Lucene search
K

53 matches found

EUVD
EUVD
added 2026/06/25 9:25 p.m.8 views

EUVD-2026-38382

MessagePack-CSharp: Unity unsafe blit formatter allocates from unbounded byte length...

7.5CVSS5.8AI score0.00231EPSS
Exploits0References2
NVD
NVD
added 2026/06/22 10:16 p.m.11 views

CVE-2026-48514

MessagePack for C is a MessagePack serializer for C. Prior to 2.5.301 and 3.1.7, UnsafeBlitFormatterBase.Deserialize reads an attacker-controlled byteLength from an extension payload and allocates an array based on that value before validating it against the extension header length or remaining...

7.5CVSS0.00231EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.18 views

PT-2026-51398

Name of the Vulnerable Software and Affected Versions MessagePack for C versions prior to 2.5.301 MessagePack for C versions prior to 3.1.7 Description The UnsafeBlitFormatterBase.Deserialize function reads an attacker-controlled byteLength from an extension payload and allocates an array based o...

7.5CVSS5.9AI score0.00231EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in WebKit2GTK

Several issues were addressed by disabling array allocation sinking. This issue has been fixed in Safari 26.1, iOS 26.1, iPadOS 26.1, macOS Tahoe 26.1, and visionOS 26.1. Processing maliciously crafted web content may result in an unexpected process crash...

4.3CVSS6.6AI score0.0059EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/05 1:45 a.m.15 views

SUSE CVE-2026-42440

OOM Denial of Service via Unbounded Array Allocation in Apache OpenNLP AbstractModelReader Versions Affected: before 1.9.5 before 2.5.9 before 3.0.0-M3 Description: The AbstractModelReader methods getOutcomes, getOutcomePatterns, and getPredicates each read a 32-bit signed integer count field fro...

7.5CVSS6AI score0.00627EPSS
Exploits0References3
OSV
OSV
added 2026/05/04 5:16 p.m.5 views

UBUNTU-CVE-2026-42440

OOM Denial of Service via Unbounded Array Allocation in Apache OpenNLP AbstractModelReader Versions Affected: before 1.9.5 before 2.5.9 before 3.0.0-M3 Description: The AbstractModelReader methods getOutcomes, getOutcomePatterns, and getPredicates each read a 32-bit signed integer count field fro...

7.5CVSS5.9AI score0.00627EPSS
Exploits0References5
OSV
OSV
added 2026/05/04 4:40 p.m.1 views

CVE-2026-42440 Apache OpenNLP: OOM DoS via Unbounded Array Allocation in AbstractModelReader

OOM Denial of Service via Unbounded Array Allocation in Apache OpenNLP AbstractModelReader Versions Affected: before 1.9.5 before 2.5.9 before 3.0.0-M3 Description: The AbstractModelReader methods getOutcomes, getOutcomePatterns, and getPredicates each read a 32-bit signed integer count field...

7.5CVSS6AI score0.00627EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/04 4:40 p.m.39 views

CVE-2026-42440 Apache OpenNLP: OOM DoS via Unbounded Array Allocation in AbstractModelReader

OOM Denial of Service via Unbounded Array Allocation in Apache OpenNLP AbstractModelReader Versions Affected: before 1.9.5 before 2.5.9 before 3.0.0-M3 Description: The AbstractModelReader methods getOutcomes, getOutcomePatterns, and getPredicates each read a 32-bit signed integer count field...

0.00627EPSS
Exploits0References1
OSV
OSV
added 2026/04/29 1:21 p.m.7 views

JLSEC-2026-317

HDF5 Library through 1.14.3 contains a out-of-bounds read operation in H5FLarrmalloc in H5FL.c called from H5Ssetextentsimple in H5S.c...

9.1CVSS8.2AI score0.00987EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2025/12/16 3:57 p.m.7 views

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.50.3. Security issues fixed: CVE-2025-13502: processing of maliciously crafted payloads by the GLib remote inspector server may lead to a UIProcess crash due to an out-of-bounds read and an integer underflow bsc1254208...

8.8CVSS7.1AI score0.03955EPSS
Exploits1References72
OSV
OSV
added 2025/12/09 7:12 p.m.6 views

MGASA-2025-0325 Updated webkit2 packages fix security vulnerabilities

A website may be able to exfiltrate sensitive system information. Description: The issue was addressed through improved state checks - CVE-2025-13947. Processing maliciously crafted web content may lead to an unexpected process crash. Description: Multiple issues were addressed by disabling array...

8.8CVSS6.6AI score0.0059EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/11/25 12:25 a.m.7 views

SUSE CVE-2025-43421

Multiple issues were addressed by disabling array allocation sinking. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

6.5CVSS6.5AI score0.0059EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2025/11/05 2:14 a.m.6 views

CVE-2025-43421

A flaw was found in WebKitGTK. Processing malicious web content can cause multiple issues in the JIT compiler and result in an unexpected process crash. Mitigation Do not process or load untrusted web content with WebKitGTK. In Red Hat Enterprise Linux 7, the following packages require WebKitGTK4...

8.8CVSS6.2AI score0.0059EPSS
Exploits0References3
OSV
OSV
added 2025/11/04 2:15 a.m.3 views

DEBIAN-CVE-2025-43421

Multiple issues were addressed by disabling array allocation sinking. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

4.3CVSS6.1AI score0.0059EPSS
Exploits0References1
OSV
OSV
added 2025/11/04 2:15 a.m.3 views

CVE-2025-43421

Multiple issues were addressed by disabling array allocation sinking. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, Safari 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

4.3CVSS5.8AI score
Exploits0References4
NVD
NVD
added 2025/11/04 2:15 a.m.6 views

CVE-2025-43421

Multiple issues were addressed by disabling array allocation sinking. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

4.3CVSS0.0059EPSS
Exploits0References4
OSV
OSV
added 2025/11/04 2:15 a.m.3 views

UBUNTU-CVE-2025-43421

Multiple issues were addressed by disabling array allocation sinking. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

4.3CVSS6.6AI score0.0059EPSS
Exploits0References4
CVE
CVE
added 2025/11/04 1:17 a.m.34 views

CVE-2025-43421

CVE-2025-43421 affects WebKitGTK/WebKit2GTK (webkitgtk2/webkitgtk4) and is caused by issues around processing maliciously crafted web content that can lead to an unexpected process crash due to memory handling/array allocation sinking. Multiple advisories confirm the flaw and reference fixes in W...

4.3CVSS6.6AI score0.0059EPSS
Exploits0References4Affected Software4
Cvelist
Cvelist
added 2025/11/04 1:17 a.m.12 views

CVE-2025-43421

Multiple issues were addressed by disabling array allocation sinking. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

0.0059EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/11/04 1:17 a.m.4 views

CVE-2025-43421

Multiple issues were addressed by disabling array allocation sinking. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

4.3CVSS6.1AI score0.0059EPSS
Exploits0
Rows per page
Query Builder