Lucene search
K

4252 matches found

Nuclei
Nuclei
added yesterday132 views

Netgear RAX43 1.0.3.96 - Command Injection/Authentication Bypass Buffer Overrun

Netgear RAX43 version 1.0.3.96 contains a command injection and authentication bypass vulnerability. The readycloudcontrol.cgi CGI application is vulnerable to command injection in the name parameter. Additionally, the URL parsing functionality in the cgi-bin endpoint of the router containers a...

8.8CVSS7AI score0.0853EPSS
Exploits0References5
Mageia
Mageia
added 6 days ago4 views

Updated openvpn packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Possible 1-byte buffer overrun on NTLMv2 proxy responses. CVE-2026-11771 Memory-leak in tls-crypt-v2 client key handling that could lead to out-of-memory situations and subsequent server crashes. CVE-2026-12932 Use-after-free bug in ackwritebuf,...

7.5CVSS7.3AI score0.00549EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 6 days ago5 views

gstreamer1-plugins-good: GStreamer: Heap buffer overflow in WavPack decoder via integer overflow

A flaw was found in GStreamer's WavPack audio decoder in gst-plugins-good. When processing a specially crafted WavPack file, an integer overflow in the buffer size calculation 4 blocksamples channels in gstwavpackdechandleframe causes a very small heap allocation. The WavPack library then writes...

7.6CVSS6.4AI score0.0031EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/06/27 1:52 a.m.7 views

SUSE CVE-2026-54679

jq is a command-line JSON processor. Prior to 1.8.2, on 32bit system, jvpstringappend has a chance of integer/multiple overflowing and then causing a massive buffer overrun. This vulnerability is fixed in 1.8.2...

8.1CVSS5.9AI score0.00103EPSS
Exploits0References3
OSV
OSV
added 2026/06/26 11:11 p.m.4 views

GHSA-44CP-C3WW-9RV5 ImageMagick has a Heap Buffer Over-Write in SF3 encoder when writing multi-frame image

An crafted multi-frame can result in a heap buffer over-write when encoding it with the SF3 encoder...

6.2CVSS5.9AI score0.00112EPSS
Exploits0References4
OSV
OSV
added 2026/06/26 7:23 a.m.2 views

OPENSUSE-SU-2026:21062-1 Security update for capnproto

This update for capnproto fixes the following issues: Update to version 1.4.0. Security issues fixed: - CVE-2026-32239: negative Content-Length conversion treated as impossibly large length by KJ-HTTP can lead to HTTP smuggling bsc1259638. - CVE-2026-32240: integer overflow when KJ-HTTP...

6.5CVSS6AI score0.00207EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 11:43 p.m.6 views

CVE-2026-54679

A flaw was found in jq, a command-line JSON processor. On 32-bit systems, a local attacker could exploit an integer overflow vulnerability in the jvpstringappend function. This could lead to a massive buffer overrun, resulting in a denial of service DoS condition. Mitigation Mitigation for this...

6.9CVSS5.8AI score0.00103EPSS
Exploits0References4
OSV
OSV
added 2026/06/25 9:16 p.m.3 views

DEBIAN-CVE-2026-6681

The PKCS7 decode path ignores the caller-supplied output buffer size outputSz, allowing decoded content to be written past the bounds of the provided buffer. This affects wolfSSL 5.9.0 and earlier and was fixed in the 5.9.1 release...

5.3CVSS5.9AI score0.00256EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/25 6:17 p.m.9 views

CVE-2026-53016

A flaw was found in the Linux kernel's cryptographic coprocessor CCP driver. When processing AFALG rfc3686-ctr-aes-ccp requests, the ccpaescomplete function attempts to restore more data than the allocated buffer for the Initialization Vector IV can hold. This leads to a buffer overrun, which can...

7.8CVSS6.1AI score0.00132EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 6:16 p.m.13 views

CVE-2026-54679

jq is a command-line JSON processor. Prior to 1.8.2, on 32bit system, jvpstringappend has a chance of integer/multiple overflowing and then causing a massive buffer overrun. This vulnerability is fixed in 1.8.2...

6.9CVSS0.00103EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/25 5:16 p.m.22 views

CVE-2026-54679 jq: potential integer overflow in jvp_string_append

jq is a command-line JSON processor. Prior to 1.8.2, on 32bit system, jvpstringappend has a chance of integer/multiple overflowing and then causing a massive buffer overrun. This vulnerability is fixed in 1.8.2...

6.9CVSS0.00103EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/06/25 5:16 p.m.8 views

CVE-2026-54679

jq is a command-line JSON processor. Prior to 1.8.2, on 32bit system, jvpstringappend has a chance of integer/multiple overflowing and then causing a massive buffer overrun. This vulnerability is fixed in 1.8.2...

6.9CVSS6AI score0.00103EPSS
Exploits0References1
CVE
CVE
added 2026/06/25 5:16 p.m.33 views

CVE-2026-54679

CVE-2026-54679 affects the jq tool prior to version 1.8.2 on 32-bit systems. The vulnerability is in jvp_string_append where an integer overflow could trigger a massive buffer overrun, with a local attack vector and potential high impact on availability as described in the CVE. The issue is fixed...

6.9CVSS6AI score0.00103EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/06/25 9:16 a.m.7 views

CVE-2026-53209

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: reject oversized Broadcast Announcement prepend Existing advertising instances can already hold the maximum extended advertising payload. When hciadvbcastannoucement prepends the Broadcast Announcement service...

7.8CVSS0.00138EPSS
Exploits0References6
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53209

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: reject oversized Broadcast Announcement prepend Existing advertising instances can already hold the maximum extended advertising payload. When hciadvbcastannoucement prepends the Broadcast Announcement service...

7.8CVSS5.9AI score0.00138EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.29 views

CVE-2026-53209 Bluetooth: hci_sync: reject oversized Broadcast Announcement prepend

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: reject oversized Broadcast Announcement prepend Existing advertising instances can already hold the maximum extended advertising payload. When hciadvbcastannoucement prepends the Broadcast Announcement service...

7.8CVSS0.00138EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:39 a.m.5 views

CVE-2026-53209

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: reject oversized Broadcast Announcement prepend Existing advertising instances can already hold the maximum extended advertising payload. When hciadvbcastannoucement prepends the Broadcast Announcement service...

6AI score0.00138EPSS
Exploits0References7Affected Software1
EUVD
EUVD
added 2026/06/25 8:39 a.m.5 views

EUVD-2026-39300

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: reject oversized Broadcast Announcement prepend Existing advertising instances can already hold the maximum extended advertising payload. When hciadvbcastannoucement prepends the Broadcast Announcement service...

6AI score0.00138EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2026/06/25 12:0 a.m.3 views

The vulnerability in the drivers/crypto/ccp/sev-dev.c module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability in the drivers/crypto/ccp/sev-dev.c module of the Linux operating system is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

7.1CVSS6.3AI score0.00126EPSS
Exploits0References11Affected Software3
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.11 views

PT-2026-52519

Name of the Vulnerable Software and Affected Versions jq versions prior to 1.8.2 Description On 32-bit systems, the jvp string append function is susceptible to integer or multiplication overflow, which can lead to a significant buffer overrun. A buffer overrun occurs when a program writes more...

6.9CVSS5.9AI score0.00103EPSS
Exploits0References7
Rows per page
Query Builder