Lucene search
K

119 matches found

EUVD
EUVD
added last week5 views

EUVD-2026-42333

U-Boot through 2026.04-rc3 contains a buffer overflow vulnerability in nfsreadlinkreply net/nfs-common.c when CONFIGCMDNFS is enabled, allowing a malicious or compromised NFS server to overflow the 2048-byte nfspathbuff buffer by returning multiple relative symlink targets that are appended witho...

8.8CVSS6.3AI score0.00438EPSS
Exploits0References3
NVD
NVD
added 2026/07/05 12:17 a.m.9 views

CVE-2026-14684

A flaw has been found in HdrHistogram up to 2.2.2. This affects the function org.HdrHistogram.AbstractHistogram.decodeFromByteBuffer of the file src/main/java/org/HdrHistogram/AbstractHistogram.java. This manipulation of the argument numberOfSignificantValueDigits causes uncontrolled memory...

4.8CVSS0.0012EPSS
Exploits0References6
OSV
OSV
added 2026/07/04 11:30 p.m.5 views

CVE-2026-14684 HdrHistogram AbstractHistogram.java memory allocation

A flaw has been found in HdrHistogram up to 2.2.2. This affects the function org.HdrHistogram.AbstractHistogram.decodeFromByteBuffer of the file src/main/java/org/HdrHistogram/AbstractHistogram.java. This manipulation of the argument numberOfSignificantValueDigits causes uncontrolled memory...

4.8CVSS5.2AI score0.0012EPSS
Exploits0References8
NVD
NVD
added 2026/06/28 5:16 a.m.12 views

CVE-2026-10644

The Microchip SERCOM-G1 UART driver drivers/serial/uartmchpsercomg1.c, used by the PIC32CM-JH SoC family, contains an out-of-bounds write in its asynchronous DMA receive path. When uartrxenable is invoked with a one-byte receive buffer len == 1 and CONFIGUARTMCHPASYNC is enabled, the RX-complete...

4.2CVSS0.00148EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/06/28 4:2 a.m.8 views

CVE-2026-10644

The Microchip SERCOM-G1 UART driver drivers/serial/uartmchpsercomg1.c, used by the PIC32CM-JH SoC family, contains an out-of-bounds write in its asynchronous DMA receive path. When uartrxenable is invoked with a one-byte receive buffer len == 1 and CONFIGUARTMCHPASYNC is enabled, the RX-complete...

4.2CVSS6.2AI score0.00148EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/06/28 4:2 a.m.21 views

CVE-2026-10644

The CVE describes an out-of-bounds write in Microchip SERCOM-G1 UART driver (drivers/serial/uart_mchp_sercom_g1.c) used by the PIC32CM-JH family. When uart_rx_enable() is called with a one-byte receive buffer (len == 1) and CONFIG_UART_MCHP_ASYNC is enabled, the RX-complete ISR starts a single-be...

4.2CVSS6AI score0.00148EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/28 4:2 a.m.7 views

CVE-2026-10644 Out-of-bounds write in Microchip SERCOM-G1 (PIC32CM-JH) async UART RX with 1-byte buffer

The Microchip SERCOM-G1 UART driver drivers/serial/uartmchpsercomg1.c, used by the PIC32CM-JH SoC family, contains an out-of-bounds write in its asynchronous DMA receive path. When uartrxenable is invoked with a one-byte receive buffer len == 1 and CONFIGUARTMCHPASYNC is enabled, the RX-complete...

4.2CVSS6.2AI score0.00148EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/28 4:2 a.m.40 views

CVE-2026-10644 Out-of-bounds write in Microchip SERCOM-G1 (PIC32CM-JH) async UART RX with 1-byte buffer

The Microchip SERCOM-G1 UART driver drivers/serial/uartmchpsercomg1.c, used by the PIC32CM-JH SoC family, contains an out-of-bounds write in its asynchronous DMA receive path. When uartrxenable is invoked with a one-byte receive buffer len == 1 and CONFIGUARTMCHPASYNC is enabled, the RX-complete...

4.2CVSS0.00148EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/16 9:32 p.m.11 views

EUVD-2026-37189

In ImsMediaBitReader::ReadByteBuffer, there is a possible OOB read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

4.3CVSS5.6AI score0.00169EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/16 6:51 p.m.30 views

CVE-2026-0155

In ImsMediaBitReader::ReadByteBuffer, there is a possible OOB read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00169EPSS
Exploits0References1
OSV
OSV
added 2026/06/12 3:7 p.m.8 views

GHSA-R3RC-9HPW-54V9 SwiftNIO: Out-of-bounds write via ByteBuffer index and length UInt32 overflow

Summary A program using swift-nio is vulnerable to a potential out-of-bounds write when attacker-controlled index or length values exceeding UInt32.max are passed to some ByteBuffer methods. This affects all swift-nio versions from 1.0.0 to 2.99.0. It is fixed in 2.100.0 and later releases. Detai...

8.3CVSS6AI score0.00042EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/12 2:42 p.m.11 views

EUVD-2026-36457

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the HAProxy PROXY protocol v2 codec in netty leaks native or heap memory on every connection when a client sends a syntactically valid header containing nest...

8.7CVSS5.5AI score0.00606EPSS
Exploits0References3
OSV
OSV
added 2026/06/11 1:28 p.m.9 views

GHSA-C2GF-V879-257J netty-codec-http2: ByteBuf Reference-Count Leak in DelegatingDecompressorFrameListener Leads to Memory Exhaustion

Impact The DelegatingDecompressorFrameListener class orchestrates HTTP/2 decompression by embedding a per-stream EmbeddedChannel that runs the appropriate decompression codec gzip, deflate, zstd and forwards decompressed chunks to a wrapped listener. Each decompressed chunk is a pooled ByteBuf...

5.3CVSS5.5AI score0.00594EPSS
Exploits0References14
NVD
NVD
added 2026/06/09 8:16 a.m.16 views

CVE-2026-9698

DBI versions before 1.648 for Perl saved errors in a limited-sized buffer. Error messages that were returned when RaiseError, PrintError or HandleError were set were written to a 200-byte buffer without a length limit. Attackers that can influence the error text in an application can trigger a...

9.8CVSS0.00393EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

DBI 缓冲区错误漏洞

DBI is a Perl database interface tool developed under the open-source license of perl5-dbi. Versions of DBI prior to 1.648 contained a buffer error vulnerability. This vulnerability stemmed from the lack of length limitation when error messages were written into a 200-byte buffer, which could lea...

9.8CVSS5.7AI score0.00393EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:14 p.m.14 views

CVE-2026-37536

miaofng/uds-c commit e506334e270d77b20c0bc259ac6c7d8c9b702b7a 2016-10-05 contains a stack buffer overflow in senddiagnosticrequest. A 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 receives memcpy at offset 1+pidlength with payloadlength bytes. MAXUDSREQUESTPAYLOADLENGTH=7, so 1+2+7=10 exceeds...

8.8CVSS5.8AI score0.00254EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.18 views

Unity Linux 20.1070e Security Update: jackson-dataformats-binary (UTSA-2026-016707)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016707 advisory. This affects the package com.fasterxml.jackson.dataformat:jackson-dataformat-cbor from 0 and before 2.11.4, from 2.12.0-rc1 and before 2.12.1. Unchecked allocation o...

7.5CVSS6.8AI score0.03074EPSS
Exploits0References4
NVD
NVD
added 2026/05/13 7:17 p.m.16 views

CVE-2026-42583

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Lz4FrameDecoder allocates a ByteBuf of size decompressedLength up to 32 MB per block before LZ4 runs. A peer only needs a 21-byte header plus compressedLength payload bytes - 22 bytes if...

7.5CVSS0.00429EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2026/05/13 6:9 p.m.4 views

CVE-2026-42583

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Lz4FrameDecoder allocates a ByteBuf of size decompressedLength up to 32 MB per block before LZ4 runs. A peer only needs a 21-byte header plus compressedLength payload bytes - 22 bytes if...

7.5CVSS5.8AI score0.00429EPSS
Exploits1
Cvelist
Cvelist
added 2026/05/01 12:0 a.m.35 views

CVE-2026-42485

AGL agl-service-can-low-level contains a stack buffer overflow in the uds-c library. The senddiagnosticrequest function in uds.c allocates a 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 but copies up to 7 bytes MAXUDSREQUESTPAYLOADLENGTH=7 via memcpy at an offset of 1+pidlength 2-3 bytes,...

0.00314EPSS
Exploits0References2
Rows per page
Query Builder