Lucene search
K

4231 matches found

Redos
Redos
added 2026/04/01 12:0 a.m.6 views

ROS-20260401-73-0014

A vulnerability in the pngimagefinishread function of the pngimagefinishread library for handling bitmap graphics in the PNG libpng format is related to writing beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code by loading a...

7.1CVSS6.3AI score0.00224EPSS
Exploits4
Redos
Redos
added 2026/04/01 12:0 a.m.7 views

ROS-20260401-73-0012

A vulnerability in the pngimagefinishread function of the pngimagefinishread library for handling bitmap graphics in the PNG libpng format is related to writing beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code by loading a...

7.1CVSS6.3AI score0.00224EPSS
Exploits4
NVD
NVD
added 2026/03/30 3:16 p.m.6 views

CVE-2026-5164

A flaw was found in virtio-win. The RhelDoUnMap function does not properly validate the number of descriptors provided by a user during an unmap request. A local user could exploit this input validation vulnerability by supplying an excessive number of descriptors, leading to a buffer overrun. Th...

6.7CVSS0.00112EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/30 3:2 p.m.3 views

CVE-2026-5164 Virtio-win: virtio-win: denial of service via unvalidated descriptor count in unmap request

A flaw was found in virtio-win. The RhelDoUnMap function does not properly validate the number of descriptors provided by a user during an unmap request. A local user could exploit this input validation vulnerability by supplying an excessive number of descriptors, leading to a buffer overrun. Th...

6.7CVSS6AI score0.00112EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/30 3:2 p.m.1 views

CVE-2026-5164

A flaw was found in virtio-win. The RhelDoUnMap function does not properly validate the number of descriptors provided by a user during an unmap request. A local user could exploit this input validation vulnerability by supplying an excessive number of descriptors, leading to a buffer overrun. Th...

6.7CVSS6AI score0.00112EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/30 3:2 p.m.20 views

CVE-2026-5164 Virtio-win: virtio-win: denial of service via unvalidated descriptor count in unmap request

A flaw was found in virtio-win. The RhelDoUnMap function does not properly validate the number of descriptors provided by a user during an unmap request. A local user could exploit this input validation vulnerability by supplying an excessive number of descriptors, leading to a buffer overrun. Th...

6.7CVSS0.00112EPSS
Exploits0References3
CVE
CVE
added 2026/03/30 3:2 p.m.17 views

CVE-2026-5164

The CVE-2026-5164 entry describes a vulnerability in virtio-win where the RhelDoUnMap() function fails to properly validate the number of descriptors in an unmap request. This input validation flaw can be exploited by a local user who supplies an excessive number of descriptors, potentially causi...

6.7CVSS6AI score0.00112EPSS
Exploits0References3Affected Software2
RedhatCVE
RedhatCVE
added 2026/03/30 3:2 p.m.3 views

CVE-2026-5164

A flaw was found in virtio-win. The RhelDoUnMap function does not properly validate the number of descriptors provided by a user during an unmap request. A local user could exploit this input validation vulnerability by supplying an excessive number of descriptors, leading to a buffer overrun. Th...

6.7CVSS5.9AI score0.00112EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/30 12:0 a.m.4 views

PT-2026-29035

Name of the Vulnerable Software and Affected Versions virtio-win affected versions not specified Description A flaw exists in virtio-win where the RhelDoUnMap function inadequately validates the number of descriptors supplied by a user during an unmap request. A local user could exploit this inpu...

6.7CVSS6AI score0.00112EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/03/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-5164

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in virtio-win. The RhelDoUnMap function does not properly validate the number of descriptors provided by a user during an unmap request. A loca...

6.7CVSS6AI score0.00112EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/30 12:0 a.m.6 views

Amazon Linux 2023 : openexr, openexr-devel, openexr-libs (ALAS2023-2026-1481)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1481 advisory. OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, per-pixel totals a...

8.4CVSS5.8AI score0.00201EPSS
Exploits2References4
Debian CVE
Debian CVE
added 2026/03/26 7:57 p.m.4 views

CVE-2026-33536

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18 and 6.9.13-43, due to an incorrect return value on certain platforms a pointer is incremented past the end of a buffer that is on the stack and that could result in an out of bounds...

5.1CVSS5.5AI score0.00128EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/26 3:18 p.m.5 views

CVE-2026-30006

XnSoft NConvert 7.230 is vulnerable to Stack Buffer Overrun via a crafted .tiff file...

6.2CVSS5.8AI score0.00158EPSS
Exploits1References1
OSV
OSV
added 2026/03/25 6:4 p.m.2 views

SUSE-SU-2026:1045-1 Security update for the Linux Kernel (Live Patch 77 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise Kernel 4.12.14-122.293 fixes various security issues The following security issues were fixed: - CVE-2025-21738: ata: libata-sff: ensure that we cannot write outside the allocated buffer bsc1257118. - CVE-2025-68285: libceph: fix potential use-after-free ...

5.5CVSS6.7AI score0.00197EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/24 1:34 a.m.3 views

CVE-2026-33307

Modgnutls is a TLS module for Apache HTTPD based on GnuTLS. In versions prior to 0.12.3 and 0.13.0, code for client certificate verification imported the certificate chain sent by the client into a fixed size gnutlsx509crtt x509 array without checking the number of certificates is less than or...

7.5CVSS6AI score0.00342EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/03/23 6:30 p.m.3 views

EUVD-2026-14467

XnSoft NConvert 7.230 is vulnerable to Stack Buffer Overrun via a crafted .tiff file...

6.2CVSS5.8AI score0.00158EPSS
Exploits1References3
NVD
NVD
added 2026/03/23 5:16 p.m.6 views

CVE-2026-30006

XnSoft NConvert 7.230 is vulnerable to Stack Buffer Overrun via a crafted .tiff file...

6.2CVSS0.00158EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/03/23 12:0 a.m.7 views

CVE-2026-30006

XnSoft NConvert 7.230 is vulnerable to Stack Buffer Overrun via a crafted .tiff file...

5.8AI score0.00158EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.4 views

PT-2026-27148

XnSoft NConvert 7.230 is vulnerable to Stack Buffer Overrun via a crafted .tiff file...

6.2CVSS5.8AI score0.00158EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/03/23 12:0 a.m.21 views

CVE-2026-30006

XnSoft NConvert 7.230 is vulnerable to Stack Buffer Overrun via a crafted .tiff file...

0.00158EPSS
Exploits1References2
Rows per page
Query Builder