Lucene search
+L

73 matches found

RedHat Linux
RedHat Linux
added 2026/06/29 9:25 p.m.10 views

glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width

A flaw was found in glibc GNU C Library. This vulnerability occurs when an application uses the scanf family of functions with a %mc format specifier, which is used for dynamically allocating memory for character input, and provides an explicit width greater than 1024. This specific combination c...

9.8CVSS5.9AI score0.00502EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2026/06/24 1:56 a.m.10 views

CVE-2026-56115

A flaw was found in dhcpcd. This vulnerability allows an unauthenticated attacker on the same network link to trigger a one-byte stack out-of-bounds write. By sending a specially crafted DHCPv6 ADVERTISE message with an oversized option, the attacker can corrupt adjacent stack memory. This can le...

8.8CVSS5.8AI score0.00307EPSS
Exploits1References5
OSV
OSV
added 2026/06/23 5:17 p.m.3 views

UBUNTU-CVE-2026-56115

Bootimus through 0.1.70 contains a broken access control vulnerability that allows authenticated low-privileged users to perform administrative actions by exploiting missing role enforcement in the JWTMiddleware function in internal/auth/auth.go, which validates JWT tokens and account status but...

8.8CVSS5.8AI score0.00307EPSS
Exploits1References2
OSV
OSV
added 2026/05/26 12:0 a.m.2 views

CVE-2026-48689

FastNetMon Community Edition through 1.2.9 contains an off-by-one heap-based buffer overflow in the dynamicbinarybuffert class src/dynamicbinarybuffer.hpp. Five methods appenddynamicbuffer, appenddataaspointer, appenddataasobjectptr, memcpyfromptr, memcpyfromobjectptr use an incorrect bounds chec...

9.8CVSS6.7AI score0.00677EPSS
Exploits1References5
Anthropic
Anthropic
added 2026/05/20 1:20 a.m.22 views

ANT-2026-6615Y595 · wolfSSL · Heap Buffer Overflow

heap-buffer-overflow medium CVE-2026-5448 Severity Claude medium · Security research firm medium · Maintainer - REPORT Anthropic's analysis, sealed at approval. Disclosure to the maintainer was performed by Calif. ANT-2026-6615Y595: Final Assessment: 2-Byte Heap Overflow in wolfSSLX509notAfter /...

4.3CVSS5.9AI score0.00122EPSS
Exploits0
EUVD
EUVD
added 2026/04/20 9:31 p.m.7 views

EUVD-2026-23978

Calling the scanf family of functions with a %mc malloc'd character match in the GNU C Library version 2.7 to version 2.43 with a format width specifier with an explicit width greater than 1024 could result in a one byte heap buffer overflow...

6.1AI score0.00502EPSS
Exploits1References3
OSV
OSV
added 2026/04/20 8:55 p.m.3 views

CVE-2026-5450 scanf %mc off-by-one heap buffer overflow

Calling the scanf family of functions with a %mc malloc'd character match in the GNU C Library version 2.7 to version 2.43 with a format width specifier with an explicit width greater than 1024 could result in a one byte heap buffer overflow...

9.8CVSS6.3AI score0.00502EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/04/09 11:18 p.m.34 views

CVE-2026-5448 1-2 Byte Buffer Overflow in wolfSSL_X509_notAfter/notBefore

X.509 date buffer overflow in wolfSSLX509notAfter / wolfSSLX509notBefore. A buffer overflow may occur when parsing date fields from a crafted X.509 certificate via the compatibility layer API. This is only triggered when calling these two APIs directly from an application, and does not affect TLS...

2.3CVSS0.00122EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 2:59 p.m.7 views

CVE-2026-28520

arduino-TuyaOpen before version 1.2.1 contains a single-byte buffer overflow vulnerability in the WiFiMulti component. When the victim's smart hardware connects to an attacker-controlled AP hotspot, the attacker can exploit the overflow to execute arbitrary code on the affected embedded device...

8.6CVSS6.4AI score0.00193EPSS
Exploits0References1
NVD
NVD
added 2026/03/16 2:19 p.m.11 views

CVE-2026-28520

arduino-TuyaOpen before version 1.2.1 contains a single-byte buffer overflow vulnerability in the WiFiMulti component. When the victim's smart hardware connects to an attacker-controlled AP hotspot, the attacker can exploit the overflow to execute arbitrary code on the affected embedded device...

8.6CVSS0.00193EPSS
Exploits0References3
OSV
OSV
added 2026/03/15 1:35 p.m.8 views

CVE-2026-28520 arduino-TuyaOpen WiFiMulti Single-Byte Buffer Overflow Remote Code Execution

arduino-TuyaOpen before version 1.2.1 contains a single-byte buffer overflow vulnerability in the WiFiMulti component. When the victim's smart hardware connects to an attacker-controlled AP hotspot, the attacker can exploit the overflow to execute arbitrary code on the affected embedded device...

8.6CVSS6.6AI score0.00193EPSS
Exploits0References5
OSV
OSV
added 2026/01/05 10:52 a.m.8 views

SUSE-SU-2026:0018-1 Security update for glib2

This update for glib2 fixes the following issues: - CVE-2025-14512: integer overflow in the GIO escapebytestring function when processing malicious files or remote filesystem attribute values can lead to denial-of-service bsc1254878. - CVE-2025-14087: buffer underflow in the GVariant parser...

9.8CVSS7.8AI score0.00767EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2025/12/18 12:0 a.m.5 views

EulerOS Virtualization 2.13.1 : libarchive (EulerOS-SA-2025-2548)

According to the versions of the libarchive package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdta...

7.8CVSS6.7AI score0.00341EPSS
Exploits2References5
RedhatCVE
RedhatCVE
added 2025/11/27 6:54 a.m.12 views

CVE-2025-64330

A flaw was found in Suricata. This vulnerability allows a denial of service DoS via a single byte read heap overflow when logging the verdict in eve.alert and eve.drop records, requiring the per packet alert queue to be filled with alerts followed by a pass rule...

7.5CVSS6.5AI score0.00327EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/11/22 10:31 p.m.5 views

CVE-2025-64503

A flaw was found in cups-filters. This vulnerability allows an out-of-bounds write via a crafted Portable Document Format PDF file with a large MediaBox value...

4CVSS6.2AI score0.00208EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-11979

Malware in sbrugna...

7.8CVSS7.5AI score0.00658EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2007-5180

Malware in sbrugna...

9.8CVSS9.3AI score0.02211EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/09/16 12:0 a.m.6 views

EulerOS 2.0 SP13 : libarchive (EulerOS-SA-2025-2145)

According to the versions of the libarchive package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially...

7.8CVSS6.7AI score0.00341EPSS
Exploits2References5
Microsoft CVE
Microsoft CVE
added 2025/09/04 1:14 a.m.10 views

HDF5 Scale-Offset Filter H5Z__scaleoffset_decompress_one_byte heap-based overflow

...

7.8CVSS7AI score0.00373EPSS
Exploits1
OSV
OSV
added 2025/08/20 11:55 a.m.4 views

SUSE-SU-2025:20563-1 Security update for gnutls

This update for gnutls fixes the following issues: - CVE-2025-32988: Fixed double-free due to incorrect ownership handling bsc1246232 - CVE-2025-32989: Fixed heap buffer overread during X.509 certificate parsing bsc1246233 - CVE-2025-32990: Fixed 1-byte heap buffer overflow when parsing templates...

8.2CVSS6.8AI score0.01185EPSS
Exploits0References9
Rows per page
Query Builder