Lucene search
+L

7 matches found

osv
osv
added 2026/06/25 8:38 a.m.3 views

CVE-2026-53132 vsock/virtio: fix potential unbounded skb queue

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix potential unbounded skb queue virtiotransportincrxpkt checks vvs-rxbytes + len vvs-bufalloc. virtiotransportrecvenqueue skips coalescing for packets with VIRTIOVSOCKSEQEOM. If fed with packets with len == 0 and...

7.1CVSS5.8AI score0.0014EPSS
Exploits0References7
euvd
euvd
added 2025/12/19 3:31 p.m.6 views

EUVD-2025-204533

Turms AI-Serving module v0.10.0-SNAPSHOT and earlier contains an improper file type validation vulnerability in the OCR image upload functionality. The OcrController in turms-ai-serving/src/main/java/im/turms/ai/domain/ocr/controller/OcrController.java uses the @FormDatacontentType =...

5.3CVSS6.2AI score0.00367EPSS
Exploits1References4
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-26789

Malicious code in bioql PyPI...

6.3AI score0.00164EPSS
Exploits0References9
redhat
redhat
added 2023/03/23 11:18 a.m.4 views

Mozilla: Potential out-of-bounds when accessing throttled streams

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that when accessing throttled streams, the count of available bytes needs to be checked in the calling function to be within bounds. This may have led future code to be incorrect and vulnerable...

6.5CVSS7.3AI score0.0061EPSS
Exploits0References6
redhat
redhat
added 2023/03/20 9:39 a.m.5 views

Mozilla: Potential out-of-bounds when accessing throttled streams

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that when accessing throttled streams, the count of available bytes needs to be checked in the calling function to be within bounds. This may have led future code to be incorrect and vulnerable...

6.5CVSS7.3AI score0.0061EPSS
Exploits0References6
ubuntucve
ubuntucve
added 2019/08/18 7:15 p.m.20 views

CVE-2019-15145

DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack application crash via an out-of-bounds read by crafting a corrupted JB2 image file that is mishandled in JB2Dict::JB2Codec::getdirectcontext in libdjvu/JB2Image.h because of a missing zero-bytes check in libdjvu/GBitmap.h...

5.5CVSS6.3AI score0.01573EPSS
Exploits1References2
cvelist
cvelist
added 2019/08/18 6:30 p.m.29 views

CVE-2019-15145

DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack application crash via an out-of-bounds read by crafting a corrupted JB2 image file that is mishandled in JB2Dict::JB2Codec::getdirectcontext in libdjvu/JB2Image.h because of a missing zero-bytes check in libdjvu/GBitmap.h...

5.5AI score0.01573EPSS
Exploits1References14
Rows per page
Query Builder