Lucene search
K

606 matches found

EUVD
EUVD
added 6 hours ago4 views

EUVD-2026-43562

Ollama downloadBlob Improper Validation of Array Index Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Ollama. Authentication is not required to exploit this vulnerability. The specific flaw exists...

7.5CVSS7AI score
Exploits0References2
NVD
NVD
added 2026/07/02 4:17 a.m.9 views

CVE-2026-57267

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.3CVSS0.0022EPSS
Exploits0References2
CVE
CVE
added 2026/07/02 2:18 a.m.18 views

CVE-2026-57264

GeoWebPlayer’s Websocket Server (used by GV-VMS/GV-Cloud) exposes a command interface where many commands accept an index that is not consistently validated. The Talos and CVE records describe multiple CVEs (e.g., CVE-2026-57264) across several commands (connectInfo, setStream, setPIP, audio, sna...

8.3CVSS5.8AI score0.00215EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/02 2:17 a.m.9 views

EUVD-2026-41243

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.3CVSS5.8AI score0.00215EPSS
Exploits0References2
CVE
CVE
added 2026/07/01 5:30 a.m.20 views

CVE-2026-14193

The vulnerability CVE-2026-14193 affects the DVP80ES300T device and is described as an Improper Validation of Array Index vulnerability. In the provided data, the CVSS v3.1 base score is 7.5 ( HIGH ), with Network attack vector, no privileges required, no user interaction, and availability impact...

7.5CVSS5.8AI score0.00263EPSS
Exploits0References1
NVD
NVD
added 2026/06/25 9:16 a.m.6 views

CVE-2026-53205

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add bounds checks for firmware log indices Add validation that read and write indices in the firmware log buffer are within valid bounds datasize before using them. If out-of-bounds indices are encountered from...

7.1CVSS0.00131EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.9 views

Automated Logic WebCTRL Improper Validation of Array Index (CVE-2025-0657)

CWE-129 Improper Validation of Array Index vulnerability exists in Automated Logic WebCTRL and Carrier i-Vu Building Automation System products. Software uses an array index that has not been properly validated to ensure it falls within valid array bounds. This can result in out-of-bounds access,...

8.8CVSS5.7AI score0.00291EPSS
Exploits0References2
OSV
OSV
added 2026/06/19 4:36 p.m.7 views

GHSA-5PRR-V3J2-97MH Nokogiri: Possible Out-of-Bounds Read in `Nokogiri::XML::NodeSet#[]`

Summary Nokogiri::XML::NodeSet and its alias slice checked the requested index against the node set's bounds using a 32-bit-truncated copy of the index. A large negative index could pass the check and then be used at full width, reading outside the node set's storage. On CRuby this is an...

6.3CVSS5.9AI score0.00331EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/11 11:46 a.m.6 views

kernel: wifi: brcmfmac: validate bsscfg indices in IF events

A flaw was found in the Linux kernel's brcmfmac Wi-Fi driver. This vulnerability occurs because the driver fails to properly validate bsscfg indices in interface IF events. An attacker could exploit this by sending a specially crafted IF event with an invalid bsscfg index, which could lead to an...

8.8CVSS5.5AI score0.00244EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/10 9:0 p.m.12 views

CVE-2026-24181

NVIDIA DALI contains a vulnerability in a component where an attacker could cause an improper index validation. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, and information disclosure...

7.3CVSS5.5AI score0.00139EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 6:30 p.m.14 views

EUVD-2026-35498

NVIDIA DALI contains a vulnerability in a component where an attacker could cause an improper index validation. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, and information disclosure...

7.3CVSS5.5AI score0.00139EPSS
Exploits0References3
NVD
NVD
added 2026/06/09 5:17 p.m.13 views

CVE-2026-24181

NVIDIA DALI contains a vulnerability in a component where an attacker could cause an improper index validation. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, and information disclosure...

7.3CVSS0.00139EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/09 4:11 p.m.31 views

CVE-2026-24181

NVIDIA DALI contains a vulnerability in a component where an attacker could cause an improper index validation. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, and information disclosure...

7.3CVSS0.00139EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/09 4:11 p.m.12 views

CVE-2026-24181

NVIDIA DALI contains a vulnerability in a component where an attacker could cause an improper index validation. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, and information disclosure...

7.3CVSS5.5AI score0.00139EPSS
Exploits0References3
CVE
CVE
added 2026/06/09 4:11 p.m.41 views

CVE-2026-24181

CVE-2026-24181 affects NVIDIA DALI. The issue is due to improper index validation in a component, enabling a local attacker with low privileges and user interaction to potentially cause code execution, data tampering, DoS, or information disclosure. NVIDIA’s security bulletin confirms the vulnera...

7.3CVSS5.5AI score0.00139EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.19 views

PT-2026-47826

NVIDIA DALI contains a vulnerability in a component where an attacker could cause an improper index validation. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, and information disclosure...

7.3CVSS5.5AI score0.00139EPSS
Exploits0References3
Nvidia
Nvidia
added 2026/06/09 12:0 a.m.15 views

Security Bulletin: NVIDIA DALI - June 2026

NVIDIA has released a software update for NVIDIA® DALI. To protect your system, clone or update this software to DALI v2.1 or later from NVIDIA/DALI on GitHub. Go to NVIDIA Product Security. Details The following table summarizes the potential vulnerabilities that this security update addresses a...

7.3CVSS5.9AI score0.00154EPSS
Exploits0Affected Software1
Ubuntu
Ubuntu
added 2026/06/08 4:41 p.m.20 views

USN-8349-2: rsync regression

USN-8349-1 fixed vulnerabilities in rsync. The update introduced multiple regressions in rsync functionality. This update fixes the problem. Original advisory details: Calum Hutton discovered that rsync contained a heap-based out-of-bounds read when handling file transfers. A remote attacker with...

5.6AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.12 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS : rsync vulnerabilities (USN-8349-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8349-1 advisory. Calum Hutton discovered that rsync contained a heap-based out-of-bounds read when handling file transfers. A remote...

8.1CVSS6AI score0.0078EPSS
Exploits1References9
OSV
OSV
added 2026/06/01 9:20 a.m.14 views

USN-8349-1 rsync vulnerabilities

Calum Hutton discovered that rsync contained a heap-based out-of-bounds read when handling file transfers. A remote attacker with read access to an rsync server could possibly use this issue to cause a denial of service. CVE-2025-10158 Batuhan Sancak, Damien Neil, and Michael Stapelberg discovere...

8.1CVSS5.9AI score0.0078EPSS
Exploits1References9
Rows per page
Query Builder