CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

5.5CVSS5.7AI score0.00017EPSS

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ceph: fixed NULL pointer dereference in cephmdsauthmatch The CephFS kernel client has a regression starting from 6.18-rc1. There is an issue in cephmdsauthmatch if fsname is NULL: c const char fsname =...

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fixed an issue involving an untrusted unsigned subtraction operation. The following warnings from the “SMatch static checker” have also been fixed: net/rxrpc/rxgkapp.c:65 rxgkyfsdecodeticket Warning: Untrusted unsigned...

7.8CVSS5.7AI score0.00021EPSS

9.8CVSS7.8AI score0.0471EPSS

Astra Linux - уязвимость в openimageio

There is a heap-based buffer overflow vulnerability in the tile decoding code of the TIFF image parser in OpenImageIO’s master-branch-9aeece7a and v2.3.19.0. A specially crafted TIFF file can lead to out-of-bounds memory corruption, which may result in arbitrary code execution. An attacker can...

5.5CVSS5.8AI score0.0004EPSS

Astra Linux - уязвимость в ffmpeg5

In FFmpeg version n6.1.1, specifically within the avcodec/speexdec.c module, there is a potential security vulnerability due to insufficient validation of certain parameters when parsing Speex codec extradata. This vulnerability could lead to integer overflow conditions, potentially resulting in...

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в opensc

Before version 0.20.0-rc1, OpenSC had a buffer overflow vulnerability related to accessing an ASN.1 bitstring within decodebitstring in the libopensc/asn1.c file...

6.4CVSS7AI score0.00113EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в firefox, thunderbird

When attempting to load a cross-origin resource in an audio/video context, a decoding error may occur. The details of that error may contain information related to the resource. This vulnerability affects Firefox versions earlier than 86, Thunderbird versions earlier than 78.8, and Firefox ESR...

6.5CVSS7AI score0.00845EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в libde265

It was discovered that Libde265 v1.0.8 contains an unknown vulnerability through the ffhevcputhevcqpelh3v3sse function in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS attack using a specially crafted video file...

6.5CVSS6.8AI score0.00288EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в netty

In Netty 4.1.x before 4.1.46, the ZlibDecoders allowed unbounded memory allocation when decoding Zlib-encoded byte streams. An attacker could send a large Zlib-encoded byte stream to the Netty server, forcing the server to allocate all of its available memory to a single decoder...

7.5CVSS6.9AI score0.04327EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•0 views

Astra Linux - уязвимость в libde265

A issue was discovered in libde265 v1.0.8. There is a heap-use-after-free issue in intrapred.h when decoding files using dec265...

5.5CVSS6.5AI score0.00103EPSS

8.1CVSS7.3AI score0.00145EPSS

Astra Linux - уязвимость в ofono

A flaw was discovered in ofono, an open-source telephony software for Linux. A stack overflow bug was triggered within the decodesubmitreport function during SMS decoding. It is assumed that the attack scenario can be executed from a compromised modem, a malicious base station, or simply through...

RedhatCVE•added 2026/05/19 11:9 p.m.•7 views

CVE-2026-32741

A flaw was found in libheif, a library for decoding and encoding HEIF High Efficiency Image File Format and AVIF files. A remote attacker could exploit a heap buffer overflow vulnerability in the MaskImageCodec::decodemaskimage function by providing a specially crafted HEIF file containing a mask...

7.1CVSS6AI score0.00037EPSS

Exploits0References5

Snyk•added 2026/05/19 9:51 p.m.•4 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write through the image decoding process when handling grid tile chroma compositing. An attacker can execute arbitrary code or cause a denial of service by crafting a specially designed HEIF/AVIF file with a 1×4 grid of...

8.8CVSS6.2AI score0.00015EPSS

Snyk•added 2026/05/19 9:51 p.m.•9 views

Use of Uninitialized Resource

Overview Affected versions of this package are vulnerable to Use of Uninitialized Resource in the decoding process of grid-based HEIF or AVIF images when a corrupted tile fails to decode and the library returns a success status, resulting in uninitialized heap memory being exposed as pixel data. ...

7.1CVSS5.8AI score0.00033EPSS

Exploits0References2

OSV•added 2026/05/19 9:16 p.m.•6 views

DEBIAN-CVE-2026-32814

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, when decoding a HEIF grid image with strictdecoding=false the default, a corrupted tile silently fails to decode and the library returns heiferrorOk with no indication of failure, leading to an uninitialized...

6.5CVSS5.7AI score0.00033EPSS