Lucene search
K

63 matches found

RedHat Linux
RedHat Linux
added 2026/06/10 7:50 a.m.11 views

libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing

A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations,...

7.8CVSS5.9AI score0.00553EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/05 3:19 p.m.54 views

CVE-2026-48102 GHSL-2026-118: 7-Zip UDF Field OOB Read

7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler's File Identifier Descriptor parser. In CFileId::Parse CPP/7zip/Archive/Udf/UdfIn.cpp, after validating size 38 + idLen + impLen and...

3.1CVSS0.00189EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/26 12:0 a.m.36 views

CVE-2026-48683

FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read vulnerability in the NetFlow v9 data flowset processor. In src/netflowplugin/netflowv9collector.cpp, the Data template branch lines 1695-1702 iterates over flow records without performing a per-iteration bounds check agains...

0.00331EPSS
Exploits0References3
OSV
OSV
added 2026/05/09 12:33 p.m.6 views

OESA-2026-2257 krb5 security update

Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. Security Fixes: In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext...

5.9CVSS5.8AI score0.00461EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/04/14 11:25 p.m.5 views

SUSE CVE-2026-39979

jq is a command-line JSON processor. In commits before 2f09060afab23fe9390cce7cb860b10416e1bf5f, the jvparsesized API in libjq accepts a counted buffer with an explicit length parameter, but its error-handling path formats the input buffer using %s in jvstringfmt, which reads until a NUL terminat...

6.1CVSS5.9AI score0.00559EPSS
Exploits1References6
Snyk
Snyk
added 2026/02/25 7:12 p.m.6 views

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free in the PDB decoder when a memory allocation fails, leading to the use of a stale pointer. An attacker can cause a crash or trigger a single zero byte write by providing specially crafted input files. Remediation A fix was...

6.3CVSS5.9AI score
Exploits0References2
EUVD
EUVD
added 2026/01/29 2:28 p.m.5 views

EUVD-2020-30906

Gnome Fonts Viewer 3.34.0 contains a heap corruption vulnerability that allows attackers to trigger an out-of-bounds write by crafting a malicious TTF font file. Attackers can generate a specially crafted TTF file with an oversized pattern to cause an infinite malloc loop and potentially crash th...

8.4CVSS5.9AI score0.00411EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/11/26 5:54 p.m.6 views

CVE-2025-64129 Zenitel TCIV-3+ Out-of-bounds Write

Zenitel TCIV-3+ is vulnerable to an out-of-bounds write vulnerability, which could allow a remote attacker to crash the device...

7.6CVSS6.8AI score0.00403EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-16030

Malware in sbrugna...

7.5CVSS6.5AI score0.08813EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-20296

Malware in sbrugna...

9.1CVSS9.1AI score0.00912EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2025/09/17 8:11 a.m.5 views

mysql: InnoDB unspecified vulnerability (CPU Jul 2025)

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

4.9CVSS5.7AI score0.00559EPSS
Exploits0References5
Ubuntu
Ubuntu
added 2025/08/26 5:11 p.m.5 views

USN-7718-1: GNU binutils vulnerability

It was discovered that GNU binutils incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash...

7.8CVSS5.6AI score0.00254EPSS
Exploits0
Snyk
Snyk
added 2025/08/05 12:0 a.m.4 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the gtlscertificateopensslgetproperty function. An attacker can access sensitive memory contents or cause a crash by triggering improper handling of return values from BIOwrite. Remediation A fix was pushed into t...

6.3CVSS6.8AI score0.00288EPSS
Exploits0References2
NVD
NVD
added 2025/06/17 3:15 p.m.7 views

CVE-2025-49175

A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash...

6.1CVSS0.00279EPSS
Exploits0References34
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.22 views

Linux Distros Unpatched Vulnerability : CVE-2024-41957

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an open source command line text editor. Vim v9.1.0647 has double free in src/alloc.c:616. When closing a window, the corresponding tagstack data will be...

5.3CVSS5.5AI score0.00363EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2024-26953

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: esp: fix bad handling of pages from pagepool When the skb is reorganized during espoutput !esp-inline, the pages coming from the original skb fragments are...

5.5CVSS6.3AI score0.00227EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/02/27 2:7 a.m.9 views

CVE-2024-57975

In the Linux kernel, the following vulnerability has been resolved: btrfs: do proper folio cleanup when rundelallocnocow failed BUG With CONFIGDEBUGVM set, test case generic/476 has some chance to crash with the following VMBUGONFOLIO: BTRFS error device dm-3: cowfilerange failed, start 1146880 e...

5.5CVSS5.7AI score0.00189EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/12/19 12:0 a.m.42 views

AlmaLinux 8 : kernel (ALSA-2024:10943)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:10943 advisory. kernel: selinux,smack: don't bypass permissions check in inodesetsecctx hook CVE-2024-46695 kernel: net: avoid potential underflow in qdiscpktleninit wit...

7.8CVSS7AI score0.00352EPSS
Exploits1References11
OSV
OSV
added 2024/11/21 2:15 p.m.3 views

DEBIAN-CVE-2024-53425

A heap-buffer-overflow vulnerability was discovered in the SkipSpacesAndLineEnd function in Assimp v5.4.3. This issue occurs when processing certain malformed MD5 model files, leading to an out-of-bounds read and potential application crash...

6.2CVSS6.2AI score0.00301EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2024/11/12 8:54 a.m.7 views

xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents

A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a...

7.3CVSS5.8AI score0.00513EPSS
Exploits0References4
Rows per page
Query Builder