Lucene search
+L

7 matches found

osv
osv
added 2026/07/06 6:50 p.m.4 views

CVE-2026-55380 Pillow GdImageFile decompression bomb protection bypass

Pillow is a Python imaging library. Prior to 12.3.0, PIL/GdImageFile.py GdImageFile.open read image dimensions from the GD 2.x header and stored them in self.size without calling Image.decompressionbombcheck, allowing a crafted .gd file to trigger excessive C-heap allocation when loaded. This iss...

7.5CVSS6AI score0.00361EPSS
Exploits1References5
debiancve
debiancve
added 2025/08/28 9:54 p.m.4 views

CVE-2025-58058

xz is a pure golang package for reading and writing xz-compressed files. Prior to version 0.5.14, it is possible to put data in front of an LZMA-encoded byte stream without detecting the situation while reading the header. This can lead to increased memory consumption because the current...

5.3CVSS7.3AI score0.00385EPSS
Exploits0
nessus
nessus
added 2025/08/27 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2022-30780

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service CPU consumption from stuck connections because connectionreadheadermore in...

7.5CVSS7.2AI score0.56418EPSS
Exploits3References2
amazon
amazon
added 2024/01/09 12:0 a.m.7 views

Medium: libsndfile

Issue Overview: Multiple signed integers overflow in function aureadheader in src/au.c and in functions mat4open and mat4readheader in src/mat4.c in Libsndfile, allows an attacker to cause Denial of Service or other unspecified impacts. CVE-2022-33065 Affected Packages: libsndfile Note: This...

7.8CVSS7.3AI score0.00351EPSS
Exploits1
osv
osv
added 2019/04/01 11:34 a.m.3 views

USN-3928-1 dovecot vulnerability

It was discovered that Dovecot incorrectly handled reading certain headers from the index. A local attacker could possibly use this issue to escalate privileges...

8.8CVSS6.7AI score0.01178EPSS
Exploits0References2
bdu_fstec
bdu_fstec
added 2019/03/06 12:0 a.m.5 views

The vulnerability of the archive_read_format_cab_read_header function in the libarchive library, which allows a hacker to cause a service failure.

The vulnerability of the archivereadformatcabreadheader function in the archivereadsupportformatcab.c library of the libarchive library is related to buffer overflow attacks. Exploiting this vulnerability could allow a malicious actor to cause service interruptions using a specially created file...

5.5CVSS6.9AI score0.01605EPSS
Exploits0References3Affected Software2
redhat
redhat
added 2019/02/18 4:55 p.m.14 views

httpd: Out of bounds access after failure in reading the HTTP request

A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP header. This vulnerability is considered very hard if not impossible to trigger in non-debug mode both log and build level...

5.9CVSS7.3AI score0.15564EPSS
Exploits0References5
Rows per page
Query Builder