818 matches found
PT-2026-38571
Name of the Vulnerable Software and Affected Versions OSGeo gdal versions prior to 3.13.0RC1 Description A weakness in the GDfieldinfo function within the frmts/hdf4/hdf-eos/GDapi.c file can lead to an out-of-bounds read, which occurs when a program reads data past the end of the intended buffer...
OSGeo gdal 缓冲区错误漏洞
OSGeo GDAL is an open-source geospatial raster and vector data processing library developed by OSGeo. OSGeo GDAL versions 3.13.0dev-4 and earlier contain a buffer error vulnerability. This vulnerability stems from the operation of the parameter DimensionName in the function SWnentries within the...
PT-2026-38555
Name of the Vulnerable Software and Affected Versions OSGeo gdal versions prior to 3.13.0RC1 Description An issue exists in the HDF-EOS Grid File Handler component within the memmove function of the frmts/hdf4/hdf-eos/SWapi.c file. This flaw allows for an out-of-bounds read, which occurs when the...
CVE-2026-8084
A vulnerability was determined in OSGeo gdal up to 3.13.0dev-4. This vulnerability affects the function memmove of the file frmts/hdf4/hdf-eos/SWapi.c of the component HDF-EOS Grid File Handler. This manipulation causes out-of-bounds read. The attack is restricted to local execution. The exploit...
Linux Distros Unpatched Vulnerability : CVE-2026-8084
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was determined in OSGeo gdal up to 3.13.0dev-4. This vulnerability affects the function memmove of the file frmts/hdf4/hdf-eos/SWapi.c of the...
VulnCheck KEV: CVE-2026-7473
On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN Virtual Extensible LAN, decap-groups, or a GRE Generic Routing Encapsulation tunnel interface—is present, the switch will incorrectly decapsulate and forward other unexpected tunneled packet with a...
Security Advisory 0137
Security Advisory 0137 PDF Date: May 5, 2026 Revision | Date | Changes ---|---|--- 1.0 | May 5, 2026 | Initial release 1.1 | May 7, 2026 | Clarified 7280R3, 7500R3 and 7800R3 exposure is limited 1.2 | May 13, 2026 | Updated Mitigation section with a note of caution 1.3 | May 20, 2026 | Updated...
SUSE CVE-2026-40333
libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, two functions in camlibs/ptp2/ptp-pack.c accept a data pointer but no length parameter, performing unbounded reads. Their callers in ptpunpackEOSevents have xsize available but never pass it, leaving both...
CVE-2026-40341
libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, an out of bound read in ptpunpackEOSFocusInfoEx could be used to crash libgphoto2 when processing input from untrusted USB devices. Commit c385b34af260595dfbb5f9329526be5158985987 contains a patch. No known...
CVE-2026-40333
libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, two functions in camlibs/ptp2/ptp-pack.c accept a data pointer but no length parameter, performing unbounded reads. Their callers in ptpunpackEOSevents have xsize available but never pass it, leaving both...
CVE-2026-40341 libgphoto2 has an OOB Read in ptp_unpack_EOS_FocusInfoEx
libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, an out of bound read in ptpunpackEOSFocusInfoEx could be used to crash libgphoto2 when processing input from untrusted USB devices. Commit c385b34af260595dfbb5f9329526be5158985987 contains a patch. No known...
CVE-2026-40333 libgphoto2 has OOB read in ptp_unpack_EOS_ImageFormat() and ptp_unpack_EOS_CustomFuncEx() due to missing length parameter in ptp-pack.c
libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, two functions in camlibs/ptp2/ptp-pack.c accept a data pointer but no length parameter, performing unbounded reads. Their callers in ptpunpackEOSevents have xsize available but never pass it, leaving both...
CVE-2026-40333
Libgphoto2 (up to v2.5.33) suffers an out‑of‑bounds read in camlibs/ptp2/ptp-pack.c: ptp_unpack_EOS_ImageFormat() and ptp_unpack_EOS_CustomFuncEx() read data without a length check due to a missing parameter, with callers in ptp_unpack_EOS_events() not passing xsize. This unbounded read can lead ...
CVE-2026-40333 libgphoto2 has OOB read in ptp_unpack_EOS_ImageFormat() and ptp_unpack_EOS_CustomFuncEx() due to missing length parameter in ptp-pack.c
libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, two functions in camlibs/ptp2/ptp-pack.c accept a data pointer but no length parameter, performing unbounded reads. Their callers in ptpunpackEOSevents have xsize available but never pass it, leaving both...
PT-2026-33523
Name of the Vulnerable Software and Affected Versions libgphoto2 versions prior to 2.5.34 Description Two functions in camlibs/ptp2/ptp-pack.c accept a data pointer without a length parameter, leading to unbounded reads. The calling function ptp unpack EOS events possesses the xsize variable but...
Security Advisory 0135
Security Advisory 0135 PDF Date: April 7, 2026 Revision | Date | Changes ---|---|--- 1.0 | April 7th, 2026 | Initial release 1.1 | April 28th, 2026 | Correction to fixed releases fixed in 4.32.10, not 4.32.9 The CVE-ID tracking this issue: CVE-2025-31133 CVSSv3.1 Base Score: 7.8/10...
Security Advisory 0134
Security Advisory 0134 PDF Date: February 17, 2026 Revision | Date | Changes ---|---|--- 1.0 | February 17, 2026 | Initial release The CVE-ID tracking this issue: CVE-2026-2379 CVSSv3.1 Base Score: 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Common Weakness Enumeration: CWE-672: Operation on...
CVE-2022-26300
EOS v2.1.0 was discovered to contain a heap-buffer-overflow via the function txntestgenplugin...
CVE-2019-18948
An issue was found in Arista EOS. Specific malformed ARP packets can impact the software forwarding of VxLAN packets. This issue is found in Arista’s EOS VxLAN code, which can allow attackers to crash the VxlanSwFwd agent. This affects EOS 4.21.8M and below releases in the 4.21.x train, 4.22.3M a...
Arista Networks EOS Buffer Overflow (SA0132)
On affected platforms running Arista EOS with MACsec configuration, a specially crafted packet can cause the MACsec process to terminate unexpectedly. Continuous receipt of these packets with certain MACsec configurations can cause longer term disruption of dataplane traffic. Note that Nessus has...