Lucene search
+L

927 matches found

mscve
mscve
added 2 days ago10 views

Perl versions through 5.43.10 have an integer overflow in S_measure_struct leading to an out-of-bounds heap read in pack and unpack

...

8.4CVSS6.1AI score0.00196EPSS
Exploits0
redhat
redhat
added 2 days ago4 views

perl-XML-LibXML: XML::LibXML: Denial of Service via truncated UTF-8 in XML node names

A flaw was found in XML::LibXML for Perl. A remote attacker could exploit this vulnerability when processing specially crafted XML node names containing incomplete UTF-8 character sequences. This can lead to an out-of-bounds read in heap memory, potentially causing the application to crash and...

7.5CVSS6AI score0.00629EPSS
Exploits0References6
cvelist
cvelist
added 3 days ago40 views

CVE-2026-15720 Pre-auth heap out-of-bounds read in the AMF NAS 5GS mobile-identity handler

In Open5GS through version 2.7.7 a pre-authentication heap out-of-bounds read in the AMF NAS 5GS mobile-identity handler may result in subscriber-wide denial of service...

8.6CVSS0.00371EPSS
Exploits0References1
cve
cve
added 3 days ago8 views

CVE-2026-15720

Open5GS up to version 2.7.7 is affected by a pre-authentication heap out-of-bounds read in the AMF NAS 5GS mobile-identity handler, which may cause subscriber-wide denial of service. The CVE entry consolidates this as CVE-2026-15720. The connected sources (NVD/NVD CVE records) confirm the vulnera...

8.6CVSS6.1AI score0.00371EPSS
Exploits0References1
osv
osv
added 3 days ago2 views

SUSE-SU-2026:2954-1 Security update for krb5

This update for krb5 fixes the following issue - CVE-2026-11850: integer underflow in berval2tldata leads to heap out-of-bounds read bsc1268131...

5CVSS6AI score0.00261EPSS
Exploits0References3
osv
osv
added 3 days ago7 views

MGASA-2026-0251 Updated perl-Socket packages fix security vulnerability

Socket versions before 2.041 for Perl have an out-of-bounds heap read. CVE-2026-12087...

9.1CVSS6.1AI score0.00389EPSS
Exploits0References3
nessus
nessus
added 3 days ago5 views

Linux Distros Unpatched Vulnerability : CVE-2026-58102

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow a heap out-of-bounds read via a long certificate extension OID in hvexts. When building the extension...

9.1CVSS6.2AI score0.00222EPSS
Exploits0References3
osv
osv
added 4 days ago5 views

DEBIAN-CVE-2026-58102

Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow a heap out-of-bounds read via a long certificate extension OID in hvexts. When building the extension hash via extensions, extensionsbylongname, extensionsbyoid, or hasextensionoid, the code passes OBJobj2txt's return value as the hash-key...

9.1CVSS6.2AI score0.00222EPSS
Exploits0References1
osv
osv
added 4 days ago2 views

SUSE-SU-2026:2931-1 Security update for libslirp

This update for libslirp fixes the following issues: - CVE-2026-9539: TCP URG out of bounds heap read information leak bsc1268903...

6.5CVSS6.1AI score0.00106EPSS
Exploits0References3
nvd
nvd
added 4 days ago16 views

CVE-2026-57432

Perl versions through 5.43.10 have an integer overflow in Smeasurestruct leading to an out-of-bounds heap read in pack and unpack. Smeasurestruct adds each item's size times its repeat count to a running total with no overflow check, so a large repeat count in a pack or unpack template wraps the...

8.4CVSS0.00196EPSS
Exploits0References3
cve
cve
added 4 days ago13 views

CVE-2026-57432

CVE-2026-57432 detail (supported by connected docs): Perl versions through 5.43.10 contain an integer overflow in the S_measure_struct function that sums item sizes (size × repeat) without overflow checks. A large repeat count in a pack or unpack template can wrap the signed SSize_t total negativ...

8.4CVSS6.2AI score0.00196EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 4 days ago39 views

CVE-2026-57432 Perl versions through 5.43.10 have an integer overflow in S_measure_struct leading to an out-of-bounds heap read in pack and unpack

Perl versions through 5.43.10 have an integer overflow in Smeasurestruct leading to an out-of-bounds heap read in pack and unpack. Smeasurestruct adds each item's size times its repeat count to a running total with no overflow check, so a large repeat count in a pack or unpack template wraps the...

0.00196EPSS
Exploits0References2
osv
osv
added 4 days ago3 views

CVE-2026-57432 Perl versions through 5.43.10 have an integer overflow in S_measure_struct leading to an out-of-bounds heap read in pack and unpack

Perl versions through 5.43.10 have an integer overflow in Smeasurestruct leading to an out-of-bounds heap read in pack and unpack. Smeasurestruct adds each item's size times its repeat count to a running total with no overflow check, so a large repeat count in a pack or unpack template wraps the...

8.4CVSS6.2AI score0.00196EPSS
Exploits0References7
osv
osv
added 4 days ago1 views

SUSE-SU-2026:2886-1 Security update for libslirp

This update for libslirp fixes the following issues: - CVE-2026-9539: TCP URG out of bounds heap read information leak bsc1268903...

6.5CVSS6.1AI score0.00106EPSS
Exploits0References3
redhatcve
redhatcve
added last week5 views

CVE-2026-57157

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. FreeRDP server implementations with the MS-RDPECAM camera device enumerator channel enabled are vulnerable to an out-of-bounds heap read. A malicious RDP client can exploit this by manipulating the DeviceName a...

6.5CVSS6AI score0.00539EPSS
Exploits1References9
nvd
nvd
added last week6 views

CVE-2026-57157

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.28.0, FreeRDP server implementations with the MS-RDPECAM camera device enumerator channel enabled scan attacker-supplied DeviceName and VirtualChannelName fields for a NUL terminator in...

6.5CVSS0.00539EPSS
Exploits1References6
osv
osv
added last week3 views

CVE-2026-57157 Out-of-bounds read in the camera device enumerator server (rdpecam) via unterminated DeviceName / VirtualChannelName

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.28.0, FreeRDP server implementations with the MS-RDPECAM camera device enumerator channel enabled scan attacker-supplied DeviceName and VirtualChannelName fields for a NUL terminator in...

6.5CVSS6.1AI score0.00539EPSS
Exploits1References8
euvd
euvd
added last week7 views

EUVD-2026-43006

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.28.0, FreeRDP server implementations with the MS-RDPECAM camera device enumerator channel enabled scan attacker-supplied DeviceName and VirtualChannelName fields for a NUL terminator in...

6.5CVSS6.1AI score0.00539EPSS
Exploits1References6
cve
cve
added last week14 views

CVE-2026-57158

FreeRDP (Remote Desktop Protocol client) is affected in versions 3.21.0 through 3.27.x where the GFX pipeline’s planar_decompress_plane_rle_only fix is incomplete, allowing a malicious RDP server to send a truncated RDPGFX_CMDID_WIRETOSURFACE_1 planar payload that may read one byte past the input...

9.1CVSS6.1AI score0.0069EPSS
Exploits1References4Affected Software1
osv
osv
added last week1 views

SUSE-SU-2026:2849-1 Security update for krb5

This update for krb5 fixes the following issue - CVE-2026-11850: integer underflow in berval2tldata leads to heap out-of-bounds read bsc1268131...

5CVSS6AI score0.00261EPSS
Exploits0References3
Rows per page
Query Builder