Lucene search
K

818 matches found

Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.14 views

PT-2026-38571

Name of the Vulnerable Software and Affected Versions OSGeo gdal versions prior to 3.13.0RC1 Description A weakness in the GDfieldinfo function within the frmts/hdf4/hdf-eos/GDapi.c file can lead to an out-of-bounds read, which occurs when a program reads data past the end of the intended buffer...

5.5CVSS5.7AI score0.00246EPSS
Exploits1References11
CNNVD
CNNVD
added 2026/05/07 12:0 a.m.10 views

OSGeo gdal 缓冲区错误漏洞

OSGeo GDAL is an open-source geospatial raster and vector data processing library developed by OSGeo. OSGeo GDAL versions 3.13.0dev-4 and earlier contain a buffer error vulnerability. This vulnerability stems from the operation of the parameter DimensionName in the function SWnentries within the...

7.8CVSS6.4AI score0.00237EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.15 views

PT-2026-38555

Name of the Vulnerable Software and Affected Versions OSGeo gdal versions prior to 3.13.0RC1 Description An issue exists in the HDF-EOS Grid File Handler component within the memmove function of the frmts/hdf4/hdf-eos/SWapi.c file. This flaw allows for an out-of-bounds read, which occurs when the...

5.5CVSS5.8AI score0.00264EPSS
Exploits1References13
UbuntuCve
UbuntuCve
added 2026/05/07 12:0 a.m.8 views

CVE-2026-8084

A vulnerability was determined in OSGeo gdal up to 3.13.0dev-4. This vulnerability affects the function memmove of the file frmts/hdf4/hdf-eos/SWapi.c of the component HDF-EOS Grid File Handler. This manipulation causes out-of-bounds read. The attack is restricted to local execution. The exploit...

5.5CVSS5.4AI score0.00264EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/05/07 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-8084

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was determined in OSGeo gdal up to 3.13.0dev-4. This vulnerability affects the function memmove of the file frmts/hdf4/hdf-eos/SWapi.c of the...

5.5CVSS4.9AI score0.00264EPSS
Exploits1References3
VulnCheck KEV
VulnCheck KEV
added 2026/05/05 12:0 a.m.18 views

VulnCheck KEV: CVE-2026-7473

On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN Virtual Extensible LAN, decap-groups, or a GRE Generic Routing Encapsulation tunnel interface—is present, the switch will incorrectly decapsulate and forward other unexpected tunneled packet with a...

6.9CVSS5.4AI score0.00836EPSS
In wildExploits1References4
Arista
Arista
added 2026/05/05 12:0 a.m.33 views

Security Advisory 0137

Security Advisory 0137 PDF Date: May 5, 2026 Revision | Date | Changes ---|---|--- 1.0 | May 5, 2026 | Initial release 1.1 | May 7, 2026 | Clarified 7280R3, 7500R3 and 7800R3 exposure is limited 1.2 | May 13, 2026 | Updated Mitigation section with a note of caution 1.3 | May 20, 2026 | Updated...

6.9CVSS5.7AI score0.00836EPSS
Exploits1Affected Software1
SUSE CVE
SUSE CVE
added 2026/04/22 1:36 a.m.12 views

SUSE CVE-2026-40333

libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, two functions in camlibs/ptp2/ptp-pack.c accept a data pointer but no length parameter, performing unbounded reads. Their callers in ptpunpackEOSevents have xsize available but never pass it, leaving both...

6.1CVSS5.9AI score0.00218EPSS
Exploits0References3
NVD
NVD
added 2026/04/18 12:16 a.m.9 views

CVE-2026-40341

libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, an out of bound read in ptpunpackEOSFocusInfoEx could be used to crash libgphoto2 when processing input from untrusted USB devices. Commit c385b34af260595dfbb5f9329526be5158985987 contains a patch. No known...

3.5CVSS0.00187EPSS
Exploits0References2
NVD
NVD
added 2026/04/18 12:16 a.m.8 views

CVE-2026-40333

libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, two functions in camlibs/ptp2/ptp-pack.c accept a data pointer but no length parameter, performing unbounded reads. Their callers in ptpunpackEOSevents have xsize available but never pass it, leaving both...

6.1CVSS0.00218EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/17 11:48 p.m.35 views

CVE-2026-40341 libgphoto2 has an OOB Read in ptp_unpack_EOS_FocusInfoEx

libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, an out of bound read in ptpunpackEOSFocusInfoEx could be used to crash libgphoto2 when processing input from untrusted USB devices. Commit c385b34af260595dfbb5f9329526be5158985987 contains a patch. No known...

3.5CVSS0.00187EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/17 11:11 p.m.35 views

CVE-2026-40333 libgphoto2 has OOB read in ptp_unpack_EOS_ImageFormat() and ptp_unpack_EOS_CustomFuncEx() due to missing length parameter in ptp-pack.c

libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, two functions in camlibs/ptp2/ptp-pack.c accept a data pointer but no length parameter, performing unbounded reads. Their callers in ptpunpackEOSevents have xsize available but never pass it, leaving both...

6.1CVSS0.00218EPSS
Exploits0References2
CVE
CVE
added 2026/04/17 11:11 p.m.20 views

CVE-2026-40333

Libgphoto2 (up to v2.5.33) suffers an out‑of‑bounds read in camlibs/ptp2/ptp-pack.c: ptp_unpack_EOS_ImageFormat() and ptp_unpack_EOS_CustomFuncEx() read data without a length check due to a missing parameter, with callers in ptp_unpack_EOS_events() not passing xsize. This unbounded read can lead ...

6.1CVSS5.9AI score0.00218EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/17 11:11 p.m.6 views

CVE-2026-40333 libgphoto2 has OOB read in ptp_unpack_EOS_ImageFormat() and ptp_unpack_EOS_CustomFuncEx() due to missing length parameter in ptp-pack.c

libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, two functions in camlibs/ptp2/ptp-pack.c accept a data pointer but no length parameter, performing unbounded reads. Their callers in ptpunpackEOSevents have xsize available but never pass it, leaving both...

6.1CVSS5.9AI score0.00218EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.13 views

PT-2026-33523

Name of the Vulnerable Software and Affected Versions libgphoto2 versions prior to 2.5.34 Description Two functions in camlibs/ptp2/ptp-pack.c accept a data pointer without a length parameter, leading to unbounded reads. The calling function ptp unpack EOS events possesses the xsize variable but...

6.1CVSS5.9AI score0.00218EPSS
Exploits0References19
Arista
Arista
added 2026/04/07 12:0 a.m.32 views

Security Advisory 0135

Security Advisory 0135 PDF Date: April 7, 2026 Revision | Date | Changes ---|---|--- 1.0 | April 7th, 2026 | Initial release 1.1 | April 28th, 2026 | Correction to fixed releases fixed in 4.32.10, not 4.32.9 The CVE-ID tracking this issue: CVE-2025-31133 CVSSv3.1 Base Score: 7.8/10...

8.4CVSS7.1AI score0.0067EPSS
Exploits4
Arista
Arista
added 2026/02/17 12:0 a.m.32 views

Security Advisory 0134

Security Advisory 0134 PDF Date: February 17, 2026 Revision | Date | Changes ---|---|--- 1.0 | February 17, 2026 | Initial release The CVE-ID tracking this issue: CVE-2026-2379 CVSSv3.1 Base Score: 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Common Weakness Enumeration: CWE-672: Operation on...

8.2CVSS5.4AI score0.00226EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 10:42 a.m.8 views

CVE-2022-26300

EOS v2.1.0 was discovered to contain a heap-buffer-overflow via the function txntestgenplugin...

7.5CVSS7.3AI score0.01178EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:17 a.m.6 views

CVE-2019-18948

An issue was found in Arista EOS. Specific malformed ARP packets can impact the software forwarding of VxLAN packets. This issue is found in Arista’s EOS VxLAN code, which can allow attackers to crash the VxlanSwFwd agent. This affects EOS 4.21.8M and below releases in the 4.21.x train, 4.22.3M a...

7.5CVSS7AI score0.01044EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/09 12:0 a.m.4 views

Arista Networks EOS Buffer Overflow (SA0132)

On affected platforms running Arista EOS with MACsec configuration, a specially crafted packet can cause the MACsec process to terminate unexpectedly. Continuous receipt of these packets with certain MACsec configurations can cause longer term disruption of dataplane traffic. Note that Nessus has...

5.3CVSS5.5AI score0.00167EPSS
Exploits0References2
Rows per page
Query Builder