Lucene search
K

524 matches found

Snyk
Snyk
added 2026/07/06 8:42 p.m.6 views

Memory Allocation with Excessive Size Value

Overview Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value in the FontFile.compile process. An attacker can cause excessive memory allocation by providing a specially crafted font file that triggers uncontrolled resource consumption during image...

8.7CVSS6AI score0.00361EPSS
Exploits1References2
OSV
OSV
added 2026/07/04 11:16 p.m.3 views

UBUNTU-CVE-2026-14683

A vulnerability was detected in HdrHistogram up to 2.2.2. Affected by this issue is the function org.HdrHistogram.AbstractHistogram.decodeFromCompressedByteBuffer of the file src/main/java/org/HdrHistogram/AbstractHistogram.java. The manipulation of the argument lengthOfCompressedContents results...

4.8CVSS5.4AI score0.00118EPSS
Exploits0References9
Snyk
Snyk
added 2026/07/01 9:19 p.m.4 views

Allocation of Resources Without Limits or Throttling

Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

6.9CVSS6AI score0.00241EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.7 views

PT-2026-54644

Name of the Vulnerable Software and Affected Versions PulseAudio affected versions not specified Description The PulseAudio protocol server contains multiple unbounded alloca calls. The alloca function allocates memory on the stack, and when these calls are unbounded, they can lead to stack...

5.5CVSS5.8AI score0.001EPSS
Exploits0References11
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/18 1:17 p.m.8 views

Security Bulletin: Oracle Outside In Technology (OIT) v8.5.7 BP9, v8.5.8 BP2 vulnerabilities CVE-2025-54874 (vulnerable), CVE-2025-59375 (vulnerable) in FileNet Content Manager (FNCM) Content Based Retrieval (CBR) content indexing

Summary Oracle Outside In Technology OIT v8.5.7 BP9, v8.5.8 BP2 January, 2026 vulnerabilities CVE-2025-54874 vulnerable, CVE-2025-59375 vulnerable in FileNet Content Manager FNCM Content Based Retrieval CBR content indexing Vulnerability Details CVEID:CVE-2025-54874 DESCRIPTION: OpenJPEG is an...

9.8CVSS6.6AI score0.01279EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.13 views

openSUSE 16 Security Update : grafana (openSUSE-SU-2026:20940-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20940-1 advisory. Changes in grafana: - CVE-2026-39821: Fix validation bypass and privilege escalation by updating golang.org/x/net to version 0.55.0 bsc1266600 -...

9.6CVSS7.5AI score0.01929EPSS
Exploits1References72
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.9 views

FreeBSD : FreeBSD -- Multiple vulnerabilities in OpenSSL (a57fe2c1-6476-11f1-958d-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the a57fe2c1-6476-11f1-958d-bc241121aa0a advisory. Multiple issues have been reported as part of this advisory with different issues affecting...

9.1CVSS6.1AI score0.02719EPSS
Exploits0References16
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.13 views

PT-2026-47365

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds access occurs in the mpfs-ccc clock driver during the registration of the last two outputs. This happens because the hws array is allocated space for two PLLs and their...

9.8CVSS5.4AI score0.00457EPSS
Exploits0References79
Oracle linux
Oracle linux
added 2026/06/05 12:0 a.m.11 views

ImageMagick security update

6.9.10.68-7.0.11 - Fix CVE-2026-32636 Orabug: 39375225 6.9.10.68-7.0.9 - Fix CVE-2026-28691 and CVE-2026-28693 Orabug: 39174244 6.9.10.68-7.0.7 - Fixes Local File Disclosure via Path Traversal CVE-2026-25965 Orabug: 39118995 - Fixes Memory allocation with excessive without limits in the internal...

7.5CVSS5.4AI score0.00475EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in libraw

LibRaw before 0.20-RC1 lacks a check for the thumbnail size range. This affects decoders/unpackthumb.cpp, postprocessing/memimage.cpp, and utils/thumbutils.cpp. For example, mallocsizeoflibrawprocessedimaget+T.tlength is used without validating T.tlength...

7.5CVSS6.7AI score0.03672EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/05 9:42 a.m.11 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses golang.org/x/image-v0.18.0 which is vulnerable to CVE-2026-33809

Summary IBM Maximo Application Suite - Visual Inspection component uses golang.org/x/image-v0.18.0 which is vulnerable to CVE-2026-33809, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-33809 DESCRIPTION: A maliciously craft...

5.3CVSS5.8AI score0.00328EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/30 5:36 a.m.17 views

CVE-2026-6533 Improperly Controlled Sequential Memory Allocation in Wireshark

Dissection engine LZ77 decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.2AI score0.00146EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.3 views

Amazon Linux 2023 : mesa-dri-drivers, mesa-filesystem, mesa-libd3d (ALAS2023-2026-1623)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1623 advisory. In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an untrusted party, and is then used for alloca...

9.8CVSS5.8AI score0.00427EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.6 views

RHEL 10 : wireshark (RHSA-2026:9666)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:9666 advisory. The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network. Security...

7.5CVSS5.8AI score0.00184EPSS
Exploits3References7
RedHat Linux
RedHat Linux
added 2026/04/17 6:54 p.m.2 views

cpython: Out-of-memory when loading Plist

A flaw was found in the plistlib module in the Python standard library. The amount of data to read from a Plist file is specified in the file itself. This issue allows a specially crafted Plist file to cause an application to allocate a large amount of memory, potentially resulting in allocations...

5.5CVSS6.4AI score0.00193EPSS
Exploits0References6
Microsoft CVE
Microsoft CVE
added 2026/04/11 8:3 a.m.10 views

OpenTelemetry-Go multi-value `baggage` header extraction causes excessive allocations (remote dos amplification)

...

7.5CVSS5.8AI score0.00435EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2026/04/07 2:43 p.m.5 views

CVE-2026-35480

go-ipld-prime is an implementation of the InterPlanetary Linked Data IPLD spec interfaces, a batteries-included codec implementations of IPLD for CBOR and JSON, and tooling for basic operations on IPLD objects. Prior to 0.22.0, the DAG-CBOR decoder uses collection sizes declared in CBOR headers a...

6.2CVSS5.9AI score0.00156EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/01 3:31 p.m.11 views

Security Bulletin: IBM Financial Transaction Manager is impacted by multiple vulnerabilities in RedHat Proxy for Kubernetes RBAC authorization

Summary IBM Financial Transaction Manager for RedHat OpenShift has addressed the following vulnerabilities. Vulnerability Details CVEID:CVE-2025-47907 DESCRIPTION: Cancelling a query e.g. by cancelling the context passed to one of the query methods during a call to the Scan method of the returned...

7.5CVSS7.2AI score0.00585EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2026/03/26 7:35 a.m.11 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.14.63 packages and security update

Red Hat OpenShift Container Platform release 4.14.63 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a...

4.3CVSS7.1AI score0.00419EPSS
Exploits0References2
CVE
CVE
added 2026/03/19 5:14 p.m.19 views

CVE-2026-26940

The CVE concerns Kibana’s Timelion visualization plugin, where improper validation of a specified quantity (input) by an authenticated user can cause a Denial of Service through excessive allocation. The underlying issue is validated quantity handling leading to overwriting internal series data p...

6.5CVSS5.8AI score0.0027EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder