Lucene search
K

896 matches found

NVD
NVD
added yesterday5 views

CVE-2026-57157

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.28.0, FreeRDP server implementations with the MS-RDPECAM camera device enumerator channel enabled scan attacker-supplied DeviceName and VirtualChannelName fields for a NUL terminator in...

6.5CVSS
Exploits0References6
EUVD
EUVD
added yesterday5 views

EUVD-2026-43006

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.28.0, FreeRDP server implementations with the MS-RDPECAM camera device enumerator channel enabled scan attacker-supplied DeviceName and VirtualChannelName fields for a NUL terminator in...

6.5CVSS6.1AI score
Exploits0References6
CVE
CVE
added yesterday7 views

CVE-2026-57158

CVE-2026-57158 affects FreeRDP clients using the GFX pipeline (versions 3.21.0–3.27.x) where the fix for CVE-2026-23530 in planar_decompress_plane_rle_only was incomplete. A malicious RDP server could send a truncated RDPGFX_CMDID_WIRETOSURFACE_1 planar payload that reads one byte past the input ...

5.1CVSS6.1AI score
Exploits0References4
CVE
CVE
added 3 days ago7 views

CVE-2026-57257

CVE-2026-57257 impacts Foxit PDF Editor/Reader (PRC 3D BRep Renderer). During PRC parsing, there is a boundary-verification flaw for the PRC entity index, causing an out-of-bounds read of the entity array and resulting in a crash. CVSS: 6.1 (Local, Low attack complexity, User interaction required...

6.1CVSS5.9AI score0.00107EPSS
Exploits0References1Affected Software2
OSV
OSV
added 5 days ago3 views

OESA-2026-2845 perl security update

Perl 5 is a highly capable, feature-rich programming language with over 30 years of development. Perl 5 runs on over 100 platforms from portables to mainframes and is suitable for both rapid prototyping and large scale development projects. Security Fixes: Socket versions before 2.041 for Perl ha...

9.1CVSS5.9AI score0.00389EPSS
Exploits0References2
OSV
OSV
added 5 days ago4 views

OESA-2026-2843 perl security update

Perl 5 is a highly capable, feature-rich programming language with over 30 years of development. Perl 5 runs on over 100 platforms from portables to mainframes and is suitable for both rapid prototyping and large scale development projects. Security Fixes: Socket versions before 2.041 for Perl ha...

9.1CVSS5.9AI score0.00389EPSS
Exploits0References2
CVE
CVE
added 2026/07/03 12:56 p.m.17 views

CVE-2026-56015

CVE-2026-56015 affects Net::IP::LPM v1.10 and earlier for Perl, enabling a heap out-of-bounds read when adding prefixes with unbounded lengths. The bug arises in addPrefixToTrie() which walks the prefix buffer by prefix_length bits without verifying it against the address width (4 bytes IPv4, 16 ...

9.1CVSS6AI score0.00537EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/07/01 9:21 p.m.7 views

dnsmasq: RRSIG rdlen underflow leading to heap OOB read

A heap out-of-bounds read vulnerability was discovered in dnsmasq's DNSSEC validation. When processing RRSIG records, dnsmasq calculates the signature length by subtracting the fixed field size from the record's declared data length. A crafted RRSIG record with a data length smaller than the fixe...

7.5CVSS5.8AI score0.06226EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/29 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-12892

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in GStreamer's gst-plugins-bad package. When processing a specially crafted H.264 video file containing malformed MVC or SVC extension slice NA...

4.4CVSS6AI score0.00119EPSS
Exploits0References4
OSV
OSV
added 2026/06/28 9:26 a.m.2 views

SUSE-SU-2026:22382-1 Security update for giflib

This update for giflib fixes the following issue - CVE-2026-26740: heap out-of-bounds read when processing a specially crafted GIF file containing a GCE block with a truncated extension byte count bsc1259836...

8.2CVSS7.2AI score0.00618EPSS
Exploits1References3
NVD
NVD
added 2026/06/25 8:17 p.m.7 views

CVE-2026-12340

Out-of-bounds heap read during SM2/SM3 certificate signature verification. When parsing a certificate with an SM3wSM2 signature, the Subject Key Identifier computation reads the trailing 65 bytes of the public key without checking that the key is at least that long. A public key shorter than 65...

7.5CVSS0.00226EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/25 7:36 p.m.24 views

CVE-2026-12340 Out-of-bounds heap read in SM2/SM3 certificate Subject Key Identifier computation

Out-of-bounds heap read during SM2/SM3 certificate signature verification. When parsing a certificate with an SM3wSM2 signature, the Subject Key Identifier computation reads the trailing 65 bytes of the public key without checking that the key is at least that long. A public key shorter than 65...

6.3CVSS0.00226EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/25 7:36 p.m.6 views

CVE-2026-12340

Out-of-bounds heap read during SM2/SM3 certificate signature verification. When parsing a certificate with an SM3wSM2 signature, the Subject Key Identifier computation reads the trailing 65 bytes of the public key without checking that the key is at least that long. A public key shorter than 65...

6.3CVSS5.8AI score0.00226EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/06/25 7:36 p.m.5 views

EUVD-2026-39547

Out-of-bounds heap read during SM2/SM3 certificate signature verification. When parsing a certificate with an SM3wSM2 signature, the Subject Key Identifier computation reads the trailing 65 bytes of the public key without checking that the key is at least that long. A public key shorter than 65...

6.3CVSS5.8AI score0.00226EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 7:36 p.m.16 views

CVE-2026-12340

The CVE-2026-12340 issue is a concrete out-of-bounds heap read during SM2/SM3 certificate verification. Specifically, when parsing a certificate with an SM3wSM2 signature, the Subject Key Identifier is computed by reading the trailing 65 bytes of the public key without verifying the key length fi...

7.5CVSS5.8AI score0.00226EPSS
Exploits0References2Affected Software1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.20 views

Astra Linux – Vulnerability in libssh

A flaw was discovered in libssh, where a malicious SFTP SSH File Transfer Protocol server can exploit this by sending a malformed ‘longname’ field within an SSHFXPNAME message during a file listing operation. This missing null check can lead to reading beyond the allocated memory on the heap. Thi...

3.1CVSS6.6AI score0.00442EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/24 4:37 a.m.36 views

CVE-2026-9539 libslirp TCP URG OOB Read Information Leak

An out-of-bounds heap read and integer underflow in the TCP urgent data handling sosendoob in freedesktop.org libslirp version before v4.9.2 on hypervisor host environments e.g., QEMU allows a privileged guest VM attacker root or CAPNETRAW to leak gigabytes of sensitive host-process heap memory v...

6.5CVSS0.00106EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/24 4:37 a.m.6 views

CVE-2026-9539

An out-of-bounds heap read and integer underflow in the TCP urgent data handling sosendoob in freedesktop.org libslirp version before v4.9.2 on hypervisor host environments e.g., QEMU allows a privileged guest VM attacker root or CAPNETRAW to leak gigabytes of sensitive host-process heap memory v...

6.5CVSS5.9AI score0.00106EPSS
Exploits0
EUVD
EUVD
added 2026/06/24 4:37 a.m.10 views

EUVD-2026-38654

An out-of-bounds heap read and integer underflow in the TCP urgent data handling sosendoob in freedesktop.org libslirp version before v4.9.2 on hypervisor host environments e.g., QEMU allows a privileged guest VM attacker root or CAPNETRAW to leak gigabytes of sensitive host-process heap memory v...

6.5CVSS5.9AI score0.00106EPSS
Exploits0References3
OSV
OSV
added 2026/06/23 9:16 p.m.4 views

DEBIAN-CVE-2026-12892

A flaw was found in GStreamer's gst-plugins-bad package. When processing a specially crafted H.264 video file containing malformed MVC or SVC extension slice NAL units, a 1-byte heap out-of-bounds read can occur during parsing. This happens when the parser attempts to check slice boundary...

4.4CVSS5.8AI score0.00119EPSS
Exploits0References1
Rows per page
Query Builder