Lucene search
K

46 matches found

EUVD
EUVD
added 2026/06/27 9:25 a.m.11 views

EUVD-2026-39960

The CONSHISTORY ioctl handler did not adequately validate the requested history size. A large value caused an integer overflow in the buffer size calculation, resulting in a heap allocation smaller than expected. Subsequent initialization of the buffer wrote beyond the end of the allocation. An...

6AI score0.00107EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/27 9:25 a.m.36 views

CVE-2026-49416 Integer overflow in vt(4) CONS_HISTORY ioctl

The CONSHISTORY ioctl handler did not adequately validate the requested history size. A large value caused an integer overflow in the buffer size calculation, resulting in a heap allocation smaller than expected. Subsequent initialization of the buffer wrote beyond the end of the allocation. An...

0.00107EPSS
Exploits0References1
CVE
CVE
added 2026/06/27 9:25 a.m.41 views

CVE-2026-49416

The CVE-2026-49416 issue affects FreeBSD vt(4) CONS_HISTORY: the ioctl handler validates the requested history size, but large values trigger an integer overflow in the buffer size calculation, causing a smaller heap allocation and an out-of-bounds write on initialization. This can enable an unpr...

7.8CVSS6AI score0.00107EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/27 12:0 a.m.13 views

PT-2026-53065

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The CONS HISTORY ioctl handler fails to properly validate the requested history size. Providing a large value leads to an integer overflow during the buffer size...

7.8CVSS5.9AI score0.00107EPSS
Exploits0References8
FreeBSD Advisory
FreeBSD Advisory
added 2026/06/09 12:0 a.m.17 views

FreeBSD-SA-26:34.vt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:34.vt Security Advisory The FreeBSD Project Topic: Integer overflow in vt4 CONSHISTORY ioctl Category: core Module: vt Announced: 2026-06-09 Credits: Ed Mast...

7.8CVSS6AI score0.00107EPSS
Exploits0
FreeBSD
FreeBSD
added 2026/06/09 12:0 a.m.6 views

FreeBSD -- Integer overflow in vt(4) CONS_HISTORY ioctl

Problem Description: The CONSHISTORY ioctl handler did not adequately validate the requested history size. A large value caused an integer overflow in the buffer size calculation, resulting in a heap allocation smaller than expected. Subsequent initialization of the buffer wrote beyond the end of...

7.8CVSS5.7AI score0.00107EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2026/03/25 5:40 p.m.35 views

LiquidJS: memoryLimit Bypass through Negative Range Values Leads to Process Crash

Summary LiquidJS's memoryLimit security mechanism can be completely bypassed by using reverse range expressions e.g., 100000000..1, allowing an attacker to allocate unlimited memory. Combined with a string flattening operation e.g., replace filter, this causes a V8 Fatal error that crashes the...

7.5CVSS6.1AI score0.00398EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-12166

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00471EPSS
Exploits2References1
OSV
OSV
added 2025/07/22 1:50 a.m.2 views

MAL-2025-6186 Malicious code in nf-cons-log (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e638446c9e65c64ab2f4781b57b182ae1de4c1da746270215e07e09992fc954e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/07/22 1:50 a.m.4 views

Malicious code in nf-cons-log (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e638446c9e65c64ab2f4781b57b182ae1de4c1da746270215e07e09992fc954e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/06/06 2:25 a.m.3 views

SUSE CVE-2025-5641

A vulnerability was found in Radare2 5.9.9. It has been rated as problematic. This issue affects the function rconsisbreaked in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. It is possible to launch the attack on the local...

2.5CVSS2.8AI score0.00186EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2025/06/06 2:25 a.m.4 views

SUSE CVE-2025-5643

A vulnerability classified as problematic was found in Radare2 5.9.9. Affected by this vulnerability is the function consstackload in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. An attack has to be approached locally. The...

2.5CVSS2.8AI score0.00192EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/06/05 12:0 a.m.6 views

Radare2 缓冲区错误漏洞

Radare2 is a Libre reverse framework for Unix geeks open-sourced by Radare. A buffer error vulnerability exists in Radare2 version 5.9.9, which stems from the mishandling of the parameter -T by the function consstackload in the component radare2, which could lead to memory corruption...

2.5CVSS4.2AI score0.00192EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2025/06/05 12:0 a.m.9 views

PT-2025-23901 · Radare2 · Radare2

Name of the Vulnerable Software and Affected Versions: Radare2 version 5.9.9 Description: A problematic vulnerability was found in the function cons stack load in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. An attack must...

2.5CVSS3.4AI score0.00192EPSS
Exploits1References15
RedhatCVE
RedhatCVE
added 2025/05/23 9:17 a.m.6 views

CVE-2024-30556

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MightyThemes Mighty Classic Pros And Cons allows Stored XSS.This issue affects Mighty Classic Pros And Cons: from n/a through 2.0.9...

6.5CVSS8.6AI score0.00331EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:45 a.m.4 views

CVE-2023-0065

The i2 Pros & Cons WordPress plugin through 1.3.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS4.4AI score0.00471EPSS
Exploits2References1
HackRead
HackRead
added 2024/08/05 12:17 p.m.10 views

The Pros and Cons of Bitcoin

Bitcoin, the first and most popular cryptocurrency, offers high potential returns but comes with high volatility and a…...

7.3AI score
Exploits0
NVD
NVD
added 2024/03/31 8:15 p.m.22 views

CVE-2024-30556

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MightyThemes Mighty Classic Pros And Cons allows Stored XSS.This issue affects Mighty Classic Pros And Cons: from n/a through 2.0.9...

6.5CVSS6.4AI score0.00331EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/31 7:46 p.m.12 views

CVE-2024-30556 WordPress Mighty Classic Pros And Cons plugin <= 2.0.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MightyThemes Mighty Classic Pros And Cons allows Stored XSS.This issue affects Mighty Classic Pros And Cons: from n/a through 2.0.9...

6.5CVSS6.7AI score0.00331EPSS
Exploits0References1
CVE
CVE
added 2024/03/31 7:46 p.m.66 views

CVE-2024-30556

Technical details beyond the initial description for CVE-2024-30556 are not present in the connected documents. The vulnerability is described as Stored XSS in Mighty Classic Pros And Cons plugin; no further product/version specifics or patch info are provided here. Monitor for updates.

6.5CVSS8.6AI score0.00331EPSS
Exploits0References1
Rows per page
Query Builder