Lucene search
K

576 matches found

CVE
CVE
added 2026/07/01 3:33 a.m.30 views

CVE-2026-7840

CVE-2026-7840 (UltraVNC repeater) : A global buffer overflow in the embedded HTTP administration server affects UltraVNC repeater versions up to 1.8.2.2. The functions wi_senderr() and wi_replyhdr() copy the caller-supplied HTTP request URI into a fixed 1000-byte buffer (hdrbuf) using unchecked s...

9.8CVSS6.6AI score0.01203EPSS
Exploits0References2
CVE
CVE
added 2026/06/29 10:15 a.m.20 views

CVE-2026-41992

GNU gzip is affected by a global buffer overflow in the LZH decompression logic caused by reusing a shared global state across LZ77/LZW/LZH within a single run. The vulnerability arises from a global array not reinitialized between files, enabling an attacker to deplete or poison the shared state...

7.5CVSS6AI score0.00294EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/29 10:15 a.m.45 views

CVE-2026-41992 Global Buffer Overflow in GNU gzip

GNU gzip contains a global buffer overflow vulnerability in the LZH decompression logic caused by improper reuse of shared global state between different decompression formats within a single execution. GNU gzip maintains a global array that is shared across the LZ77, LZW, and LZH decompression...

6.9CVSS0.00294EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/29 10:15 a.m.13 views

CVE-2026-41992

GNU gzip contains a global buffer overflow vulnerability in the LZH decompression logic caused by improper reuse of shared global state between different decompression formats within a single execution. GNU gzip maintains a global array that is shared across the LZ77, LZW, and LZH decompression...

7.5CVSS6AI score0.00294EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/06/29 10:15 a.m.5 views

CVE-2026-41992

GNU gzip contains a global buffer overflow vulnerability in the LZH decompression logic caused by improper reuse of shared global state between different decompression formats within a single execution. GNU gzip maintains a global array that is shared across the LZ77, LZW, and LZH decompression...

7.5CVSS6AI score0.00294EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.15 views

Astra Linux – Vulnerability in SOX

A flaw was discovered in sox 14.4.1. The lsxadpcminit function within libsox causes a global-buffer-overflow. This flaw allows an attacker to introduce a malicious file, resulting in the disclosure of sensitive information...

9.1CVSS7.3AI score0.01489EPSS
Exploits0References2
OSV
OSV
added 2026/06/06 12:19 a.m.15 views

OSV-2026-863 Global-buffer-overflow in cram_decoder_init

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=519841736 Crash type: Global-buffer-overflow READ 8 Crash state: cramdecoderinit cramdecodecompressionheader cramnextslice...

5.4AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/06 12:0 a.m.10 views

PT-2026-49602

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=519841736 Crash type: Global-buffer-overflow READ 8 Crash state: cram decoder init cram decode compression header cram next slice...

5.2AI score
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in fig2dev

Fig2dev 3.2.7b contains a global buffer overflow in the setfigfont function in genepic.c...

5.5CVSS6.7AI score0.01044EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in aom

It was discovered that AOM v2.0.1 contains a global buffer overflow issue through the component av1/encoder/partitionsearch.h...

8.8CVSS8.2AI score0.01648EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.20.1, a global-buffer-overflow issue was observed during FreeRDP’s Base64 decoding process. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char values are treated...

9.1CVSS5.3AI score0.00599EPSS
Exploits1References2
OSV
OSV
added 2026/05/14 12:5 a.m.10 views

OSV-2026-727 Global-buffer-overflow in md_start_new_block

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=512429152 Crash type: Global-buffer-overflow READ 4 Crash state: mdstartnewblock mdparse mdhtml...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/04/27 1:45 p.m.14 views

JLSEC-2026-204

NASM v2.16 was discovered to contain a global buffer overflow in the component dbgdbgtypevalue at /output/outdbg.c...

7.8CVSS6.3AI score0.00357EPSS
Exploits1References2
SUSE Linux
SUSE Linux
added 2026/04/27 12:6 p.m.4 views

Security update for freerdp

This update for freerdp fixes the following issues: CVE-2026-25941: Out-of-Bounds Read in client RDPGFX channel via crafted WIRETOSURFACE2 PDU bsc1258919. CVE-2026-25942: Global-buffer-overflow in xfrailserverexecuteresult bsc1258920. CVE-2026-25952: Heap-use-after-free in xfSetWindowMinMaxInfo...

8.2CVSS5.7AI score0.00599EPSS
Exploits13References58
SUSE Linux
SUSE Linux
added 2026/04/27 12:6 p.m.4 views

Security update for freerdp

This update for freerdp fixes the following issues: CVE-2026-25941: Out-of-Bounds Read in client RDPGFX channel via crafted WIRETOSURFACE2 PDU bsc1258919. CVE-2026-25942: Global-buffer-overflow in xfrailserverexecuteresult bsc1258920. CVE-2026-25952: Heap-use-after-free in xfSetWindowMinMaxInfo...

8.2CVSS5.7AI score0.00599EPSS
Exploits13References58
OSV
OSV
added 2026/04/27 12:5 p.m.5 views

SUSE-SU-2026:1633-1 Security update for freerdp

This update for freerdp fixes the following issues: - CVE-2026-25941: Out-of-Bounds Read in client RDPGFX channel via crafted WIRETOSURFACE2 PDU bsc1258919. - CVE-2026-25942: Global-buffer-overflow in xfrailserverexecuteresult bsc1258920. - CVE-2026-25952: Heap-use-after-free in...

9.8CVSS5AI score0.00599EPSS
Exploits15References35
SUSE Linux
SUSE Linux
added 2026/04/27 12:4 p.m.6 views

Security update for freerdp

This update for freerdp fixes the following issues: CVE-2026-25941: Out-of-Bounds Read in client RDPGFX channel via crafted WIRETOSURFACE2 PDU bsc1258919. CVE-2026-25942: Global-buffer-overflow in xfrailserverexecuteresult bsc1258920. CVE-2026-25952: Heap-use-after-free in xfSetWindowMinMaxInfo...

8.2CVSS5.7AI score0.00599EPSS
Exploits13References58
OSV
OSV
added 2026/04/11 12:21 a.m.12 views

OSV-2026-561 Global-buffer-overflow in nameMatch

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=500975977 Crash type: Global-buffer-overflow READ 1 Crash state: nameMatch QStringConverter::QStringConverter KMime::HeaderParsing::parseEncodedWord...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/03/20 10:32 a.m.5 views

CLSA-2026-1774002757 Fix CVE(s): CVE-2026-25898

SECURITY UPDATE: global buffer overflow read in UIL and XPM encoders. - debian/patches/CVE-2026-25898.patch: clamp negative pixel index values to zero in WriteUILImage, WritePICONImage, and WriteXPMImage before using them as array subscripts into the Cixel table. - CVE-2026-25898...

9.1CVSS7.1AI score0.00348EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/03/12 12:0 a.m.9 views

RHEL 8 : freerdp (RHSA-2026:4433)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4433 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to R...

9.1CVSS6AI score0.00756EPSS
Exploits2References6
Rows per page
Query Builder