Lucene search
+L

15 matches found

OSV
OSV
added 2026/06/17 8:37 a.m.4 views

OPENSUSE-SU-2026:20976-1 Security update for go1.26

This update for go1.26 fixes the following issues Update to go1.26.4 bsc1255111: - CVE-2026-27145: crypto/x509: split candidate hostname only once bsc1267450. - CVE-2026-42504: mime: quadratic complexity in WordDecoder.DecodeHeader bsc1267442. - CVE-2026-42507: net/textproto: arbitrary input are...

7.5CVSS5.9AI score0.00939EPSS
Exploits0References9
EUVD
EUVD
added 2026/06/16 9:32 p.m.16 views

EUVD-2026-37191

In RtcpHeader::decodeRtcpHeader, there is a possible OOB read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

4.3CVSS5.6AI score0.00169EPSS
Exploits0References2
CVE
CVE
added 2026/06/16 6:51 p.m.20 views

CVE-2026-0157

Summary of findings (CVE-2026-0157): The available documents consistently describe an out-of-bounds read in RtcpHeader::decodeRtcpHeader, caused by a missing bounds check. This leads to remote information disclosure without requiring user interaction; exploitation can occur over the network. The ...

4.3CVSS5.7AI score0.00169EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/06/09 7:6 p.m.7 views

SUSE-SU-2026:2327-1 Security update for go1.26

This update for go1.26 fixes the following issues Update to go1.26.4 bsc1255111: - CVE-2026-27145: crypto/x509: split candidate hostname only once bsc1267450. - CVE-2026-42504: mime: quadratic complexity in WordDecoder.DecodeHeader bsc1267442. - CVE-2026-42507: net/textproto: arbitrary input are...

7.5CVSS5.7AI score0.00939EPSS
Exploits0References8
NVD
NVD
added 2026/04/06 7:16 p.m.29 views

CVE-2026-0049

In onHeaderDecoded of LocalImageResolver.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

6.2CVSS0.00101EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/03/31 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-5124

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security vulnerability has been detected in osrg GoBGP up to 4.3.0. Affected is the function BGPHeader.DecodeFromBytes of the file pkg/packet/bgp/bgp.go of th...

6.3CVSS5AI score0.00287EPSS
Exploits0References3
CVE
CVE
added 2026/03/30 4:15 p.m.25 views

CVE-2026-5124

The CVE-2026-5124 entry concerns osrg GoBGP up to 4.3.0. Affected is BGPHeader.DecodeFromBytes in pkg/packet/bgp/bgp.go (BGP Header Handler). The issue is improper access controls with remote exploitation possible, reported as high complexity and low ease of exploitation. A patch is identified by...

6.3CVSS5.2AI score0.00287EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2026/03/18 9:16 p.m.7 views

CVE-2026-31973

SAMtools is a program for reading, manipulating and writing bioinformatics file formats. Starting in version 1.17, in the cram-size command, used to write information about how well CRAM files are compressed, a check to see if the cramdecodecompressionheader was missing. If the function returned ...

7.5CVSS0.00523EPSS
Exploits0References3
CVE
CVE
added 2026/03/18 8:34 p.m.20 views

CVE-2026-31973

SAMtools includes a NULL pointer dereference in the cram-size path of CRAM header handling: if cram_decode_compression_header() returns an error, a NULL pointer dereference may occur, crashing the program. This affects 1.17+ before fixes. The available connected advisories confirm fixes in versio...

7.5CVSS5.8AI score0.00523EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/18 8:34 p.m.4 views

CVE-2026-31973 NULL pointer dereference in samtools cram-size

SAMtools is a program for reading, manipulating and writing bioinformatics file formats. Starting in version 1.17, in the cram-size command, used to write information about how well CRAM files are compressed, a check to see if the cramdecodecompressionheader was missing. If the function returned ...

6.9CVSS5.8AI score0.00523EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/10/06 8:9 a.m.6 views

CVE-2025-59733

When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that all image channels have the same pixel type and size, and that if there are four channels, the first four are "B", "G", "R" and "A". The channel parsing code can be found in decodeheader. The...

8.7CVSS5.9AI score0.00171EPSS
Exploits0
PyPA
PyPA
added 2016/12/23 10:59 p.m.5 views

PYSEC-2016-39

An exploitable out-of-bounds array access vulnerability exists in the xrowheaderdecode function of Tarantool 1.7.2.0-g8e92715. A specially crafted packet can cause the function to access an element outside the bounds of a global array that is used to determine the type of the specified key's valu...

7.8CVSS6.8AI score0.03675EPSS
Exploits2References4Affected Software1
OSV
OSV
added 2016/12/23 10:59 p.m.2 views

UBUNTU-CVE-2016-9037

An exploitable out-of-bounds array access vulnerability exists in the xrowheaderdecode function of Tarantool 1.7.2.0-g8e92715. A specially crafted packet can cause the function to access an element outside the bounds of a global array that is used to determine the type of the specified key's valu...

7.5CVSS7.1AI score0.03675EPSS
Exploits2References4
OSV
OSV
added 2016/12/23 10:59 p.m.3 views

PYSEC-2016-39

An exploitable out-of-bounds array access vulnerability exists in the xrowheaderdecode function of Tarantool 1.7.2.0-g8e92715. A specially crafted packet can cause the function to access an element outside the bounds of a global array that is used to determine the type of the specified key's valu...

7.5CVSS5.9AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2016/10/26 12:0 a.m.6 views

PT-2016-7630 · Tarantool · Tarantool

Name of the Vulnerable Software and Affected Versions: Tarantool version 1.7.2.0-g8e92715 Description: The issue is related to an out-of-bounds array access in the xrow header decode function. A specially crafted packet can cause the function to access an element outside the bounds of a global...

7.8CVSS7.2AI score0.03675EPSS
Exploits2References10
Rows per page
Query Builder