Lucene search
K

61 matches found

NVD
NVD
added 2026/06/30 1:19 p.m.14 views

CVE-2026-58011

A flaw was found in GLib. An out-of-bounds read of only 2 bytes can occur in the gdatetimegetymd function in the glib/gdatetime.c file when an invalid GDateTime object produced by the gdatetimeaddfull function is processed. This flaw can corrupt the date output and potentially cause logic errors...

7.5CVSS0.00344EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/06/30 12:57 p.m.47 views

CVE-2026-58010 Glib: buffer over-read in glib/gvariant-serialiser.c via gvs_tuple_is_normal()

A flaw was found in GLib. An off-by-one error can occur in the gvstupleisnormal function in the glib/gvariant-serialiser.c file when doing an alignment padding check because the bounds check uses instead of =, causing an out-of-bounds read of only 1 byte. This issue can cause a minor information...

6.5CVSS0.00322EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/06/30 12:57 p.m.5 views

CVE-2026-58010

A flaw was found in GLib. An off-by-one error can occur in the gvstupleisnormal function in the glib/gvariant-serialiser.c file when doing an alignment padding check because the bounds check uses instead of =, causing an out-of-bounds read of only 1 byte. This issue can cause a minor information...

6.5CVSS5.8AI score0.00322EPSS
Exploits1References4
NVD
NVD
added 2026/06/23 9:16 p.m.7 views

CVE-2026-12892

A flaw was found in GStreamer's gst-plugins-bad package. When processing a specially crafted H.264 video file containing malformed MVC or SVC extension slice NAL units, a 1-byte heap out-of-bounds read can occur during parsing. This happens when the parser attempts to check slice boundary...

4.4CVSS0.00119EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/10 9:26 p.m.31 views

CVE-2026-45358 ImageMagick: Out-of-Bounds Read of a single byte in meta encoder

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, an off by one in the meta encoder could result in an out of bounds read of a single byte in the meta encoder. This issue has been patched in versions 6.9.13-47...

5.3CVSS0.0024EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/08 1:35 p.m.11 views

CVE-2026-48112

7-Zip is a file archiver with a high compression ratio. Versions 9.18 through 26.00 contain a heap out-of-bounds read in 7-Zip Ar handler BSD SYMDEF parser. A 4-byte heap out-of-bounds read exists in the Unix ar archive parser in 7-Zip. When parsing a BSD-style .SYMDEF symbol table, the...

6.5CVSS5.7AI score0.00267EPSS
Exploits1References2
Mageia
Mageia
added 2026/05/29 5:12 a.m.16 views

Updated perl-IO-Compress package fixes security vulnerabilities

The updated package fixes security vulnerabilities: IO::Uncompress::Unzip versions before 2.215 for Perl propagate uncaught exception when parsing zip header with malformed DOS date. CVE-2025-15649 IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in...

7.8CVSS6.2AI score0.00373EPSS
Exploits3References5
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.13 views

SUSE CVE-2026-47104

libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed USB descriptor whose bLength equals size minus one, causing the bounds check to use the original buffer...

5.5CVSS5.9AI score0.0013EPSS
Exploits0References3
OSV
OSV
added 2026/05/27 2:17 p.m.9 views

UBUNTU-CVE-2026-47104

libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed USB descriptor whose bLength equals size minus one, causing the bounds check to use the original buffer...

5.5CVSS5.9AI score0.0013EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/05/27 1:20 p.m.50 views

CVE-2026-47104 libusb < 1.0.30 Out-of-Bounds Read in parse_iad_array()

libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed USB descriptor whose bLength equals size minus one, causing the bounds check to use the original buffer...

5.1CVSS0.0013EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/27 1:20 p.m.15 views

EUVD-2026-32500

libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed USB descriptor whose bLength equals size minus one, causing the bounds check to use the original buffer...

5.1CVSS5.9AI score0.0013EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/05/27 1:20 p.m.10 views

CVE-2026-47104

libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed USB descriptor whose bLength equals size minus one, causing the bounds check to use the original buffer...

5.5CVSS5.9AI score0.0013EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/05/27 1:20 p.m.18 views

CVE-2026-47104

libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed USB descriptor whose bLength equals size minus one, causing the bounds check to use the original buffer...

5.5CVSS5.9AI score0.0013EPSS
Exploits0References5
OSV
OSV
added 2026/05/27 4:16 a.m.10 views

UBUNTU-CVE-2026-48959

IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward. fastForward compares length $offset the digit count of the offset, 1 to 19 against the chunk size $c instead of $offset itself, so $c shrinks from 16 KiB to 1-19 bytes per iteration...

7.5CVSS5.7AI score0.00373EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/27 2:29 a.m.8 views

CVE-2026-48959

IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward. fastForward compares length $offset the digit count of the offset, 1 to 19 against the chunk size $c instead of $offset itself, so $c shrinks from 16 KiB to 1-19 bytes per iteration...

5.7AI score0.00373EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/27 2:29 a.m.13 views

CVE-2026-48959 IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward

IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward. fastForward compares length $offset the digit count of the offset, 1 to 19 against the chunk size $c instead of $offset itself, so $c shrinks from 16 KiB to 1-19 bytes per iteration...

5.7AI score0.00373EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/27 2:29 a.m.87 views

CVE-2026-48959 IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward

IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward. fastForward compares length $offset the digit count of the offset, 1 to 19 against the chunk size $c instead of $offset itself, so $c shrinks from 16 KiB to 1-19 bytes per iteration...

0.00373EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.11 views

PT-2026-43972

Name of the Vulnerable Software and Affected Versions libusb versions prior to 1.0.30 Description A one-byte out-of-bounds read exists in the parse iad array function within descriptor.c. This occurs when a malformed USB descriptor is supplied where the bLength equals the size minus one, causing...

5.5CVSS5.9AI score0.0013EPSS
Exploits0References14
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.14 views

Astra Linux – Vulnerability in tar

GNU Tar version 1.34 has a one-byte out-of-bounds read operation, which allows for the use of uninitialized memory in a conditional jump. Exploitation to change the control flow of the program has not been demonstrated. The issue occurs in the fromheader section of the list.c file, due to a V7...

5.5CVSS6.7AI score0.04524EPSS
Exploits1References2
OSV
OSV
added 2026/05/18 5:48 p.m.6 views

GHSA-CR6R-HMJ8-PR7R ImageMagick: Out-of-Bounds Read of a single byte in meta encoder

An of by one in the meta encoder could result in an out of bounds read of a single byte in the meta encoder...

5.3CVSS5.8AI score0.0024EPSS
Exploits0References3
Rows per page
Query Builder