Lucene search
K

639 matches found

CVE
CVE
added 2026/07/01 3:33 a.m.57 views

CVE-2026-7840

CVE-2026-7840 (UltraVNC repeater) : A global buffer overflow in the embedded HTTP administration server affects UltraVNC repeater versions up to 1.8.2.2. The functions wi_senderr() and wi_replyhdr() copy the caller-supplied HTTP request URI into a fixed 1000-byte buffer (hdrbuf) using unchecked s...

9.8CVSS6.6AI score0.01439EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/06/29 10:15 a.m.29 views

CVE-2026-41992

GNU gzip is affected by a global buffer overflow in the LZH decompression logic caused by reusing a shared global state across LZ77/LZW/LZH within a single run. The vulnerability arises from a global array not reinitialized between files, enabling an attacker to deplete or poison the shared state...

7.5CVSS6AI score0.00294EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/29 10:15 a.m.54 views

CVE-2026-41992 Global Buffer Overflow in GNU gzip

GNU gzip contains a global buffer overflow vulnerability in the LZH decompression logic caused by improper reuse of shared global state between different decompression formats within a single execution. GNU gzip maintains a global array that is shared across the LZ77, LZW, and LZH decompression...

6.9CVSS0.00294EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/29 10:15 a.m.16 views

CVE-2026-41992

GNU gzip contains a global buffer overflow vulnerability in the LZH decompression logic caused by improper reuse of shared global state between different decompression formats within a single execution. GNU gzip maintains a global array that is shared across the LZ77, LZW, and LZH decompression...

7.5CVSS6AI score0.00294EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/06/29 10:15 a.m.6 views

CVE-2026-41992

GNU gzip contains a global buffer overflow vulnerability in the LZH decompression logic caused by improper reuse of shared global state between different decompression formats within a single execution. GNU gzip maintains a global array that is shared across the LZ77, LZW, and LZH decompression...

7.5CVSS6AI score0.00294EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.20.1, a global-buffer-overflow issue was observed during FreeRDP’s Base64 decoding process. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char values are treated...

9.1CVSS5.3AI score0.00599EPSS
Exploits1References3
OSV
OSV
added 2026/06/06 12:19 a.m.15 views

OSV-2026-863 Global-buffer-overflow in cram_decoder_init

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=519841736 Crash type: Global-buffer-overflow READ 8 Crash state: cramdecoderinit cramdecodecompressionheader cramnextslice...

5.4AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/06 12:0 a.m.12 views

PT-2026-49602

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=519841736 Crash type: Global-buffer-overflow READ 8 Crash state: cram decoder init cram decode compression header cram next slice...

5.2AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/02 10:29 p.m.12 views

php: global buffer over-read in mb_convert_encoding() with attacker-supplied encoding

A flaw was found in PHP. When an encoding name containing an embedded NUL byte is passed to mbconvertencoding or related mbstring functions, an out-of-bounds read of only 1 byte can occur due to the incorrect processing of string lengths. This issue can cause a denial of service or limited...

9.1CVSS5.7AI score0.00469EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.15 views

Astra Linux – Vulnerability in SOX

A flaw was discovered in sox 14.4.1. The lsxadpcminit function within libsox causes a global-buffer-overflow. This flaw allows an attacker to introduce a malicious file, resulting in the disclosure of sensitive information...

9.1CVSS7.3AI score0.01489EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in aom

It was discovered that AOM v2.0.1 contains a global buffer overflow issue through the component av1/encoder/partitionsearch.h...

8.8CVSS8.2AI score0.01648EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in fig2dev

Fig2dev 3.2.7b contains a global buffer overflow in the setfigfont function in genepic.c...

5.5CVSS6.7AI score0.01078EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: orangefs: The issue with memory leaks in orangefskernel,clientdebuginit was fixed. When the orangefs module is inserted or removed, memory leaks occur as follows: unreferenced object 0xffff88816b0cc000 size 2048: comm "insmod", p...

5.5CVSS6AI score0.00146EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in libxml2

The GNOME project’s libxml2 v2.9.10 has a global buffer over-read vulnerability in the xmlEncodeEntitiesInternal function within libxml2/entities.c. This issue has been fixed in the commit numbered 50f06b3e...

6.5CVSS7.2AI score0.03672EPSS
Exploits1References2
OSV
OSV
added 2026/05/14 12:5 a.m.10 views

OSV-2026-727 Global-buffer-overflow in md_start_new_block

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=512429152 Crash type: Global-buffer-overflow READ 4 Crash state: mdstartnewblock mdparse mdhtml...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/12 8:56 a.m.7 views

BIT-PHP-MIN-2026-6104 Global buffer over-read in mb_convert_encoding() with attacker-supplied encoding

In PHP versions 8.4. before 8.4.21 and 8.5. before 8.5.6, when an encoding name containing an embedded NUL byte is passed to mbconvertencoding or related mbstring functions, the code incorrectly assumes that when strncasecmp returns 0 it means the strings have the same length. This can lead to...

9.1CVSS5.9AI score0.00469EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/05/10 4:35 a.m.9 views

CVE-2026-6104 Global buffer over-read in mb_convert_encoding() with attacker-supplied encoding

In PHP versions 8.4. before 8.4.21 and 8.5. before 8.5.6, when an encoding name containing an embedded NUL byte is passed to mbconvertencoding or related mbstring functions, the code incorrectly assumes that when strncasecmp returns 0 it means the strings have the same length. This can lead to...

6.3CVSS5.9AI score0.00469EPSS
Exploits0References1
OSV
OSV
added 2026/05/04 1:12 p.m.6 views

JLSEC-2026-408

A denial of service vulnerability exists in curl v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using alarm and siglongjmp. When doi...

5.9CVSS5.9AI score0.02658EPSS
Exploits1References18
OSV
OSV
added 2026/04/27 1:45 p.m.16 views

JLSEC-2026-204

NASM v2.16 was discovered to contain a global buffer overflow in the component dbgdbgtypevalue at /output/outdbg.c...

7.8CVSS6.3AI score0.00357EPSS
Exploits1References2
SUSE Linux
SUSE Linux
added 2026/04/27 12:6 p.m.4 views

Security update for freerdp

This update for freerdp fixes the following issues: CVE-2026-25941: Out-of-Bounds Read in client RDPGFX channel via crafted WIRETOSURFACE2 PDU bsc1258919. CVE-2026-25942: Global-buffer-overflow in xfrailserverexecuteresult bsc1258920. CVE-2026-25952: Heap-use-after-free in xfSetWindowMinMaxInfo...

8.2CVSS5.7AI score0.00599EPSS
Exploits13References58
Rows per page
Query Builder