Lucene search
K

656 matches found

ATTACKERKB
ATTACKERKB
added 2026/07/02 7:12 a.m.8 views

CVE-2026-33592

An unauthenticated remote attacker can exhaust server memory via the FindServers Discovery Service in open62541. The serverUris field of FindServersRequest is not validated for length or array size. An attacker can declare an arbitrarily large string up to 3.9 GB delivered across intermediate...

7.5CVSS5.8AI score0.00388EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/06/26 12:4 a.m.7 views

EUVD-2026-39599

A flaw was found in KubeVirt's downward metrics virtio-serial server. The server reads guest requests using textproto.Reader.ReadLine, which buffers input indefinitely until a newline character is received, with no length limit or read deadline. A user with access to a VM guest that has the...

3.8CVSS5.8AI score0.00094EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/15 8:23 p.m.12 views

python-multipart: Negative Content-Length in parse_form buffers the entire body in memory

Summary parseform did not validate the Content-Length header before using it to bound its chunked read of the request body. A negative Content-Length turned the bounded read into a read-until-EOF, so the entire body was loaded into memory in a single read instead of in fixed-size chunks. Details...

3.7CVSS5.5AI score0.00217EPSS
Exploits0References2Affected Software1
SUSE CVE
SUSE CVE
added 2026/06/13 2:16 a.m.10 views

SUSE CVE-2026-53702

A stack buffer overflow flaw was found in the GStreamer H.265 codec parser library gst-plugins-bad. When parsing a buffering period SEI message, the parser uses an incorrect loop bound derived from cpbcntminus1i the loop index instead of the sub-layer 0 CPB count cpbcntminus10 from the referenced...

6.5CVSS5.6AI score0.00228EPSS
Exploits0References3
OSV
OSV
added 2026/06/11 7:16 p.m.6 views

DEBIAN-CVE-2026-53702

A stack buffer overflow flaw was found in the GStreamer H.265 codec parser library gst-plugins-bad. When parsing a buffering period SEI message, the parser uses an incorrect loop bound derived from cpbcntminus1i the loop index instead of the sub-layer 0 CPB count cpbcntminus10 from the referenced...

6.5CVSS5.7AI score0.00228EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/11 6:15 p.m.9 views

EUVD-2026-36295

A stack buffer overflow flaw was found in the GStreamer H.265 codec parser library gst-plugins-bad. When parsing a buffering period SEI message, the parser uses an incorrect loop bound derived from cpbcntminus1i the loop index instead of the sub-layer 0 CPB count cpbcntminus10 from the referenced...

6.5CVSS5.7AI score0.00228EPSS
Exploits0References2
CVE
CVE
added 2026/06/11 6:15 p.m.22 views

CVE-2026-53702

The issue CVE-2026-53702 affects the GStreamer H.265 codec parser library (gst-plugins-bad). During buffering period SEI parsing, the loop bound is derived from cpb_cnt_minus1[i] instead of cpb_cnt_minus1[0] from the referenced Sequence Parameter Set, causing writes beyond stack-allocated CPB del...

6.5CVSS5.8AI score0.00228EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 6:15 p.m.9 views

CVE-2026-53702 Gstreamer1-plugins-bad-free: gstreamer: stack buffer overflow in h.265 buffering period sei parser

A stack buffer overflow flaw was found in the GStreamer H.265 codec parser library gst-plugins-bad. When parsing a buffering period SEI message, the parser uses an incorrect loop bound derived from cpbcntminus1i the loop index instead of the sub-layer 0 CPB count cpbcntminus10 from the referenced...

6.5CVSS5.7AI score0.00228EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/11 6:15 p.m.37 views

CVE-2026-53702 Gstreamer1-plugins-bad-free: gstreamer: stack buffer overflow in h.265 buffering period sei parser

A stack buffer overflow flaw was found in the GStreamer H.265 codec parser library gst-plugins-bad. When parsing a buffering period SEI message, the parser uses an incorrect loop bound derived from cpbcntminus1i the loop index instead of the sub-layer 0 CPB count cpbcntminus10 from the referenced...

6.5CVSS0.00228EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.20 views

PT-2026-48725

Name of the Vulnerable Software and Affected Versions GStreamer affected versions not specified Description A stack buffer overflow exists in the GStreamer H.265 codec parser library gst-plugins-bad. The issue occurs when parsing a buffering period SEI message, where the parser utilizes an...

6.5CVSS5.6AI score0.00228EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2026/06/10 2:25 a.m.9 views

SUSE CVE-2026-46332

In the Linux kernel, the following vulnerability has been resolved: greybus: gb-beagleplay: bound bootloader receive buffering cc1352bootloaderrx appends each serdev chunk into the fixed rxbuffer before parsing bootloader packets. The helper can keep leftover bytes between callbacks and may recei...

6.4CVSS5.6AI score0.00193EPSS
Exploits0References3
NVD
NVD
added 2026/06/09 11:17 p.m.14 views

CVE-2026-9749

This issue can occur when running an aggregation pipeline that uses the internal $exchange stage configured with key-range partitioning and order-preserving delivery. If a single key range produces enough documents to fill its exchange buffer that is, many results are routed to the same consumer,...

7.1CVSS0.0027EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 2:16 p.m.18 views

CVE-2026-46332

In the Linux kernel, the following vulnerability has been resolved: greybus: gb-beagleplay: bound bootloader receive buffering cc1352bootloaderrx appends each serdev chunk into the fixed rxbuffer before parsing bootloader packets. The helper can keep leftover bytes between callbacks and may recei...

8CVSS0.00193EPSS
Exploits0References4
OSV
OSV
added 2026/06/09 2:16 p.m.12 views

UBUNTU-CVE-2026-46332

In the Linux kernel, the following vulnerability has been resolved: greybus: gb-beagleplay: bound bootloader receive buffering cc1352bootloaderrx appends each serdev chunk into the fixed rxbuffer before parsing bootloader packets. The helper can keep leftover bytes between callbacks and may recei...

8CVSS5.4AI score0.00193EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2026/06/09 12:36 p.m.9 views

CVE-2026-46332

In the Linux kernel, the following vulnerability has been resolved: greybus: gb-beagleplay: bound bootloader receive buffering cc1352bootloaderrx appends each serdev chunk into the fixed rxbuffer before parsing bootloader packets. The helper can keep leftover bytes between callbacks and may recei...

8CVSS5.5AI score0.00193EPSS
Exploits0
CVE
CVE
added 2026/06/09 12:36 p.m.30 views

CVE-2026-46332

The CVE-2026-46332 issue affects the Linux kernel Greybus subsystem (gb-beagleplay) where cc1352_bootloader_rx() appends serdev data into a fixed rx_buffer without validating the chunk size against remaining space. This can allow an overflow when multiple packets arrive in one callback, leading t...

8CVSS5.6AI score0.00193EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/06/09 12:36 p.m.3 views

CVE-2026-46332 greybus: gb-beagleplay: bound bootloader receive buffering

In the Linux kernel, the following vulnerability has been resolved: greybus: gb-beagleplay: bound bootloader receive buffering cc1352bootloaderrx appends each serdev chunk into the fixed rxbuffer before parsing bootloader packets. The helper can keep leftover bytes between callbacks and may recei...

8CVSS5.9AI score0.00193EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.12 views

PT-2026-47789

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A buffer overflow exists in the greybus gb-beagleplay component. The cc1352 bootloader rx function appends serdev chunks into a fixed rx buffer before parsing bootloader packets. Because...

9.8CVSS5.6AI score0.93235EPSS
Exploits31References335
NVD
NVD
added 2026/06/08 3:16 p.m.13 views

CVE-2026-43973

Uncontrolled Resource Consumption vulnerability in ninenines gun gunhttp module allows a malicious server to exhaust client memory via unbounded HTTP/1.1 response buffering. In gunhttp:handle/5, three clauses accumulate incoming TCP data into the connection's buffer field using binary concatenati...

8.7CVSS0.00381EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/08 2:12 p.m.47 views

CVE-2026-43973 gun HTTP/1.1 response buffer has no size limit allowing server-controlled memory exhaustion

Uncontrolled Resource Consumption vulnerability in ninenines gun gunhttp module allows a malicious server to exhaust client memory via unbounded HTTP/1.1 response buffering. In gunhttp:handle/5, three clauses accumulate incoming TCP data into the connection's buffer field using binary concatenati...

8.7CVSS0.00381EPSS
Exploits0References3
Rows per page
Query Builder