Lucene search
K

931 matches found

CNNVD
CNNVD
added 2026/04/28 12:0 a.m.11 views

Artifex Software MuPDF 缓冲区错误漏洞

Artifex Software MuPDF is a free and lightweight PDF reader developed by Artifex Software in the United States. Versions of Artifex Software MuPDF 1.28.0 and earlier contain a buffer error vulnerability. This vulnerability stems from the fzsubsetcffforgids function in the CFF Index Handler...

6.1CVSS6AI score0.00238EPSS
Exploits1References1
OSV
OSV
added 2026/04/26 12:19 a.m.5 views

OSV-2026-629 Security exception in org.apache.thrift.protocol.TProtocolUtil.skip

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=506318134 Crash type: Security exception Crash state: org.apache.thrift.protocol.TProtocolUtil.skip org.apache.thrift.protocol.TCompactProtocol.readByte org.apache.thrift.protocol.TCompactProtocol.readFieldBegin...

5.3AI score
Exploits0References1
Cvelist
Cvelist
added 2026/04/22 2:57 p.m.30 views

CVE-2018-25267 UltraISO 9.7.1.3519 Buffer Overflow via Output FileName

UltraISO 9.7.1.3519 contains a local buffer overflow vulnerability in the Output FileName field of the Make CD/DVD Image dialog that allows attackers to overwrite SEH and SE handler records. Attackers can craft a malicious filename string with 304 bytes of data followed by SEH record overwrite...

6.9CVSS0.00181EPSS
Exploits1References3
Packet Storm News
Packet Storm News
added 2026/04/11 12:0 a.m.4 views

Automatic Teller Machines for Offline E-Cash

Electronic cash e-cash is a digital alternative to physical currency that allows anonymous transactions between users and merchants. Typically, coins in an e-cash scheme are only dispensed through a central bank. A drawback of this approach is that the bank is always on the critical path during...

5.8AI score
Exploits0
SUSE CVE
SUSE CVE
added 2026/03/31 11:29 p.m.4 views

SUSE CVE-2025-66038

OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, sccompacttlvfindtag searches a compact-TLV buffer for a given tag. In compact-TLV, a single byte encodes the tag high nibble and value length low nibble. With a 1-byte buffer 0x0A, the encoded element claims tag=0...

3.9CVSS5.9AI score0.00282EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2026/03/31 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2025-66038

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, sccompacttlvfindtag searches a compact-TLV buffer for a given tag. In...

6.8CVSS5.7AI score0.00282EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/03/30 8:48 p.m.4 views

CVE-2025-66038

A flaw was found in OpenSC, an open-source smart card tools and middleware. The sccompacttlvfindtag function, which searches compact-TLV Tag-Length-Value buffers, does not adequately verify the claimed value length against the remaining buffer size. This vulnerability allows attackers to provide...

6.8CVSS5.9AI score0.00282EPSS
Exploits1References6
OSV
OSV
added 2026/03/30 6:16 p.m.3 views

DEBIAN-CVE-2025-66038

OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, sccompacttlvfindtag searches a compact-TLV buffer for a given tag. In compact-TLV, a single byte encodes the tag high nibble and value length low nibble. With a 1-byte buffer 0x0A, the encoded element claims tag=0...

6.8CVSS5.8AI score0.00282EPSS
Exploits1References1
OSV
OSV
added 2026/03/30 6:16 p.m.3 views

UBUNTU-CVE-2025-66038

OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, sccompacttlvfindtag searches a compact-TLV buffer for a given tag. In compact-TLV, a single byte encodes the tag high nibble and value length low nibble. With a 1-byte buffer 0x0A, the encoded element claims tag=0...

6.8CVSS5.9AI score0.00282EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2026/03/30 5:3 p.m.4 views

CVE-2025-66038

OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, sccompacttlvfindtag searches a compact-TLV buffer for a given tag. In compact-TLV, a single byte encodes the tag high nibble and value length low nibble. With a 1-byte buffer 0x0A, the encoded element claims tag=0...

6.8CVSS5.8AI score0.00282EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2026/03/30 5:3 p.m.2 views

CVE-2025-66038 OpenSC: `sc_compacttlv_find_tag` can return out-of-bounds pointers

OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, sccompacttlvfindtag searches a compact-TLV buffer for a given tag. In compact-TLV, a single byte encodes the tag high nibble and value length low nibble. With a 1-byte buffer 0x0A, the encoded element claims tag=0...

3.9CVSS5.9AI score0.00282EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/30 5:3 p.m.2 views

CVE-2025-66038

OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, sccompacttlvfindtag searches a compact-TLV buffer for a given tag. In compact-TLV, a single byte encodes the tag high nibble and value length low nibble. With a 1-byte buffer 0x0A, the encoded element claims tag=0...

3.9CVSS5.9AI score0.00282EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2026/03/30 5:3 p.m.3 views

EUVD-2025-209127

OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, sccompacttlvfindtag searches a compact-TLV buffer for a given tag. In compact-TLV, a single byte encodes the tag high nibble and value length low nibble. With a 1-byte buffer 0x0A, the encoded element claims tag=0...

3.9CVSS5.9AI score0.00282EPSS
Exploits1References3
CVE
CVE
added 2026/03/30 5:3 p.m.18 views

CVE-2025-66038

OpenSC before 0.27.0 contains a validation flaw in sc_compacttlv_find_tag: for a compact-TLV element with a single-byte header (tag high nibble, length low nibble), a buffer like {0x0A} can claim tag=0 and length=10, but the code does not verify that the claimed length fits in the remaining buffe...

6.8CVSS5.9AI score0.00282EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/03/30 5:3 p.m.22 views

CVE-2025-66038 OpenSC: `sc_compacttlv_find_tag` can return out-of-bounds pointers

OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, sccompacttlvfindtag searches a compact-TLV buffer for a given tag. In compact-TLV, a single byte encodes the tag high nibble and value length low nibble. With a 1-byte buffer 0x0A, the encoded element claims tag=0...

3.9CVSS0.00282EPSS
Exploits1References3
OSV
OSV
added 2026/03/30 5:3 p.m.4 views

CVE-2025-66038 OpenSC: `sc_compacttlv_find_tag` can return out-of-bounds pointers

OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, sccompacttlvfindtag searches a compact-TLV buffer for a given tag. In compact-TLV, a single byte encodes the tag high nibble and value length low nibble. With a 1-byte buffer 0x0A, the encoded element claims tag=0...

3.9CVSS5.9AI score0.00282EPSS
Exploits1References5
Packet Storm News
Packet Storm News
added 2026/03/30 12:0 a.m.3 views

VulnScout-C: A Lightweight Transformer for C Code Vulnerability Detection

Vulnerability detection in C programs is a critical challenge in software security. Although large language models LLMs achieve strong detection performance, their multi-billion-parameter scale makes them impractical for integration into development workflows requiring low latency and continuous...

6AI score
Exploits0
Fedora
Fedora
added 2026/03/19 12:18 a.m.7 views

[SECURITY] Fedora 44 Update: aqualung-2.0-6.fc44

Aqualung is an advanced music player originally targeted at the GNU/Linux operating system. It plays audio CDs, internet radio streams and pod casts as well as sound files in just about any audio format and has the feature of inserting no gaps between adjacent tracks...

9.1CVSS5.8AI score0.00419EPSS
Exploits0
OSV
OSV
added 2026/02/24 3:16 a.m.6 views

DEBIAN-CVE-2026-26284

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, ImageMagick lacks proper boundary checking when processing Huffman-coded data from PCD Photo CD files. The decoder contains an function that has an incorrect...

9.1CVSS7.7AI score0.00404EPSS
Exploits0References1
CVE
CVE
added 2026/02/24 2:0 a.m.39 views

CVE-2026-26284

CVE-2026-26284 affects ImageMagick. The vulnerability arises in the PSD/PCD data handling path where the Huffman-coded data from PCD files is processed without proper boundary checks, causing an out-of-bounds read due to an incorrect initialization in the decoder. A patch is provided for versions...

9.1CVSS5.4AI score0.00404EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder