Lucene search
K

778 matches found

CNNVD
CNNVD
added 2026/03/26 12:0 a.m.7 views

Msgpack 安全漏洞

Msgpack is an efficient binary serialization format developed by shamaton. It allows for data exchange between various languages, such as JSON. However, it is faster and smaller in size. Small integers are encoded as a single byte, and typical short strings only require one additional byte beyond...

7.5CVSS6.5AI score0.00405EPSS
Exploits1References3
OSV
OSV
added 2026/03/25 11:16 a.m.4 views

UBUNTU-CVE-2026-23307

In the Linux kernel, the following vulnerability has been resolved: can: emsusb: emsusbreadbulkcallback: check the proper length of a message When looking at the data in a USB urb, the actuallength is the size of the buffer passed to the driver, not the transferbufferlength which is set by the...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2026/03/25 11:16 a.m.10 views

CVE-2026-23307

In the Linux kernel, the following vulnerability has been resolved: can: emsusb: emsusbreadbulkcallback: check the proper length of a message When looking at the data in a USB urb, the actuallength is the size of the buffer passed to the driver, not the transferbufferlength which is set by the...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References8
EUVD
EUVD
added 2026/03/22 3:31 p.m.7 views

EUVD-2019-19940

Backup Key Recovery 2.2.4 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can paste a buffer of 300 or more characters into the Name field during registration to trigger a crash wh...

6.9CVSS6AI score0.00123EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/19 9:30 p.m.9 views

EUVD-2026-13168

Heap Overflow in TLS 1.3 ECH parsing. An integer underflow existed in ECH extension parsing logic when calculating a buffer length, which resulted in writing beyond the bounds of an allocated buffer. Note that in wolfSSL, ECH is off by default, and the ECH standard is still evolving...

8.3CVSS6AI score0.00487EPSS
Exploits0References2
OSV
OSV
added 2026/03/19 9:17 p.m.2 views

UBUNTU-CVE-2026-3549

Heap Overflow in TLS 1.3 ECH parsing. An integer underflow existed in ECH extension parsing logic when calculating a buffer length, which resulted in writing beyond the bounds of an allocated buffer. Note that in wolfSSL, ECH is off by default, and the ECH standard is still evolving...

9.8CVSS6AI score0.00487EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/19 8:9 p.m.1 views

CVE-2026-3549

Heap Overflow in TLS 1.3 ECH parsing. An integer underflow existed in ECH extension parsing logic when calculating a buffer length, which resulted in writing beyond the bounds of an allocated buffer. Note that in wolfSSL, ECH is off by default, and the ECH standard is still evolving...

8.3CVSS6AI score0.00487EPSS
Exploits0References2
OSV
OSV
added 2026/03/18 12:59 p.m.2 views

GHSA-H9Q6-HC68-35RP Denial of service in github.com/shamaton/msgpack

The msgpack decoder fails to properly validate the input buffer length when processing truncated fixext data format codes 0xd4-0xd8. This can lead to an out-of-bounds read and a runtime panic, allowing a denial of service attack...

7.5CVSS5.9AI score0.00405EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/03/12 2:31 p.m.2 views

freerdp: FreeRDP heap-buffer-overflow

A heap based buffer overflow has been discovered in FreeRDP. This heap out-of-bounds read occurs in the smartcard SetAttrib path when cbAttrLen does not match the actual NDR buffer length...

9.1CVSS5.9AI score0.00756EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/03/12 1:35 p.m.6 views

freerdp: FreeRDP heap-buffer-overflow

A heap based buffer overflow has been discovered in FreeRDP. This heap out-of-bounds read occurs in the smartcard SetAttrib path when cbAttrLen does not match the actual NDR buffer length...

9.1CVSS5.9AI score0.00756EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/03/12 9:17 a.m.4 views

freerdp: FreeRDP heap-buffer-overflow

A heap based buffer overflow has been discovered in FreeRDP. This heap out-of-bounds read occurs in the smartcard SetAttrib path when cbAttrLen does not match the actual NDR buffer length...

9.1CVSS5.9AI score0.00756EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/03/12 9:4 a.m.2 views

freerdp: FreeRDP heap-buffer-overflow

A heap based buffer overflow has been discovered in FreeRDP. This heap out-of-bounds read occurs in the smartcard SetAttrib path when cbAttrLen does not match the actual NDR buffer length...

9.1CVSS5.9AI score0.00756EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/03/12 8:32 a.m.5 views

freerdp: FreeRDP heap-buffer-overflow

A heap based buffer overflow has been discovered in FreeRDP. This heap out-of-bounds read occurs in the smartcard SetAttrib path when cbAttrLen does not match the actual NDR buffer length...

9.1CVSS5.9AI score0.00756EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/03/04 1:56 a.m.6 views

CVE-2025-47373

Memory Corruption when accessing buffers with invalid length during TA invocation...

7.8CVSS5.9AI score0.00071EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/02 4:53 p.m.4 views

CVE-2025-47373 Out-of-bounds Write in Automotive

Memory Corruption when accessing buffers with invalid length during TA invocation...

7.8CVSS5.9AI score0.00071EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/02 4:53 p.m.30 views

CVE-2025-47373 Out-of-bounds Write in Automotive

Memory Corruption when accessing buffers with invalid length during TA invocation...

7.8CVSS0.00071EPSS
Exploits0References1
CVE
CVE
added 2026/03/02 4:53 p.m.20 views

CVE-2025-47373

CVE-2025-47373 describes a memory corruption / out-of-bounds condition when accessing buffers with invalid length during a Trust Authority (TA) invocation in an automotive context. The CVSSv3.1 base score is 7.8 (High) with LOCAL attack vector, LOW privileges required, no user interaction, and fu...

7.8CVSS5.9AI score0.00071EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/03/02 11:39 a.m.5 views

CLSA-2026-1772451545 Fix CVE(s): CVE-2026-25897, CVE-2026-26284

SECURITY UPDATE: out-of-bounds read vulnerability - debian/patches/CVE-2026-26284.patch: Fix incorrect loop initialization in delta decoding; prevent out-of-bounds read caused by starting table scan at invalid index. - CVE-2026-26284 SECURITY UPDATE: out-of-bounds heap write on 32-bit systems -...

9.8CVSS7.4AI score0.00404EPSS
Exploits0References1
OSV
OSV
added 2026/03/02 11:32 a.m.4 views

CLSA-2026-1772451135 Fix CVE(s): CVE-2026-25897, CVE-2026-26284

SECURITY UPDATE: out-of-bounds read vulnerability - debian/patches/CVE-2026-26284.patch: Fix incorrect loop initialization in delta decoding; prevent out-of-bounds read caused by starting table scan at invalid index. - CVE-2026-26284 SECURITY UPDATE: out-of-bounds heap write on 32-bit systems -...

9.8CVSS7.4AI score0.00404EPSS
Exploits0References1
Snyk
Snyk
added 2026/02/24 1:44 a.m.3 views

Buffer Access with Incorrect Length Value

Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

9.8CVSS5.7AI score0.00461EPSS
Exploits0References2
Rows per page
Query Builder