Lucene search
K

851 matches found

Positive Technologies
Positive Technologies
added 2026/02/24 12:0 a.m.12 views

PT-2026-21764

Name of the Vulnerable Software and Affected Versions exiftool versions prior to 13.50 Description An OS command injection issue exists in the PNG File Parser component of exiftool on macOS. The flaw is located in the SetMacOSTags function within the lib/Image/ExifTool/MacOS.pm file. A remote...

8.8CVSS7.4AI score0.03411EPSS
Exploits2References39
Positive Technologies
Positive Technologies
added 2026/02/23 12:0 a.m.7 views

PT-2026-24787

Name of the Vulnerable Software and Affected Versions strukturag libheif versions up to 1.21.2 Description A flaw exists in strukturag libheif that allows for an out-of-bounds read. The issue resides in the vvdec push data2 function within the libheif/plugins/decoder vvdec.cc file of the HEIF Fil...

4.8CVSS5.6AI score0.00117EPSS
Exploits0References68
RedhatCVE
RedhatCVE
added 2026/02/22 1:28 a.m.8 views

CVE-2026-2858

A vulnerability was identified in wren-lang wren up to 0.4.0. This affects the function peekChar of the file src/vm/wrencompiler.c of the component Source File Parser. Such manipulation leads to out-of-bounds read. The attack needs to be performed locally. The exploit is publicly available and...

7.1CVSS5.1AI score0.00124EPSS
Exploits0References1
NVD
NVD
added 2026/02/20 10:16 p.m.12 views

CVE-2026-2858

A vulnerability was identified in wren-lang wren up to 0.4.0. This affects the function peekChar of the file src/vm/wrencompiler.c of the component Source File Parser. Such manipulation leads to out-of-bounds read. The attack needs to be performed locally. The exploit is publicly available and...

7.1CVSS0.00124EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/02/20 9:32 p.m.5 views

CVE-2026-2858 wren-lang wren Source File wren_compiler.c peekChar out-of-bounds

A vulnerability was identified in wren-lang wren up to 0.4.0. This affects the function peekChar of the file src/vm/wrencompiler.c of the component Source File Parser. Such manipulation leads to out-of-bounds read. The attack needs to be performed locally. The exploit is publicly available and...

4.8CVSS4.9AI score0.00124EPSS
Exploits0References6
Snyk
Snyk
added 2026/02/19 5:1 a.m.3 views

Off-by-one Error

Overview Affected versions of this package are vulnerable to Off-by-one Error via the decodebase64 function in the Encrypted XLSX File Parser component. An attacker can cause a denial of service by executing a manipulation that triggers an off-by-one error. Remediation A fix was pushed into the...

5.5CVSS5.6AI score0.00209EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/02/19 4:2 a.m.34 views

CVE-2026-2703 xlnt-community xlnt Encrypted XLSX File base64.cpp decode_base64 off-by-one

A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::decodebase64 of the file source/detail/cryptography/base64.cpp of the component Encrypted XLSX File Parser. Executing a manipulation can lead to off-by-one. The attack requires local access...

4.8CVSS0.00209EPSS
Exploits1References7
CVE
CVE
added 2026/02/19 4:2 a.m.15 views

CVE-2026-2703

CVE-2026-2703 affects the xlnt-community xlnt project up to version 1.6.1. The vulnerability resides in the function xlnt::detail::decode_base64 (source/detail/cryptography/base64.cpp) of the Encrypted XLSX File Parser and is caused by an off-by-one flaw introduced by manipulation. The issue requ...

5.5CVSS4.5AI score0.00209EPSS
Exploits1References7Affected Software1
NVD
NVD
added 2026/02/18 7:16 a.m.6 views

CVE-2026-2644

A weakness has been identified in niklasso minisat up to 2.2.0. This issue affects the function Solver::value in the library core/SolverTypes.h of the component DIMACS File Parser. This manipulation of the argument variable index with the input 2147483648 causes out-of-bounds read. The attack nee...

7.8CVSS0.00221EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2026/02/18 7:2 a.m.5 views

CVE-2026-2644 niklasso minisat DIMACS File SolverTypes.h value out-of-bounds

A weakness has been identified in niklasso minisat up to 2.2.0. This issue affects the function Solver::value in the library core/SolverTypes.h of the component DIMACS File Parser. This manipulation of the argument variable index with the input 2147483648 causes out-of-bounds read. The attack nee...

4.8CVSS5.1AI score0.00221EPSS
Exploits1References6
Cvelist
Cvelist
added 2026/02/18 7:2 a.m.32 views

CVE-2026-2644 niklasso minisat DIMACS File SolverTypes.h value out-of-bounds

A weakness has been identified in niklasso minisat up to 2.2.0. This issue affects the function Solver::value in the library core/SolverTypes.h of the component DIMACS File Parser. This manipulation of the argument variable index with the input 2147483648 causes out-of-bounds read. The attack nee...

4.8CVSS0.00221EPSS
Exploits1References6
OSV
OSV
added 2026/02/18 7:2 a.m.6 views

CVE-2026-2644 niklasso minisat DIMACS File SolverTypes.h value out-of-bounds

A weakness has been identified in niklasso minisat up to 2.2.0. This issue affects the function Solver::value in the library core/SolverTypes.h of the component DIMACS File Parser. This manipulation of the argument variable index with the input 2147483648 causes out-of-bounds read. The attack nee...

4.8CVSS5.3AI score0.00221EPSS
Exploits1References8
CVE
CVE
added 2026/02/18 7:2 a.m.31 views

CVE-2026-2644

CVE-2026-2644 affects niklasso minisat up to 2.2.0. The issue resides in Solver::value within core/SolverTypes.h of the DIMACS File Parser, where the argument index is manipulated with 2147483648, causing an out-of-bounds read. Attacks require local access; public exploits have been made availabl...

7.8CVSS5.1AI score0.00221EPSS
Exploits1References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/18 12:0 a.m.11 views

PT-2026-20356

A weakness has been identified in niklasso minisat up to 2.2.0. This issue affects the function Solver::value in the library core/SolverTypes.h of the component DIMACS File Parser. This manipulation of the argument variable index with the input 2147483648 causes out-of-bounds read. The attack nee...

4.8CVSS5.1AI score0.00221EPSS
Exploits1References7
Cvelist
Cvelist
added 2026/02/09 7:2 p.m.31 views

CVE-2026-2245 CCExtractor MPEG-TS File ts_tables.c parse_PMT out-of-bounds

A vulnerability was identified in CCExtractor up to 183. This affects the function parsePAT/parsePMT in the library src/libccx/tstables.c of the component MPEG-TS File Parser. Such manipulation leads to out-of-bounds read. The attack can only be performed from a local environment. The exploit is...

4.8CVSS0.00127EPSS
Exploits0References9
OSV
OSV
added 2026/02/02 12:45 p.m.4 views

SUSE-SU-2026:20222-1 Security update for wireshark

This update for wireshark fixes the following issues: Update to Wireshark 4.4.13: - CVE-2025-11626: MONGO dissector infinite loop bsc1251933. - CVE-2025-13499: Kafka dissector crash bsc1254108. - CVE-2025-13945: HTTP3 dissector crash bsc1254471. - CVE-2025-13946: MEGACO dissector infinite loop...

7.8CVSS6.1AI score0.00206EPSS
Exploits5References17
OSV
OSV
added 2026/01/23 12:23 p.m.6 views

OESA-2026-1216 assimp security update

Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose. Security Fixes: A vulnerability was found in Open...

5.5CVSS4.3AI score0.00208EPSS
Exploits1References2
OSV
OSV
added 2026/01/23 12:23 p.m.15 views

OESA-2026-1215 assimp security update

Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose. Security Fixes: A vulnerability was found in Open...

5.5CVSS4.3AI score0.00208EPSS
Exploits1References2
OSV
OSV
added 2026/01/23 12:23 p.m.7 views

OESA-2026-1214 assimp security update

Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose. Security Fixes: A vulnerability was found in Open...

5.5CVSS4.3AI score0.00208EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.5 views

Wireshark 4.6.x < 4.6.3 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 4.6.3. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-4.6.3 advisory. - SOME/IP-SD protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of...

7.8CVSS6.2AI score0.00206EPSS
Exploits5References25
Rows per page
Query Builder