Lucene search
K

853 matches found

Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.22 views

PT-2026-45276

Name of the Vulnerable Software and Affected Versions Assimp versions prior to 6.0.5 Description A use after free issue exists in the ASE File Parser component within the aiNode::aiNode function of the scene.cpp file. This flaw allows a local attacker to execute a manipulation that leads to the u...

5.3CVSS5.9AI score0.00115EPSS
Exploits0References26
Talos Blog
Talos Blog
added 2026/05/28 10:0 a.m.19 views

DICOM, Pydicom, GDCM, and Orthanc: A technical tour of what really happens in the heap

Over the last decade, DICOM parsing has become an active research topic. The reason is simple: DICOM is both critical and complicated. Hospitals rely on DICOM-based PACS systems, and those systems often automatically ingest files received over the network. That means malformed data could directly...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/10 2:20 p.m.9 views

CVE-2026-42477

A heap-based out-of-bounds read vulnerability in RWObjReader::read in the OBJ file parser in Open CASCADE Technology OCCT V800rc5 allows user-assisted attackers to cause a denial of service or obtain sensitive information by persuading a victim to open a crafted OBJ file. The issue occurs because...

7.1CVSS5.9AI score0.00104EPSS
Exploits0References1
OSV
OSV
added 2026/05/09 12:32 p.m.6 views

OESA-2026-2227 wireshark security update

Wireshark is an open source tool for profiling network traffic and analyzing packets. Such a tool is often referred to as a network analyzer, network protocol analyzer or sniffer. Security Fixes: ICMPv6 PvD protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of...

7.8CVSS5.9AI score0.00206EPSS
Exploits37References38
OSV
OSV
added 2026/05/07 4:31 a.m.8 views

CLSA-2026-1778128255 wireshark: Fix of 8 CVEs

CVE-2022-0585: fix large/infinite loops in multiple dissectors AMP, ATN-ULCS, BP, GDSDB, PMUL, WAP, ZigBee ZCL, OpenFlow v5/v6, IPDC, TDS, ASN.1 PER, FTUINTBYTES/STRING - CVE-2022-4344: fix Kafka dissector memory exhaustion via decompression/loop bounds - CVE-2023-0666: fix RTPS dissector...

6.5CVSS6.8AI score0.02374EPSS
Exploits7References1
Snyk
Snyk
added 2026/05/01 5:33 p.m.7 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the read process of the OBJ file parser when handling crafted OBJ files. An attacker can cause a denial of service or obtain sensitive information by persuading a victim to open a specially crafted OBJ file that...

7.1CVSS5.9AI score0.00104EPSS
Exploits0References2
OSV
OSV
added 2026/05/01 3:16 p.m.6 views

DEBIAN-CVE-2026-42477

A heap-based out-of-bounds read vulnerability in RWObjReader::read in the OBJ file parser in Open CASCADE Technology OCCT V800rc5 allows user-assisted attackers to cause a denial of service or obtain sensitive information by persuading a victim to open a crafted OBJ file. The issue occurs because...

7.1CVSS5.9AI score0.00104EPSS
Exploits0References1
NVD
NVD
added 2026/05/01 3:16 p.m.6 views

CVE-2026-42477

A heap-based out-of-bounds read vulnerability in RWObjReader::read in the OBJ file parser in Open CASCADE Technology OCCT V800rc5 allows user-assisted attackers to cause a denial of service or obtain sensitive information by persuading a victim to open a crafted OBJ file. The issue occurs because...

7.1CVSS0.00104EPSS
Exploits0References1
OSV
OSV
added 2026/05/01 12:16 a.m.6 views

DEBIAN-CVE-2026-5404

K12 RF5 file parser crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.8AI score0.0012EPSS
Exploits1References1
NVD
NVD
added 2026/05/01 12:16 a.m.7 views

CVE-2026-5404

K12 RF5 file parser crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS0.0012EPSS
Exploits1References2
OSV
OSV
added 2026/05/01 12:16 a.m.7 views

UBUNTU-CVE-2026-5404

K12 RF5 file parser crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.8AI score0.0012EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2026/05/01 12:16 a.m.6 views

CVE-2026-5404

K12 RF5 file parser crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.8AI score0.0012EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/05/01 12:0 a.m.29 views

CVE-2026-42476

Two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser in Open CASCADE Technology OCCT V800rc5 exist in RWStlReader::ReadAscii because buffers returned by StandardReadLineBuffer::ReadLine are not properly length-validated before strncasecmp or direct byte access...

0.00106EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/01 12:0 a.m.33 views

CVE-2026-42477

A heap-based out-of-bounds read vulnerability in RWObjReader::read in the OBJ file parser in Open CASCADE Technology OCCT V800rc5 allows user-assisted attackers to cause a denial of service or obtain sensitive information by persuading a victim to open a crafted OBJ file. The issue occurs because...

0.00104EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.10 views

PT-2026-36475

Two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser in Open CASCADE Technology OCCT V8 0 0 rc5 exist in RWStl Reader::ReadAscii because buffers returned by Standard ReadLineBuffer::ReadLine are not properly length-validated before strncasecmp or direct byte access...

7.1CVSS5.8AI score0.00106EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/01 12:0 a.m.4 views

CVE-2026-42476

Two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser in Open CASCADE Technology OCCT V800rc5 exist in RWStlReader::ReadAscii because buffers returned by StandardReadLineBuffer::ReadLine are not properly length-validated before strncasecmp or direct byte access...

5.8AI score0.00106EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.12 views

Wireshark 安全漏洞

Wireshark is a set of network packet analysis tools developed by the Wireshark team. The software’s function is to capture network packets and display detailed data for analysis. Versions of Wireshark from 4.6.0 to 4.6.4, as well as 4.4.0 to 4.4.14, have security vulnerabilities. These...

5.5CVSS5.8AI score0.0012EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.9 views

Open Cascade OCCT 缓冲区错误漏洞

Open Cascade OCCT is a 3D modeling and geometry computation kernel from the French company Open Cascade. A buffer error vulnerability exists in Open Cascade OCCT version V800rc5, which stems from a heap-based out-of-bounds read issue in the RWObjReader::read function in the OBJ file parser, as...

7.1CVSS5.9AI score0.00104EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/05/01 12:0 a.m.4 views

CVE-2026-42477

A heap-based out-of-bounds read vulnerability in RWObjReader::read in the OBJ file parser in Open CASCADE Technology OCCT V800rc5 allows user-assisted attackers to cause a denial of service or obtain sensitive information by persuading a victim to open a crafted OBJ file. The issue occurs because...

7.1CVSS5.9AI score0.00104EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/05/01 12:0 a.m.7 views

CVE-2026-42476

Two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser in Open CASCADE Technology OCCT V800rc5 exist in RWStlReader::ReadAscii because buffers returned by StandardReadLineBuffer::ReadLine are not properly length-validated before strncasecmp or direct byte access...

7.1CVSS5.8AI score0.00106EPSS
Exploits0
Rows per page
Query Builder