Lucene search
K

562 matches found

Positive Technologies
Positive Technologies
added 2026/02/09 12:0 a.m.9 views

PT-2026-7179

Name of the Vulnerable Software and Affected Versions PowerDocu versions prior to 2.4.0 Description PowerDocu, a Windows GUI executable for technical documentation, has a security issue in its JSON parsing process within Flow or App packages. The application incorrectly trusts the $type property ...

7.8CVSS5.7AI score0.00274EPSS
Exploits1References6
Cvelist
Cvelist
added 2026/02/05 7:9 p.m.26 views

CVE-2026-1301 Out-of-bounds Write in o6 Automation GmbH Open62541

In builds with PubSub and JSON enabled, a crafted JSON message can cause the decoder to write beyond a heap-allocated array before authentication, reliably crashing the process and corrupting memory...

6.8CVSS0.00343EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/17 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-0897

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote...

7.6CVSS5.5AI score0.00299EPSS
Exploits3References3
RedhatCVE
RedhatCVE
added 2026/01/16 7:25 p.m.4 views

CVE-2026-22803

SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. From 2.49.0 to 2.49.4, the experimental form remote function uses a binary data format containing a representation of submitted form data. A specially-crafted payload can cause the server to allocate...

8.2CVSS6.9AI score0.00527EPSS
Exploits0References1
OSV
OSV
added 2026/01/16 12:0 p.m.4 views

OESA-2026-1135 hdf5 security update

HDF5 is a data model, library, and file format for storing and managing data. It supports an unlimited variety of datatypes, and is designed for flexible and efficient I/O and for high volume and complex data. HDF5 is portable and is extensible, allowing applications to evolve in their use of HDF...

8.8CVSS6.3AI score0.00387EPSS
Exploits16References17
OSV
OSV
added 2026/01/16 12:0 p.m.2 views

OESA-2026-1133 hdf5 security update

HDF5 is a data model, library, and file format for storing and managing data. It supports an unlimited variety of datatypes, and is designed for flexible and efficient I/O and for high volume and complex data. HDF5 is portable and is extensible, allowing applications to evolve in their use of HDF...

8.8CVSS6.1AI score0.00462EPSS
Exploits20References21
OSV
OSV
added 2026/01/16 12:0 p.m.4 views

OESA-2026-1131 hdf5 security update

HDF5 is a data model, library, and file format for storing and managing data. It supports an unlimited variety of datatypes, and is designed for flexible and efficient I/O and for high volume and complex data. HDF5 is portable and is extensible, allowing applications to evolve in their use of HDF...

8.8CVSS6.1AI score0.00462EPSS
Exploits20References21
EUVD
EUVD
added 2026/01/15 6:37 p.m.3 views

EUVD-2026-2789

SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. From 2.49.0 to 2.49.4, the experimental form remote function uses a binary data format containing a representation of submitted form data. A specially-crafted payload can cause the server to allocate...

8.2CVSS6.3AI score0.00527EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/01/15 6:37 p.m.4 views

CVE-2026-22803

SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. From 2.49.0 to 2.49.4, the experimental form remote function uses a binary data format containing a representation of submitted form data. A specially-crafted payload can cause the server to allocate...

8.2CVSS5.6AI score0.00527EPSS
Exploits0References4Affected Software1
Snyk
Snyk
added 2026/01/15 2:52 p.m.4 views

Allocation of Resources Without Limits or Throttling

Overview keras is a Keras is a high-level neural networks API for Python.. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in HDF5 dataset metadata validation. An attacker can cause excessive memory consumption and crash the Python...

7.5CVSS5.9AI score0.00299EPSS
Exploits3References2
OSV
OSV
added 2026/01/15 2:16 p.m.12 views

UBUNTU-CVE-2026-0897

Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service DoS through memory exhaustion and a crash of the Python interpreter via a crafted .keras archive...

7.6CVSS6.1AI score0.00299EPSS
Exploits3References3
Debian CVE
Debian CVE
added 2026/01/15 2:9 p.m.5 views

CVE-2026-0897

Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service DoS through memory exhaustion and a crash of the Python interpreter via a crafted .keras archive...

7.6CVSS6.6AI score0.00299EPSS
Exploits3
Positive Technologies
Positive Technologies
added 2026/01/15 12:0 a.m.7 views

PT-2026-3003

Name of the Vulnerable Software and Affected Versions Supreme Modules Lite versions prior to 2.5.63 Description The Supreme Modules Lite plugin for WordPress is susceptible to arbitrary file upload due to inadequate file type validation. The plugin incorrectly identifies JSON files, permitting...

8.8CVSS6AI score0.00505EPSS
Exploits0References7
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.3 views

Astra Linux – Vulnerability in hdf5

A vulnerability classified as problematic was discovered in HDF5 1.14.6. This vulnerability affects the function H5FSsinfoserializenodecb in the file src/H5FScache.c. The exploitation of this vulnerability leads to a heap-based buffer overflow. Local access is required to carry out this attack. T...

5.5CVSS5AI score0.00215EPSS
Exploits1References3
OSV
OSV
added 2026/01/09 2:5 p.m.6 views

OESA-2026-1007 hdf5 security update

HDF5 is a data model, library, and file format for storing and managing data. It supports an unlimited variety of datatypes, and is designed for flexible and efficient I/O and for high volume and complex data. HDF5 is portable and is extensible, allowing applications to evolve in their use of HDF...

8.1CVSS5.6AI score0.00462EPSS
Exploits4References5
Packet Storm News
Packet Storm News
added 2026/01/02 12:0 a.m.4 views

Revotech I6032W-FHW Authentication Bypass

The Revotech I6032W-FHW IP camera firmware contains an authentication bypass vulnerability in the /cgi-bin/jvsweb.cgi endpoint. The device does not validate the user.name and user.digest fields included in JSON-based API requests, allowing unauthenticated attackers to invoke administrative method...

7.1AI score0.0047EPSS
Exploits2
Cvelist
Cvelist
added 2025/12/31 6:59 a.m.25 views

CVE-2025-15274 FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...

8.8CVSS0.00579EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/24 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-14932

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NSF Unidata NetCDF-C Time Unit Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary...

7.8CVSS7.6AI score0.00306EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/12/22 12:43 a.m.5 views

hdf5: HDF5 heap-based overflow

A vulnerability was found in the H5Creconstructcacheentry function of the H5Cimage.c file in HDF5. Input manipulation can occur, which leads to a heap-based buffer overflow. Exploitation of this vulnerability requires local system access...

5.3CVSS6AI score0.00204EPSS
Exploits1References10
CVE
CVE
added 2025/12/19 7:10 a.m.11 views

CVE-2025-66496

CVE-2025-66496 is a memory corruption issue in Foxit PDF Reader’s 3D annotation handling due to insufficient bounds checking when parsing PRC data, leading to out-of-bounds access. The connected advisory notes Foxit fixed multiple vulnerabilities in Foxit PDF Reader, including memory corruption a...

7.8CVSS6.6AI score0.00175EPSS
Exploits0References1Affected Software2
Rows per page
Query Builder