Lucene search
K

616 matches found

RedhatCVE
RedhatCVE
added 4 days ago8 views

CVE-2026-53877

A flaw was found in Django. Instantiating django.contrib.gis.gdal.GDALRaster with a bytes object representing a raster file can trigger a heap buffer over-read in the vsibuffer property, reading roughly 32 bytes past the end of the allocated buffer. An attacker who can supply crafted raster data...

6.3CVSS6.1AI score0.00291EPSS
Exploits0References3
Snyk
Snyk
added last week5 views

Buffer Access with Incorrect Length Value

Overview Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Affected versions of this package are vulnerable to Buffer Access with Incorrect Length Value in the GDALRaster process when constructed from a bytes object. An attacker can access...

6.3CVSS6AI score0.00291EPSS
Exploits0References2
Debian CVE
Debian CVE
added last week7 views

CVE-2026-53877

An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16. django.contrib.gis.gdal.GDALRaster over-reads its in-memory buffer when constructed from a bytes object, which can disclose adjacent memory or cause service degradation via a potential segmentation fault when the vsibuffer...

6.3CVSS6AI score0.00291EPSS
Exploits0
EUVD
EUVD
added last week8 views

EUVD-2026-42044

An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16. django.contrib.gis.gdal.GDALRaster over-reads its in-memory buffer when constructed from a bytes object, which can disclose adjacent memory or cause service degradation via a potential segmentation fault when the vsibuffer...

6.3CVSS6AI score0.00291EPSS
Exploits0References3
CVE
CVE
added last week14 views

CVE-2026-53877

This CVE affects Django’s GIS GDALRaster: in Django 6.0 prior to 6.0.7 and 5.2 prior to 5.2.16, constructing GDALRaster from a bytes object causes an in-memory buffer over-read, potentially disclosing adjacent memory or triggering a segmentation fault when the vsi_buffer property is accessed. Ear...

6.3CVSS6AI score0.00291EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added last week34 views

CVE-2026-53877 Heap buffer over-read in GDALRaster

An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16. django.contrib.gis.gdal.GDALRaster over-reads its in-memory buffer when constructed from a bytes object, which can disclose adjacent memory or cause service degradation via a potential segmentation fault when the vsibuffer...

6.3CVSS0.00291EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/07/07 12:0 a.m.11 views

PT-2026-56196

Name of the Vulnerable Software and Affected Versions Django versions 6.0 through 6.0.6 Django versions 5.2 through 5.2.15 Description An issue exists where django.contrib.gis.gdal.GDALRaster over-reads its in-memory buffer when constructed from a bytes object. This can lead to the disclosure of...

7.5CVSS6.2AI score0.62575EPSS
Exploits0References80
Tenable Nessus
Tenable Nessus
added 2026/07/07 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-53877

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16. django.contrib.gis.gdal.GDALRaster over-reads its in-memory buffer when constructed fr...

6.3CVSS7AI score0.00291EPSS
Exploits0References3
Wolfi
Wolfi
added 2026/06/08 7:48 p.m.12 views

GHSA-J3F5-RW74-G4RV vulnerabilities

Vulnerabilities for packages: gdal...

5.4AI score
Exploits0
Wolfi
Wolfi
added 2026/06/08 7:48 p.m.13 views

GHSA-R5M4-5VWW-W9F5 vulnerabilities

Vulnerabilities for packages: gdal...

5.4AI score
Exploits0
Wolfi
Wolfi
added 2026/06/08 7:48 p.m.11 views

GHSA-H9RH-5FFH-H669 vulnerabilities

Vulnerabilities for packages: gdal...

5.4AI score
Exploits0
Wolfi
Wolfi
added 2026/06/08 7:48 p.m.14 views

CVE-2026-8088 vulnerabilities

Vulnerabilities for packages: gdal...

5.5CVSS5.4AI score0.00246EPSS
Exploits1
Wolfi
Wolfi
added 2026/06/08 7:48 p.m.12 views

CVE-2026-8212 vulnerabilities

Vulnerabilities for packages: gdal...

5.5CVSS5.4AI score0.00205EPSS
Exploits1
Wolfi
Wolfi
added 2026/06/08 7:48 p.m.15 views

CVE-2026-8087 vulnerabilities

Vulnerabilities for packages: gdal...

7.8CVSS5.4AI score0.00223EPSS
Exploits1
Chainguard
Chainguard
added 2026/06/08 7:18 p.m.14 views

GHSA-R5M4-5VWW-W9F5 vulnerabilities

Vulnerabilities for packages: gdal...

5.4AI score
Exploits0
Chainguard
Chainguard
added 2026/06/08 7:18 p.m.13 views

GHSA-H9RH-5FFH-H669 vulnerabilities

Vulnerabilities for packages: gdal...

5.4AI score
Exploits0
Chainguard
Chainguard
added 2026/06/08 7:18 p.m.12 views

CVE-2026-8088 vulnerabilities

Vulnerabilities for packages: gdal...

5.5CVSS5.2AI score0.00246EPSS
Exploits1
Chainguard
Chainguard
added 2026/06/08 7:18 p.m.16 views

GHSA-J3F5-RW74-G4RV vulnerabilities

Vulnerabilities for packages: gdal...

5.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:42 p.m.12 views

CVE-2026-8086

A vulnerability was identified in OSGeo gdal up to 3.13.0dev-4. This issue affects the function SWnentries of the file frmts/hdf4/hdf-eos/SWapi.c. Such manipulation of the argument DimensionName leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is publicly...

7.8CVSS6AI score0.00237EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/06/01 12:0 a.m.11 views

Ubuntu 14.04 LTS / 16.04 LTS : GDAL vulnerability (USN-8345-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8345-1 advisory. It was discovered that the vendored LibTIFF in GDAL incorrectly handled memory when parsing malformed TIFF image metadata. An attacker could possibly...

8.8CVSS6.7AI score0.00739EPSS
Exploits0References2
Rows per page
Query Builder