Lucene search
K

253631 matches found

RedHat Linux
RedHat Linux
added 2026/05/07 5:9 p.m.12 views

pyOpenSSL: DTLS cookie callback buffer overflow

A flaw was found in pyOpenSSL. The setcookiegeneratecallback callback function can be used to generate DTLS cookies. When the callback returns a cookie string or byte sequence longer than 256 bytes, a buffer overflow can be triggered due to a missing bounds checking before copying the data to a...

9.8CVSS6AI score0.00704EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/05/07 3:57 p.m.9 views

freeipmi: buffer overflows on response messages via ipmi-oem

A flaw was found in FreeIPMI. The ipmi-oem program is used to send Intelligent Platform Management Interface IPMI OEM commands for specific hardware vendors to retrieve specific information from the hardware. A malicious server can reply with crafted response messages and cause buffer overflows...

7.5CVSS5.9AI score0.00403EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/05/07 3:57 p.m.7 views

Moderate: Red Hat Security Advisory: freeipmi security update

An update for freeipmi is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.5CVSS6AI score0.00403EPSS
Exploits0References2
OSV
OSV
added 2026/05/07 3:3 p.m.8 views

JLSEC-2026-462

XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to version 5.8.3, if lzmaindexdecoder was used to decode an Index that contained no Records, the resulting lzmaindex was left in a state where where a subsequent lzmaindexappend would allocate too little...

6.3CVSS6AI score0.00351EPSS
Exploits0References4
OSV
OSV
added 2026/05/07 2:50 p.m.7 views

JLSEC-2026-457

FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfntinitface...

9.8CVSS6AI score0.02636EPSS
Exploits1References14
OSV
OSV
added 2026/05/07 2:27 p.m.7 views

JLSEC-2026-455 Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer...

Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pangolog2visgetembeddinglevels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when...

9.8CVSS7.5AI score0.06274EPSS
Exploits1References22
Microsoft CVE
Microsoft CVE
added 2026/05/07 2:0 p.m.9 views

Chromium: CVE-2026-7900 Heap buffer overflow in ANGLE

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.3CVSS5.8AI score0.00227EPSS
Exploits0
OSV
OSV
added 2026/05/07 1:55 p.m.6 views

SUSE-SU-2026:1755-1 Security update for freeipmi

This update for freeipmi fixes the following issue: - CVE-2026-33554: improper memory handling and data validation can lead to stack buffer overflows and acceptance of malformed payloads/responses bsc1260414...

7.5CVSS5.9AI score0.00403EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2026/05/07 1:54 p.m.6 views

Security update for freeipmi

This update for freeipmi fixes the following issue: CVE-2026-33554: improper memory handling and data validation can lead to stack buffer overflows and acceptance of malformed payloads/responses bsc1260414. Patch Instructions: To install this SUSE update use the SUSE recommended installation...

7.6CVSS5.9AI score0.00403EPSS
Exploits0References4
OSV
OSV
added 2026/05/07 1:54 p.m.2 views

SUSE-SU-2026:1754-1 Security update for freeipmi

This update for freeipmi fixes the following issue: - CVE-2026-33554: improper memory handling and data validation can lead to stack buffer overflows and acceptance of malformed payloads/responses bsc1260414...

7.5CVSS5.9AI score0.00403EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/07 1:33 p.m.9 views

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring and Dashboard operands are vulnerable to loss of confidentiality (CVE-2026-39892, CVE-2026-34073) and arbitrary code execution (CVE-2026-40087)

Summary IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance are vulnerable to loss of confidentiality CVE-2026-39892, CVE-2026-34073. Dashboard operands that use the App Connect Enterprise Agent are vulnerable to arbitrary code execution...

9.8CVSS6.3AI score0.00652EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/07 1:22 p.m.9 views

Security Bulletin: IBM Maximo Scheduler Optimizer uses cryptography-46.0.5-cp311-abi3-manylinux_2_34_x86_64.wh which is vulnerable to CVE-2026-34073

Summary IBM Maximo Scheduler Optimizer uses cryptography-46.0.5-cp311-abi3-manylinux234x8664.wh which is vulnerable to CVE-2026-34073. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2026-34073 DESCRIPTION: cryptography is a package...

9.8CVSS5.9AI score0.00652EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/05/07 12:0 p.m.7 views

CLSA-2026-1777883924 nginx: Fix of CVE-2026-27654

CVE-2026-27654: fix heap buffer overflow in ngxhttpdavmodule COPY/MOVE with alias...

8.8CVSS6AI score0.21621EPSS
Exploits0References1
OSV
OSV
added 2026/05/07 8:39 a.m.6 views

BIT-DOTNET-SDK-2026-32203 .NET and Visual Studio Denial of Service Vulnerability

Stack-based buffer overflow in .NET and Visual Studio allows an unauthorized attacker to deny service over a network...

7.5CVSS6AI score0.01553EPSS
Exploits0References2
OSV
OSV
added 2026/05/07 8:39 a.m.7 views

BIT-DOTNET-2026-32203 .NET and Visual Studio Denial of Service Vulnerability

Stack-based buffer overflow in .NET and Visual Studio allows an unauthorized attacker to deny service over a network...

7.5CVSS6AI score0.01553EPSS
Exploits0References2
OSV
OSV
added 2026/05/07 8:38 a.m.6 views

BIT-APACHE-2026-28780 Apache HTTP Server: buffer overflow in mod_proxy_ajp via ajp_msg_check_header()

Heap-based Buffer Overflow vulnerability in modproxyajp of Apache HTTP Server. If modproxyajp connects to a malicious AJP server this AJP server can send a malicious AJP message back to modproxyajp and cause it to write 4 attacker controlled bytes after the end of a heap based buffer. This issue...

9.8CVSS5.8AI score0.01325EPSS
Exploits0References3
Mageia
Mageia
added 2026/05/07 5:6 a.m.14 views

Updated nginx packages fix security vulnerabilities

Buffer overflow in ngxhttpdavmodule CVE-2026-27654 Buffer overflow in the ngxhttpmp4module CVE-2026-27784 Buffer overflow in the ngxhttpmp4module CVE-2026-32647 NULL pointer dereference while using CRAM-MD5 or APOP CVE-2026-27651 Injection in authhttp and XCLIENT CVE-2026-28753 OCSP result bypass...

8.8CVSS7.5AI score0.21621EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/07 12:0 a.m.7 views

OSGeo gdal 缓冲区错误漏洞

OSGeo GDAL is an open-source geospatial raster and vector data processing library developed by OSGeo. OSGeo GDAL versions 3.13.0dev-4 and earlier contain a buffer error vulnerability. This vulnerability stems from the operation of the parameter DimensionName in the function SWnentries within the...

7.8CVSS6.4AI score0.00237EPSS
Exploits1References1
Exploit DB
Exploit DB
added 2026/05/07 12:0 a.m.75 views

telnetd 2.7 - Buffer Overflow

Exploit Title: telnetd 2.7 - Buffer Overflow Google Dork: N/A Date: 2026-04-03 Exploit Author: Jeff Barron jeffaf Vendor Homepage: https://www.gnu.org/software/inetutils/ Software Link: https://ftp.gnu.org/gnu/inetutils/ Version: inetutils-telnetd through 2.7 patch pending in next release Tested...

9.8CVSS7.5AI score0.23674EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2026/05/07 12:0 a.m.10 views

RHEL 9 : nginx (RHSA-2026:14836)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:14836 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage...

8.8CVSS6.1AI score0.21621EPSS
Exploits0References10
Rows per page
Query Builder