Lucene search
K

549 matches found

EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42955

NanaZip is the 7-Zip derivative intended for the modern Windows experience. Prior to 6.5.1749.0, NanaZip's seven in-house IInArchive handlers in NanaZip.Codecs unconditionally dereference the caller-supplied Indices array inside Extract when the archive engine signals extract everything by passin...

2.4CVSS6.1AI score0.00112EPSS
Exploits0References3
CVE
CVE
added 4 days ago7 views

CVE-2026-55783

NanaZip (a 7‑Zip derivative) is affected prior to version 6.5.1749.0. The in‑house IInArchive handlers in NanaZip.Codecs dereference the caller‑supplied Indices array during Extract when Indices is NULL and NumItems is 0xFFFFFFFF, in the code path for a full archive extraction (Test or Extract al...

2.4CVSS6.1AI score0.00112EPSS
Exploits0References3
NVD
NVD
added 5 days ago7 views

CVE-2026-57024

A Use of Multiple Resources with Duplicate Identifier vulnerability in the IKE daemon iked of Juniper Networks Junos OS on MX with SPC3 and SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. On an MX with SPC3 and SRX devices configured for VPN service,...

6.9CVSS0.00417EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 5 days ago8 views

CVE-2026-57024

A Use of Multiple Resources with Duplicate Identifier vulnerability in the IKE daemon iked of Juniper Networks Junos OS on MX with SPC3 and SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. On an MX with SPC3 and SRX devices configured for VPN service,...

6.9CVSS5.9AI score0.00417EPSS
Exploits0References2Affected Software1
NVD
NVD
added 6 days ago9 views

CVE-2026-59879

Immutable.js provides many Persistent Immutable data structures. Prior to 4.3.9 and 5.1.8, Listset, ListsetSize, ListsetIn, ListupdateIn, and the functional set, setIn, and updateIn mishandle an index or size in the range 2 30 to 2 31 in setListBounds in src/List.js, causing an empty List to ente...

8.7CVSS0.0037EPSS
Exploits1References5
CVE
CVE
added 6 days ago21 views

CVE-2026-59879

Immutable.js List contains a 32-bit trie overflow in List.js setListBounds that, prior to versions 4.3.9 and 5.1.8, can mishandle an index or size in the 2^30–2^31 range, leading to an uncatchable infinite loop for empty Lists, unbounded allocation for populated Lists, or silent wrap of large set...

8.7CVSS6AI score0.0037EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2026/07/07 11:45 a.m.4 views

PYSEC-2026-1959 TensorFlow vulnerable to Out-of-Bounds Read in DynamicStitch

Impact If the parameter indices for DynamicStitch does not match the shape of the parameter data, it can trigger an stack OOB read. python import tensorflow as tf func = tf.rawops.DynamicStitch para='indices': 0xdeadbeef, 405, 519, 758, 1015, 'data': 110.27793884277344, 120.29475402832031,...

7.5CVSS6.7AI score0.00391EPSS
Exploits0References6
NVD
NVD
added 2026/07/06 9:16 p.m.6 views

CVE-2026-21384

Memory Corruption when updating prepared commands with invalid port indices based on user space input exceeds supported read client limits...

5.3CVSS0.00056EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/07/06 8:9 p.m.7 views

CVE-2026-21384 Out-of-bounds Write in Camera Driver

Memory Corruption when updating prepared commands with invalid port indices based on user space input exceeds supported read client limits...

5.3CVSS6AI score0.00056EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/06 8:9 p.m.35 views

CVE-2026-21384 Out-of-bounds Write in Camera Driver

Memory Corruption when updating prepared commands with invalid port indices based on user space input exceeds supported read client limits...

5.3CVSS0.00056EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/06 8:9 p.m.11 views

CVE-2026-21384

Memory Corruption when updating prepared commands with invalid port indices based on user space input exceeds supported read client limits...

5.3CVSS6AI score0.00056EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/06 8:9 p.m.10 views

EUVD-2026-41931

Memory Corruption when updating prepared commands with invalid port indices based on user space input exceeds supported read client limits...

5.3CVSS6AI score0.00056EPSS
Exploits0References1
CVE
CVE
added 2026/07/06 8:9 p.m.12 views

CVE-2026-21384

CVE-2026-21384 describes a memory corruption vulnerability in a camera driver where updating prepared commands with invalid port indices (driven by user-space input) can exceed read client limits, causing an out-of-bounds write. The issue is tied to a local attack vector with high complexity and ...

5.3CVSS6AI score0.00056EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.7 views

PT-2026-55993

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon affected versions not specified Description Memory corruption occurs when updating prepared commands using invalid port indices derived from user space input that exceed the supported read client limits. Recommendations At...

5.3CVSS6.1AI score0.00056EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/07/02 2:19 a.m.6 views

CVE-2026-57267

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.3CVSS5.8AI score0.0022EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/07/01 12:34 a.m.8 views

EUVD-2026-40415

Invidious through 2.20260626.0, fixed in commit 77ad416, contains a broken object level authorization vulnerability that allows authenticated attackers to delete videos from other users' playlists by supplying an arbitrary global video index in the removevideo action of the playlist endpoint...

7.1CVSS5.9AI score0.00225EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-53205

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - accel/ivpu: Add bounds checks for firmware log indices Add validation that read and write indices in the firmware log buffer are within valid bounds datasize...

7.1CVSS6.2AI score0.00131EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/26 2:10 a.m.8 views

SUSE CVE-2026-53205

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add bounds checks for firmware log indices Add validation that read and write indices in the firmware log buffer are within valid bounds datasize before using them. If out-of-bounds indices are encountered from...

7.1CVSS5.9AI score0.00131EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/26 12:37 a.m.4 views

CVE-2026-53205

A flaw was found in the Linux kernel's Intel Versatile Processing Unit IVPU accelerator driver. This vulnerability occurs due to insufficient validation of read and write indices in the firmware log buffer. If the firmware provides invalid log indices, it could lead to out-of-bounds buffer access...

7.1CVSS5.9AI score0.00131EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 9:16 a.m.6 views

CVE-2026-53205

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add bounds checks for firmware log indices Add validation that read and write indices in the firmware log buffer are within valid bounds datasize before using them. If out-of-bounds indices are encountered from...

7.1CVSS0.00131EPSS
Exploits0References4
Rows per page
Query Builder