Lucene search
+L

17783 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.12 views

Astra Linux – Vulnerability in GIMP

A flaw was discovered in GIMP. A heap-buffer-overflow vulnerability exists in the freadpascalstring function when processing a specially crafted Photoshop Document file. This occurs because the buffer allocated for a Pascal string is not properly null-terminated, leading to an out-of-bounds read...

6.5CVSS7.2AI score0.00485EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: fix OOB read in decodechoice In decodechoice, the boundary check before getlen uses the variable len, which remains 0 after initialization at the beginning of the function: unsigned int type, ext, len ...

8.2CVSS6AI score0.00463EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in binutils

A flaw was discovered in binutils. A heap-buffer-overflow vulnerability exists when processing a specially crafted XCOFF Extended Common Object File Format object file during linking. A local attacker could trick a user into processing this malicious file, which could lead to arbitrary code...

7.8CVSS6.3AI score0.00171EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in PDFium in Google Chrome prior to version 147.0.7727.101 allowed a remote attacker to execute arbitrary code within a sandbox through a crafted PDF file. Chromium security severity: High...

8.8CVSS7.9AI score0.00336EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.0, a underflow of the sizet variable in the IMA-ADPCM and MS-ADPCM audio decoders led to a heap-buffer-overflow issue through the RDPSND audio channel. In libfreerdp/codec/dsp.c, the IMA-ADPCM and MS-ADPCM...

9.8CVSS6AI score0.00317EPSS
Exploits1References3
OSV
OSV
added 2026/06/24 5:41 a.m.7 views

MGASA-2026-0229 Updated podofo packages fix security vulnerabilities

Podofo v0.9.8 shares some of the vulnerable code that was discovered in Podofo v0.10.0. This package fixes that. CVE-2023-31567 Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptAESV3::PdfEncryptAESV3. CVE-2023-31568 Podofo v0.10.0 was discovered ...

8.8CVSS7.3AI score0.00749EPSS
Exploits2References6
OSV
OSV
added 2026/06/22 2:37 p.m.2 views

OPENSUSE-SU-2026:21011-1 Security update for 389-ds

This update for 389-ds fixes the following issue - CVE-2026-9064: unbounded LDAP controls count in getldapmessagecontrolsext can lead to amplified CPU time and heap allocation and a denial of service bsc1265898. Changes for 389-ds: - Update to version 3.0.6git337.647f49042: Issue 7541 -...

7.5CVSS5.7AI score0.00815EPSS
Exploits0References2
OSV
OSV
added 2026/06/22 12:23 p.m.2 views

SUSE-SU-2026:22315-1 Security update for openssl-3

This update for openssl-3 fixes the following issues - CVE-2026-2673: TLS 1.3 servers may choose unexpected key agreement group bsc1259652. - CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion bsc1266340. - CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based...

9.1CVSS7.1AI score0.02719EPSS
Exploits0References31
RedhatCVE
RedhatCVE
added 2026/06/22 4:41 a.m.12 views

CVE-2026-12030

The following flaw was identified in the Chromium browser: Heap buffer overflow GPU. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=518007423...

8.3CVSS6.1AI score0.00191EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/22 3:56 a.m.6 views

poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

7.8CVSS6.1AI score0.00252EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/22 3:12 a.m.7 views

poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

7.8CVSS6.1AI score0.00252EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/22 3:12 a.m.10 views

Important: Red Hat Security Advisory: poppler security update

An update for poppler is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

7.8CVSS6.1AI score0.00252EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/22 2:41 a.m.13 views

Important: Red Hat Security Advisory: poppler security update

An update for poppler is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabili...

7.8CVSS6.1AI score0.00252EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.6 views

RHEL 8 : poppler (RHSA-2026:27724)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:27724 advisory. Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: Integer overflow in Poppl...

7.8CVSS6.1AI score0.00252EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.8 views

Amazon Linux 2 : freerdp, --advisory ALAS2-2026-3356 (ALAS-2026-3356)

The version of freerdp installed on the remote host is prior to 2.11.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3356 advisory. FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in gdiCacheToSurface that allows remote attackers to...

9.8CVSS7.4AI score0.03453EPSS
Exploits4References10
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.26 views

Amazon Linux 2023 : jq, jq-devel (ALAS2023-2026-1860)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1860 advisory. jq --rawfile invalid-state reuse after String too long causes heap-buffer-overflow CVE-2026-49839 Tenable has extracted the preceding description block directly from the tested product security advisor...

7.1CVSS6AI score0.00165EPSS
Exploits1References4
OSV
OSV
added 2026/06/21 8:16 p.m.5 views

DEBIAN-CVE-2026-12805

A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected element is the function XMLNode::parseFile in the library ofstd/libsrc/ofxml.cc. Executing a manipulation can lead to heap-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used...

5.3CVSS5.8AI score0.00279EPSS
Exploits0References1
OSV
OSV
added 2026/06/20 7:7 a.m.3 views

OPENSUSE-SU-2026:21114-1 Security update for mozjs128

This update for mozjs128 fixes the following issue - CVE-2025-70103: libjxl: heap buffer overflow when hen processing crafted pbm-images due to insufficient bounds checks bsc1266463...

7.3CVSS6AI score0.00367EPSS
Exploits0References2
OSV
OSV
added 2026/06/20 6:56 a.m.2 views

SUSE-SU-2026:22208-1 Security update for libyang

This update for libyang fixes the following issues - CVE-2026-41401: use-after-free in lydparsersetdataflags when processing crafted YANG XML documents with specific metadata attributes bsc1266316. - CVE-2026-44673: integer overflow in lybreadstring of src/parserlyb.c leads to heap buffer overflo...

7.5CVSS6.1AI score0.00519EPSS
Exploits0References5
OSV
OSV
added 2026/06/19 9:17 p.m.12 views

DEBIAN-CVE-2026-49346

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.1.0, a crafted H.265 bitstream with large SPS dimensions and 16-bit bit depth causes a signed integer overflow in de265imagegetbuffer libde265/image.cc:128. The overflow wraps the plane allocation size to a sma...

7.1CVSS5.9AI score0.00227EPSS
Exploits1References1
Rows per page
Query Builder