port was the workspace agent HTTP API port 4. Agent tailnet IPs are deterministic from agent UUIDs, so a malicious workspace agent could...

8.3CVSS6.2AI score
Exploits0References3
NVD
NVD
added 2026/07/03 12:16 a.m.9 views

CVE-2026-8247

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow an unauthenticated attacker on the same local network segment to execute arbitrary code. This vulnerability affects Fireware OS 11.0 up to and including 11.12.4Update1, 12.0 up to and including 12.12 and 2025.1 up to and...

7.7CVSS0.00201EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/01 5:47 p.m.8 views

EUVD-2022-46603

Open Babel has out-of-bounds write in MOL2 attribute/value parser...

8.1CVSS7.1AI score0.00796EPSS
Exploits1References5
EUVD
EUVD
added 2026/07/01 5:46 p.m.4 views

EUVD-2022-46468

Open Babel has out-of-bounds write in PQS coordfile parser...

9.8CVSS6.8AI score0.00843EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/07/01 9:0 a.m.5 views

kernel: dlm: validate length in dlm_search_rsb_tree

A flaw was found in the Linux kernel's Distributed Lock Manager dlm module. An attacker could send specially crafted network messages with an oversized length parameter to the dlmdumprsbname function. This lack of validation can lead to an out-of-bounds write in the dlmsearchrsbtree function,...

9.8CVSS6.4AI score0.00426EPSS
Exploits0References5
OSV
OSV
added 2026/07/01 4:16 a.m.3 views

UBUNTU-CVE-2026-14191

An out-of-bounds heap write exists in the RAR5 recovery-volume .rev parser in WinRAR and UnRAR RecVolumes5::ReadHeader in recvol5.cpp. The RecItems vector is sized only when the first .rev file in a set is processed; subsequent .rev files supply an independent RecNum value that is validated again...

7.8CVSS7.4AI score0.1308EPSS
Exploits2References4
EUVD
EUVD
added 2026/06/25 8:46 p.m.6 views

EUVD-2026-39562

The qrscp application's C-STORE handler uses a specific instance from attacker-supplied DICOM datasets directly in os.path.join without sanitization, allowing file writes to arbitrary paths...

9.1CVSS6AI score0.00434EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 7:16 p.m.6 views

UBUNTU-CVE-2026-56786

RTKLIB through 2.4.3 contains an out-of-bounds write vulnerability in decodetype1033 function that fails to clamp length counters to destination buffer size, allowing up to 191-byte overflow into fixed 64-byte descriptor fields. An attacker controlling an NTRIP or serial RTCM3 correction stream c...

9.8CVSS6.5AI score0.00422EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/06/25 6:11 p.m.22 views

CVE-2026-56786 RTKLIB 2.4.3 - Out-of-bounds Write in decode_type1033 via Crafted RTCM3 Message

RTKLIB through 2.4.3 contains an out-of-bounds write vulnerability in decodetype1033 function that fails to clamp length counters to destination buffer size, allowing up to 191-byte overflow into fixed 64-byte descriptor fields. An attacker controlling an NTRIP or serial RTCM3 correction stream c...

9.8CVSS0.00422EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2026/06/22 4:4 a.m.8 views

kernel: net/sched: act_pedit: extend the writable skb range per key

A flaw was found in the Linux kernel's traffic control packet editing pedit subsystem. In tcfpeditact, the copy-on-write COW range for skbensurewritable is computed once before iterating over edit keys, but the calculation does not account for runtime header offsets added by typed keys. This can...

7.8CVSS5.8AI score0.00321EPSS
Exploits10References6
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.8 views

Siemens RUGGEDCOM RST2428P Out-of-bounds Write (CVE-2026-1489)

A flaw was found in GLib. An integer overflow vulnerability in its Unicode case conversion implementation can lead to memory corruption. By processing specially crafted and extremely large Unicode strings, an attacker could trigger an undersized memory allocation, resulting in out-of-bounds write...

5.4CVSS6.1AI score0.00325EPSS
Exploits1References3
CVE
CVE
added 2026/06/17 5:25 p.m.17 views

CVE-2026-2674

This CVE-2026-2674 describes an out-of-bounds write in RTI Connext Professional components (Queueing Service, Core Libraries, Persistence Service). Affected versions include Connext Professional 7.4.0–7.6.x (before 7.7.0), 7.0.0–7.3.1.3, and 6.1.x (before 6.1.*). The root cause is an out-of-bound...

8.1CVSS5.2AI score0.0018EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/16 9:32 p.m.11 views

EUVD-2026-37180

In mfccoregetdecmetadataseinal of mfccoreregapi.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS6.2AI score0.00277EPSS
Exploits0References2
NVD
NVD
added 2026/06/16 8:16 p.m.17 views

CVE-2026-0153

In Write of msgtohostbuffer.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS0.00068EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 6:51 p.m.31 views

CVE-2026-0146

In mfccoregetdecmetadataseinal of mfccoreregapi.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00277EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.14 views

PT-2026-49066

Name of the Vulnerable Software and Affected Versions File Browser versions prior to 2.63.6 Description An issue exists where the software fails to properly normalize file paths when creating zip or tar archives on Linux hosts. Specifically, the getFiles function uses filepath.ToSlash, which does...

6.8CVSS6AI score0.00189EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.13 views

Adobe Substance 3D Sampler <= 6.0.0 Multiple Arbitrary Code Execution Vulnerabilities (APSB26-60)

The version of Adobe Substance 3D Sampler installed on the remote host is prior or equal to 6.0.0. It is, therefore, affected by multiple out-of-bounds write vulnerabilities as referenced in the APSB26-60 advisory. - Substance3D - Sampler versions 6.0.0 and earlier are affected by an out-of-bound...

7.8CVSS6.2AI score0.00144EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/11 6:6 p.m.10 views

CVE-2026-53701

An out-of-bounds write vulnerability was found in GStreamer's H.266/VVC PPS picture partition parser in gst-plugins-bad. In the multi-slice-in-tile processing of gsth266parserparsepicturepartition gsth266parser.c, the loop iterates without checking that the slice index stays within bounds, writin...

6.5CVSS5.2AI score0.00206EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/10 9:1 p.m.12 views

CVE-2026-48306

Substance3D - Sampler versions 6.0.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.1AI score0.00141EPSS
Exploits0References1
Rows per page
Query Builder