Lucene search
K

36 matches found

RedHat Linux
RedHat Linux
added 2026/07/01 11:46 a.m.7 views

rrdtool: rrdtool: Stack buffer overflow allows local code execution or denial of service

A flaw was found in rrdcached, a component of rrdtool. A local attacker with access to a rrdcached socket can exploit a stack-based buffer overflow by sending an oversized CREATE request. This vulnerability can lead to a denial of service by crashing the daemon or potentially allow for arbitrary...

7.8CVSS6.4AI score0.00132EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/30 8:53 p.m.5 views

rrdtool: rrdtool: Stack buffer overflow allows local code execution or denial of service

A flaw was found in rrdcached, a component of rrdtool. A local attacker with access to a rrdcached socket can exploit a stack-based buffer overflow by sending an oversized CREATE request. This vulnerability can lead to a denial of service by crashing the daemon or potentially allow for arbitrary...

7.8CVSS6.4AI score0.00132EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/06/02 1:38 a.m.16 views

SUSE CVE-2026-43958

A flaw was found in rrdcached, a component of rrdtool. A local attacker with access to a rrdcached socket can exploit a stack-based buffer overflow by sending an oversized CREATE request. This vulnerability can lead to a denial of service by crashing the daemon or potentially allow for arbitrary...

7CVSS6.3AI score0.00132EPSS
Exploits0References6
NVD
NVD
added 2026/06/01 7:16 p.m.12 views

CVE-2026-43958

A flaw was found in rrdcached, a component of rrdtool. A local attacker with access to a rrdcached socket can exploit a stack-based buffer overflow by sending an oversized CREATE request. This vulnerability can lead to a denial of service by crashing the daemon or potentially allow for arbitrary...

7.8CVSS0.00132EPSS
Exploits0References5
OSV
OSV
added 2026/06/01 7:16 p.m.6 views

UBUNTU-CVE-2026-43958

A flaw was found in rrdcached, a component of rrdtool. A local attacker with access to a rrdcached socket can exploit a stack-based buffer overflow by sending an oversized CREATE request. This vulnerability can lead to a denial of service by crashing the daemon or potentially allow for arbitrary...

7.8CVSS6.3AI score0.00132EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/01 5:34 p.m.12 views

CVE-2026-43958

A flaw was found in rrdcached, a component of rrdtool. A local attacker with access to a rrdcached socket can exploit a stack-based buffer overflow by sending an oversized CREATE request. This vulnerability can lead to a denial of service by crashing the daemon or potentially allow for arbitrary...

7.8CVSS6.3AI score0.00132EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/01 5:34 p.m.12 views

CVE-2026-43958 Rrdtool: rrdtool: stack buffer overflow allows local code execution or denial of service

A flaw was found in rrdcached, a component of rrdtool. A local attacker with access to a rrdcached socket can exploit a stack-based buffer overflow by sending an oversized CREATE request. This vulnerability can lead to a denial of service by crashing the daemon or potentially allow for arbitrary...

7.8CVSS6.3AI score0.00132EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/01 5:34 p.m.13 views

EUVD-2026-33726

A flaw was found in rrdcached, a component of rrdtool. A local attacker with access to a rrdcached socket can exploit a stack-based buffer overflow by sending an oversized CREATE request. This vulnerability can lead to a denial of service by crashing the daemon or potentially allow for arbitrary...

7.8CVSS6.3AI score0.00132EPSS
Exploits0References2
CVE
CVE
added 2026/06/01 5:34 p.m.36 views

CVE-2026-43958

The CVE-2026-43958 vulnerability affects rrdcached (part of rrdtool). A local attacker with access to the rrdcached socket can trigger a stack-based buffer overflow by sending an oversized CREATE request, leading to denial of service or potential arbitrary code execution, compromising data integr...

7.8CVSS6.3AI score0.00132EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/01 5:34 p.m.13 views

CVE-2026-43958

A flaw was found in rrdcached, a component of rrdtool. A local attacker with access to a rrdcached socket can exploit a stack-based buffer overflow by sending an oversized CREATE request. This vulnerability can lead to a denial of service by crashing the daemon or potentially allow for arbitrary...

7.8CVSS6.3AI score0.00132EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.17 views

PT-2026-45520

Name of the Vulnerable Software and Affected Versions rrdcached affected versions not specified Description A stack-based buffer overflow exists in rrdcached, a component of rrdtool. A local attacker with access to a rrdcached socket can trigger this issue by sending an oversized 'CREATE' request...

7.8CVSS6.4AI score0.00132EPSS
Exploits0References19
RedhatCVE
RedhatCVE
added 2026/03/04 1:57 a.m.5 views

CVE-2026-0035

In createRequest of MediaProvider.java, there is a possible way for an app to gain read/write access to non-existing files due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

8.4CVSS6.1AI score0.00103EPSS
Exploits0References1
OSV
OSV
added 2026/03/02 7:16 p.m.8 views

CVE-2026-0035

In createRequest of MediaProvider.java, there is a possible way for an app to gain read/write access to non-existing files due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

8.4CVSS5.9AI score0.00103EPSS
Exploits0References1
CVE
CVE
added 2026/03/02 6:42 p.m.29 views

CVE-2026-0035

CVE-2026-0035 affects the Android MediaProvider component. In MediaProvider.java's createRequest, a logic error can allow an app to gain read/write access to non-existent files, enabling local privilege escalation without extra execution privileges or user interaction. This vulnerability is docum...

8.4CVSS6.1AI score0.00103EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/03/02 6:42 p.m.30 views

CVE-2026-0035

In createRequest of MediaProvider.java, there is a possible way for an app to gain read/write access to non-existing files due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

0.00103EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/02 6:42 p.m.3 views

CVE-2026-0035

In createRequest of MediaProvider.java, there is a possible way for an app to gain read/write access to non-existing files due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

6.1AI score0.00103EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/02 6:42 p.m.8 views

EUVD-2026-9248

In createRequest of MediaProvider.java, there is a possible way for an app to gain read/write access to non-existing files due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

8.4CVSS6.1AI score0.00103EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/01 12:0 a.m.5 views

Open5GS 安全漏洞

Open5GS is an Open5GS open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS version 2.7.6 and earlier, which stems from an incorrect operation of the function sgwcs11handlecreatesessionrequest in the file...

5.5CVSS4.2AI score0.00167EPSS
Exploits1References7
Veracode
Veracode
added 2025/12/08 10:15 a.m.11 views

Server-Side Request Forgery (SSRF)

@angular/ssr is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to improper URL resolution in the createRequestUrl function that treats paths beginning with // or \ as schema-relative URLs, which allows an attacker to override the intended base URL and force the server to...

8.7CVSS7AI score0.00406EPSS
Exploits1References3Affected Software1
Snyk
Snyk
added 2025/10/16 7:42 p.m.9 views

Server-side Request Forgery (SSRF)

Overview @angular/ssr is a the Angular server side rendering utilities. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the createRequestUrl function. An attacker can cause the server to make arbitrary HTTP requests to external domains by supplying a...

8.7CVSS7.1AI score0.00406EPSS
Exploits1References2
Rows per page
Query Builder