4733 matches found
CVE-2026-25772 Wazuh Database Synchronization Vulnerable to Stack-based Buffer Overflow via snprintf Integer Underflow
Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.14.3, a stack-based buffer overflow vulnerability exists in the Wazuh Database synchronization module wdbdeltaevent.c. The SQL query construction logic...
Wazuh 数字错误漏洞
Wazuh is an open-source application developed by Wazuh. It is used for collecting, summarizing, indexing, and analyzing security data, helping organizations detect intrusions, threats, and abnormal behaviors. Versions of Wazuh from 4.4.0 to 4.14.3 contained a numerical error vulnerability. This...
EUVD-2026-12127
GStreamer H.266 Codec Parser Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...
CVE-2026-3084
A flaw was found in GStreamer. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. The issue stems from an integer underflow during the parsing of H.266 video codec picture partitions, caused by insufficient validation of user-supplied data...
CVE-2026-3084
GStreamer H.266 Codec Parser Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...
CVE-2026-3084
GStreamer H.266 Codec Parser Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...
CVE-2026-32775
libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow...
UBUNTU-CVE-2026-32775
libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow...
UBUNTU-CVE-2026-3084
GStreamer H.266 Codec Parser Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...
CVE-2026-32775
A flaw was found in libexif. When decoding MakerNotes, an integer underflow can occur in the exifmnotedatagetvalue function if a zero size is passed. This can lead to a buffer overwrite, potentially allowing an attacker to achieve arbitrary code execution, disclose sensitive information, or cause...
Integer Underflow (Wrap or Wraparound)
Overview Affected versions of this package are vulnerable to Integer Underflow Wrap or Wraparound in the exifmnotedatagetvalue function when a size of 0 is passed as an argument during decoding MakerNotes. An attacker can cause the in-buffer to be overwritten and potentially execute arbitrary cod...
CVE-2026-32775
libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow...
CVE-2026-32775
libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow...
(Pwn2Own) VMware ESXi VMCI Integer Underflow Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of VMware ESXi. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the implementatio...
Libexif 数字错误漏洞
Libexif is a function library written in C language by the Libexif organization. This product is primarily used for reading and writing EXIF meta-data from graphic files. Versions of libexif prior to 0.6.25 contained a numerical error vulnerability. This vulnerability stemmed from a flaw in...
Integer Underflow (Wrap or Wraparound)
Overview Affected versions of this package are vulnerable to Integer Underflow Wrap or Wraparound in the H.266 video bitstream parser in gst-plugins-bad. An attacker can execute arbitrary code by tricking a user into opening a specially crafted H.266 media file. Remediation Upgrade gstreamer to...
CVE-2026-3084
GStreamer H.266 Codec Parser Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...
CVE-2026-3084 GStreamer H.266 Codec Parser Integer Underflow Remote Code Execution Vulnerability
GStreamer H.266 Codec Parser Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...
CVE-2026-3084
GStreamer H.266 Codec Parser Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...
CVE-2026-3084 GStreamer H.266 Codec Parser Integer Underflow Remote Code Execution Vulnerability
GStreamer H.266 Codec Parser Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...