Lucene search
K

57 matches found

cnnvd
cnnvd
added 2026/05/07 12:0 a.m.10 views

GDAL 缓冲区错误漏洞

GDAL is an open-source geospatial data abstraction library developed by GDAL. Versions of GDAL 3.13.0dev-4 and earlier contain a buffer error vulnerability. This vulnerability stems from a function in the file frmts/hdf4/hdf-eos/GDapi.c called GDfieldinfo, which may lead to out-of-bounds read...

5.5CVSS6AI score0.00246EPSS
Exploits1References2
cnnvd
cnnvd
added 2026/05/07 12:0 a.m.15 views

OSGeo gdal 缓冲区错误漏洞

OSGeo GDAL is an open-source geospatial raster and vector data processing library developed by OSGeo. OSGeo GDAL versions 3.13.0dev-4 and earlier contain a buffer error vulnerability. This vulnerability stems from a function called memmove in the frmts/hdf4/hdf-eos/SWapi.c file, which is part of...

5.5CVSS6AI score0.00264EPSS
Exploits1References2
ubuntucve
ubuntucve
added 2026/05/07 12:0 a.m.8 views

CVE-2026-8084

A vulnerability was determined in OSGeo gdal up to 3.13.0dev-4. This vulnerability affects the function memmove of the file frmts/hdf4/hdf-eos/SWapi.c of the component HDF-EOS Grid File Handler. This manipulation causes out-of-bounds read. The attack is restricted to local execution. The exploit...

5.5CVSS5.4AI score0.00264EPSS
Exploits1References3
ptsecurity
ptsecurity
added 2026/05/07 12:0 a.m.18 views

PT-2026-38559

Name of the Vulnerable Software and Affected Versions OSGeo gdal versions prior to 3.13.0RC1 Description A heap-based buffer overflow occurs in the GDnentries function within the frmts/hdf4/hdf-eos/GDapi.c file. This issue is triggered by manipulating the DataFieldName argument and requires the...

7.8CVSS6.2AI score0.00223EPSS
Exploits1References12
osv
osv
added 2026/04/29 1:21 p.m.7 views

JLSEC-2026-300

HDF5 Library through 1.14.3 has a heap-based buffer over-read in H5VMmemcpyvv in H5VM.c called from H5Dcompactreadvv in H5Dcompact.c...

8.8CVSS8.5AI score0.00944EPSS
Exploits0References2
ibm
ibm
added 2026/04/17 1:4 p.m.5 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the form-data libary

Summary Due to use of the form-data library, DevOps Test Performance and Rational Performance Tester contain a potential HTTP Parameter Pollution HPP vulnerability CVE-2025-7783. Vulnerability Details CVEID:CVE-2025-7783 DESCRIPTION: Use of Insufficiently Random Values vulnerability in form-data...

9.4CVSS6.7AI score0.01735EPSS
Exploits1Affected Software1
ubuntucve
ubuntucve
added 2026/03/24 4:17 a.m.5 views

CVE-2026-4738

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in OSGeo gdal frmts/zlib/contrib/infback9 modules. This vulnerability is associated with program files inftree9.C‎. This issue affects gdal: before 3.11.0...

9.4CVSS5.8AI score0.00276EPSS
Exploits0References2
ibm
ibm
added 2025/12/17 9:58 a.m.6 views

Security Bulletin: IBM watsonx Orchestrate Developer Edition is vulnerable to Insufficient Random Values (CVE-2025-7783)

Summary Due to the use of the form-data JavaScript library, IBM watsonx Orchestrate Developer Edition is vulnerable to predictable boundary values CVE-2025-7783 Vulnerability Details CVEID:CVE-2025-7783 DESCRIPTION: Use of Insufficiently Random Values vulnerability in form-data allows HTTP...

9.4CVSS6.7AI score0.01735EPSS
Exploits1Affected Software1
ibm
ibm
added 2025/09/29 7:31 a.m.7 views

Security Bulletin: IBM Event Processing is vulnerable to HTTP Parameter Pollution (HPP) attack (CVE-2025-7783).

Summary IBM Event Processing is vulnerable to an HTTP Parameter Pollution HPP attack due to the use of random values in the form-data module. This vulnerability affects how data from HTML forms is processed, particularly during form submission or when interacting with event listeners tied to form...

9.4CVSS6.6AI score0.01735EPSS
Exploits1Affected Software1
ibm
ibm
added 2025/09/23 9:2 p.m.10 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for August 2025.

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 24.0.0-IF006, 24.0.1-IF004 and 25.0.0-IF001. Vulnerability Details CVEID:CVE-2025-7783 DESCRIPTION: Use of Insufficiently Random...

9.4CVSS6.6AI score0.01735EPSS
Exploits2Affected Software2
nessus
nessus
added 2025/08/30 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2019-9151

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5VMmemcpyvv in H5VM.c when called from H5Dcompactreadvv ...

8.8CVSS7.1AI score0.01599EPSS
Exploits1References3
nessus
nessus
added 2025/08/24 12:0 a.m.1 views

FreeBSD : p5-Catalyst-Authentication-Credential-HTTP -- Insecure source of randomness (c323bab5-80dd-11f0-97c4-40b034429ecf)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c323bab5-80dd-11f0-97c4-40b034429ecf advisory. perl-catalyst project reports: Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier fo...

8.6CVSS5.5AI score0.00412EPSS
Exploits0References3
osv
osv
added 2025/08/14 6:52 p.m.3 views

MAL-2025-25465 Malicious code in LMX-Data (npm)

The package LMX-Data was found to contain malicious code...

7.2AI score
Exploits0
osv
osv
added 2025/08/14 6:52 p.m.2 views

MAL-2025-19826 Malicious code in eslint-config-data-ui (npm)

The package eslint-config-data-ui was found to contain malicious code...

7.2AI score
Exploits0
cve
cve
added 2025/08/11 8:19 p.m.33 views

CVE-2025-40920

CVE-2025-40920 affects Catalyst::Authentication::Credential::HTTP (Perl) up to version 1.018, where nonces are generated via Data::UUID, which uses a non-cryptographic source and yields v3 UUIDs. Fedora advisories (FEDORA-2025-6df5ab0b98 and FEDORA-2025-d72429a1f8) indicate the patch upgrades the...

8.6CVSS6AI score0.00412EPSS
Exploits0References7
freebsd
freebsd
added 2025/08/11 12:0 a.m.4 views

p5-Catalyst-Authentication-Credential-HTTP -- Insecure source of randomness

perl-catalyst project reports: Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl generate nonces using the Perl Data::UUID library. Data::UUID does not use a strong cryptographic source for generating UUIDs. Data::UUID returns v3 UUIDs, which are generated from known...

8.6CVSS6.2AI score0.00412EPSS
Exploits0References1
osv
osv
added 2025/07/18 5:15 p.m.8 views

AZL-65610 CVE-2025-7783 affecting package js-jquery 3.5.0-4

Use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution HPP. This vulnerability is associated with program files lib/formdata.Js. This issue affects form-data: 2.5.4, 3.0.0 - 3.0.3, 4.0.0 - 4.0.3...

9.4CVSS6.7AI score0.01735EPSS
Exploits1References1
ptsecurity
ptsecurity
added 2025/01/01 12:0 a.m.4 views

PT-2025-32585

Name of the Vulnerable Software and Affected Versions: Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier Description: The software generates nonces using the Perl Data::UUID library, which does not employ a strong cryptographic source for UUID generation. Data::UUID returns v3...

8.6CVSS6.1AI score0.00412EPSS
Exploits0References20
osv
osv
added 2024/05/14 3:38 p.m.6 views

AZL-40580 CVE-2024-33875 affecting package hdf5 for versions less than 1.14.4.3-1

HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5Olayoutencode in H5Olayout.c, resulting in the corruption of the instruction pointer...

5.7CVSS7.5AI score0.00227EPSS
Exploits0References1
cnnvd
cnnvd
added 2024/05/10 12:0 a.m.3 views

HDF Group HDF5 安全漏洞

HDF Group HDF5 is a suite of tools for managing and storing different types of data from the American company HDF Group. The product supports managing, manipulating, viewing and analyzing data and generating files in portable formats. A security vulnerability exists in HDF5 Library version 1.14.3...

7.4CVSS7.4AI score0.00245EPSS
Exploits0References3
Rows per page
Query Builder