Lucene search
+L

190 matches found

osv
osv
added last week2 views

DEBIAN-CVE-2026-59857

Vim is an open source, command line text editor. Prior to 9.2.0725, the single-byte branch of spellsoundfoldsal in src/spell.c translates a word through a spell file's SAL sound-folding rules into a caller-owned result buffer, but its result writes are guarded with reslen MAXWLEN, allowing reslen...

5.5CVSS6.1AI score0.00107EPSS
Exploits0References1
euvd
euvd
added 2026/07/06 8:25 p.m.4 views

EUVD-2026-25014

printenv: environment variables with invalid UTF-8 are silently skipped evades inspection...

4.4CVSS5.9AI score0.0017EPSS
Exploits1References6
susecve
susecve
added 2026/07/01 3:35 a.m.5 views

SUSE CVE-2026-12912

A flaw was found in libtiff. A remote attacker could exploit this vulnerability by providing a specially crafted PixarLog-compressed TIFF image. This issue occurs when decoding Pixarlog codec images with the PIXARLOGDATAFMT8BITABGR output format and a specific stride value, leading to a heap-base...

7.3CVSS6.7AI score0.00231EPSS
Exploits0References6
cvelist
cvelist
added 2026/06/29 4:31 p.m.43 views

CVE-2026-12912 Libtiff: libtiff: heap-based buffer overflow via crafted pixarlog-compressed tiff image

A flaw was found in libtiff. A remote attacker could exploit this vulnerability by providing a specially crafted PixarLog-compressed TIFF image. This issue occurs when decoding Pixarlog codec images with the PIXARLOGDATAFMT8BITABGR output format and a specific stride value, leading to a heap-base...

7.3CVSS0.00231EPSS
Exploits0References5
attackerkb
attackerkb
added 2026/06/29 4:31 p.m.7 views

CVE-2026-12912

A flaw was found in libtiff. A remote attacker could exploit this vulnerability by providing a specially crafted PixarLog-compressed TIFF image. This issue occurs when decoding Pixarlog codec images with the PIXARLOGDATAFMT8BITABGR output format and a specific stride value, leading to a heap-base...

7.3CVSS6.7AI score0.00231EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2026/06/29 12:0 a.m.14 views

PT-2026-53316

Name of the Vulnerable Software and Affected Versions libtiff affected versions not specified Description A heap-based buffer overflow exists in the PixarLog decoder. A remote attacker can trigger this issue by providing a specially crafted PixarLog-compressed TIFF image. The flaw occurs during t...

7.3CVSS6.6AI score0.00231EPSS
Exploits0References15
redhat
redhat
added 2026/06/23 10:46 p.m.16 views

libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion

A flaw was found in libpng. A remote attacker could exploit an out-of-bounds read and write vulnerability in the ARM/AArch64 Neon-optimized palette expansion path. This occurs when processing a final partial chunk of 8-bit paletted rows without verifying sufficient input pixels, leading to...

7.6CVSS6.1AI score0.00585EPSS
Exploits0References7
ptsecurity
ptsecurity
added 2026/05/26 12:0 a.m.17 views

PT-2026-43310

Name of the Vulnerable Software and Affected Versions FastNetMon Community Edition versions prior to 1.2.10 Description An integer overflow exists in the BGP AS PATH attribute encoder. The IPv4UnicastAnnounce::get attributes function calculates the attribute length and stores it in a uint8 t fiel...

9.8CVSS5.7AI score0.00308EPSS
Exploits0References19
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in openimageio

There are multiple code execution vulnerabilities in the IFFOutput::close function of the OpenImageIO Project, specifically in OpenImageIO v2.4.4.2. A specially crafted ImageOutput object can lead to a heap buffer overflow. An attacker can provide malicious input to exploit these vulnerabilities...

8.1CVSS8AI score0.01962EPSS
Exploits1References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in openimageio

There are multiple memory corruption vulnerabilities in the IFFOutput alignment padding functionality of the OpenImageIO Project, specifically in OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to arbitrary code execution. An attacker can provide malicious input to trigger...

8.1CVSS8.9AI score0.01845EPSS
Exploits1References2
cvelist
cvelist
added 2026/05/13 2:37 p.m.61 views

CVE-2026-44288 protobufjs: Overlong UTF-8 decoding

protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 7.5.6 and 8.0.2, protobufjs includes a minimal UTF-8 decoder that accepted overlong UTF-8 byte sequences and decoded them to their canonical characters instead of replacing them. An attacker who can provide protobuf...

5.3CVSS0.00301EPSS
Exploits0References1
redhat
redhat
added 2026/05/06 4:58 p.m.8 views

libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion

A flaw was found in libpng. A remote attacker could exploit an out-of-bounds read and write vulnerability in the ARM/AArch64 Neon-optimized palette expansion path. This occurs when processing a final partial chunk of 8-bit paletted rows without verifying sufficient input pixels, leading to...

7.6CVSS6.3AI score0.00585EPSS
Exploits0References7
cvelist
cvelist
added 2026/04/30 12:0 a.m.67 views

CVE-2026-40686

In Exim before 4.99.2, when utf8 operators are enabled, there is an out-of-bounds read if large UTF-8 trailing characters are present malformed UTF-8 header data. Information might be divulged within an error message produced during handling of an unrelated e-mail message...

3.7CVSS0.00246EPSS
Exploits0References4
susecve
susecve
added 2026/04/23 1:24 a.m.6 views

SUSE CVE-2026-33609

Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees...

5.3CVSS5.8AI score0.00242EPSS
Exploits0References3
redhat
redhat
added 2026/04/22 3:44 p.m.9 views

libpng: libpng: Denial of service and information disclosure via heap buffer over-read in png_image_finish_read

A flaw was found in libpng, a reference library for processing PNG Portable Network Graphics image files. A local attacker could exploit a heap buffer over-read vulnerability in the pngimagefinishread function by tricking a user into processing a specially crafted interlaced 16-bit PNG file with ...

7.1CVSS5.9AI score0.00172EPSS
Exploits1References8
euvd
euvd
added 2026/04/22 3:31 p.m.6 views

EUVD-2026-24947

Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees...

5.3CVSS5.8AI score0.00242EPSS
Exploits0References2
osv
osv
added 2026/04/22 2:16 p.m.3 views

DEBIAN-CVE-2026-33609

Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees...

6.5CVSS5.2AI score0.00242EPSS
Exploits0References1
osv
osv
added 2026/04/22 2:16 p.m.6 views

UBUNTU-CVE-2026-33609

Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees...

6.5CVSS5.8AI score0.00242EPSS
Exploits0References3
attackerkb
attackerkb
added 2026/04/22 2:0 p.m.4 views

CVE-2026-33609

Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees...

5.3CVSS5.8AI score0.00242EPSS
Exploits0References2Affected Software1
debiancve
debiancve
added 2026/04/22 2:0 p.m.5 views

CVE-2026-33609

Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees...

6.5CVSS5.2AI score0.00242EPSS
Exploits0
Rows per page
Query Builder