1704 matches found
UBUNTU-CVE-2026-6094
Heap buffer overread in wcPKCS7DecodeEnvelopedData when parsing crafted PKCS7 EnvelopedData. This could theoretically be triggered by attacker-supplied data delivered via S/MIME or CMS...
CVE-2026-6094
Heap buffer overread in wcPKCS7DecodeEnvelopedData when parsing crafted PKCS7 EnvelopedData. This could theoretically be triggered by attacker-supplied data delivered via S/MIME or CMS...
Astra Linux – Vulnerability in libvirt
A “off-by-one” error flaw was discovered in the udevListInterfacesByStatus function in libvirt, where the number of interfaces exceeds the size of the names array. This issue can be reproduced by sending specially crafted data to the libvirt daemon, allowing an unprivileged client to perform a...
Astra Linux – Vulnerability in netcdf
A issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxmldecode performs incorrect memory handling during the parsing of crafted XML files, resulting in a heap out-of-bounds read...
PT-2026-50550
Name of the Vulnerable Software and Affected Versions CakePHP versions prior to 4.5.11 CakePHP versions 4.6.0 through 4.6.3 CakePHP versions 5.0.0 through 5.1.6 CakePHP versions 5.2.0 through 5.2.12 CakePHP versions 5.3.0 through 5.3.5 Description The getElementFileName function in the View class...
HPLIP: HPLIP: Arbitrary code execution and privilege escalation via integer overflow in hpcups
A flaw was found in HP Linux Imaging and Printing Software HPLIP. An integer overflow in the hpcups processing path when handling crafted print data may lead to arbitrary code execution or privilege escalation on the affected system...
Allocation of Resources Without Limits or Throttling
Overview protobufjs is a protocol buffer for JavaScript & TypeScript. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling during binary decoding. An attacker can cause excessive memory usage by supplying crafted protobuf binary data containing...
SUSE CVE-2026-11822
SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory exhaustion, or arbitrary code execution by supplying a crafted database with malformed FTS5 page data. Attackers can trigger an out-of-bound...
CVE-2026-11604
An incorrect buffer size calculation in the epoch key generator in OpenVPN ovpn-dco-win version 2.0.0 through 2.8.3 allows a remote authenticated peer to trigger a heap-based buffer overflow and kernel memory corruption via a crafted data packet, resulting in a system crash denial of service...
UBUNTU-CVE-2026-11822
SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory exhaustion, or arbitrary code execution by supplying a crafted database with malformed FTS5 page data. Attackers can trigger an out-of-bound...
CVE-2026-11822 SQLite before 3.53.2 Memory Corruption in FTS5 Extension
SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory exhaustion, or arbitrary code execution by supplying a crafted database with malformed FTS5 page data. Attackers can trigger an out-of-bound...
CVE-2026-11822
SQLite before 3.53.2 is affected by memory corruption in the FTS5 extension. A crafted database with malformed FTS5 page data can trigger an out-of-bounds read in fts5LeafSeek via an attacker-controlled loop bound and a heap buffer overflow write in fts5ChunkIterate via a crafted continuation pag...
SQLite 安全漏洞
SQLite is a lightweight database developed under the open-source SQLite project. It is an ACID-compliant relational database management system. There was a security vulnerability in versions of SQLite prior to 3.53.2. This vulnerability stemmed from a heap buffer overflow issue in the FTS5...
GPAC MP4Box 资源管理错误漏洞
GPAC MP4Box is a open-source multimedia packager from GPAC. It is primarily used for processing ISOBMF files such as MP4 and 3GP, but it can also be used for importing/exporting media from container files like AVI, MPG, MKV, and MPEG-2 TS. Version 2.4 of GPAC MP4Box has a resource management...
UBUNTU-CVE-2026-50589
In OpenStack Ironic 32 before 37.0.0, an unauthenticated malicious user could submit a crafted JSON string to some endpoints on the API or JSON-RPC service and effect a service crash...
OpenStack Ironic 安全漏洞
OpenStack Ironic is an integrated OpenStack software. It is used to configure bare machines rather than virtual machines. There were security vulnerabilities in versions 32 to 37.0.0 of OpenStack Ironic. These vulnerabilities stemmed from unverified malicious users being able to submit specially...
CVE-2025-60495
A segmentation violation in the gfmediagetcolorinfo function /mediatools/isomtools.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted data file...
Linux Distros Unpatched Vulnerability : CVE-2025-60495
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A segmentation violation in the gfmediagetcolorinfo function /mediatools/isomtools.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of...
CVE-2025-60495
A segmentation violation in the gfmediagetcolorinfo function /mediatools/isomtools.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted data file...
DEBIAN-CVE-2025-60495
A segmentation violation in the gfmediagetcolorinfo function /mediatools/isomtools.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted data file...