Lucene search
K

54409 matches found

OSV
OSV
added 2026/03/04 5:32 p.m.5 views

CLSA-2026-1772452097 ImageMagick: Fix of 9 CVEs

CVE-2026-25798: fix NULL pointer dereference in ClonePixelCacheRepository - CVE-2026-24481: fix heap information disclosure in PSD handler - CVE-2026-25799: fix division-by-zero in YUV sampling factor validation - CVE-2026-26284: fix out-of-bounds read in PCD Huffman decoder - CVE-2026-25897: fix...

9.8CVSS6.8AI score0.00429EPSS
Exploits0References1
Snyk
Snyk
added 2026/03/04 9:31 a.m.2 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound when decoding malformed MQTT packets, due to improper validation of the Remaining Length. An attacker can cause the broker to misinterpret payloads as multiple MQTT control packets by sending malicious...

8.8CVSS5.8AI score0.0078EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/04 9:31 a.m.1 views

Integer Overflow or Wraparound

Overview org.apache.activemq:activemq-all is a package that puts together an ActiveMQ jar bundle. Affected versions of this package are vulnerable to Integer Overflow or Wraparound when decoding malformed MQTT packets, due to improper validation of the Remaining Length. An attacker can cause the...

8.8CVSS5.8AI score0.0078EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/04 9:31 a.m.7 views

Apache ActiveMQ is Vulnerable to Integer Overflow or Wraparound

Apache ActiveMQ does not properly validate the remaining length field which may lead to an overflow during the decoding of malformed packets. When this integer overflow occurs, ActiveMQ may incorrectly compute the total Remaining Length and subsequently misinterpret the payload as multiple MQTT...

8.8CVSS6AI score0.0078EPSS
Exploits0References6Affected Software3
OSV
OSV
added 2026/03/04 9:31 a.m.6 views

GHSA-C825-6PH3-4H84 Apache ActiveMQ is Vulnerable to Integer Overflow or Wraparound

Apache ActiveMQ does not properly validate the remaining length field which may lead to an overflow during the decoding of malformed packets. When this integer overflow occurs, ActiveMQ may incorrectly compute the total Remaining Length and subsequently misinterpret the payload as multiple MQTT...

5.4CVSS5.9AI score0.0078EPSS
Exploits0References6
NVD
NVD
added 2026/03/04 9:15 a.m.9 views

CVE-2025-66168

WARNING: Users of 6.x should upgrade to 6.2.4 or later as the fix was missed in previous 6.x releases. See the following for more details: https://activemq.apache.org/security-advisories.data/CVE-2026-40046-announcement.txt https://vulners.com/cve/CVE-2026-40046 Original Report: Apache ActiveMQ...

8.8CVSS0.0078EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2026/03/04 9:11 a.m.4 views

Bytes is vulnerable to integer overflow in BytesMut::reserve

...

7.5CVSS5.8AI score0.00559EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2026/03/04 9:9 a.m.4 views

An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2.

...

5.3CVSS5.8AI score0.00141EPSS
Exploits0
Huntr
Huntr
added 2026/03/04 8:6 a.m.10 views

Integer Overflow Bypasses Memory Safety Checks in H5 Dataset Loading

This report is not public...

5.8AI score
Exploits0
GithubExploit
GithubExploit
added 2026/03/04 7:24 a.m.134 views

Exploit for Integer Overflow or Wraparound in Linux Linux_Kernel

No d...

7.8CVSS6.8AI score0.01944EPSS
Exploits5
RedhatCVE
RedhatCVE
added 2026/03/04 1:57 a.m.5 views

CVE-2026-0028

In pkvmhostshareguest of memprotect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.4CVSS6.2AI score0.00152EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/04 12:0 a.m.6 views

Apache ActiveMQ 安全漏洞

Apache ActiveMQ is an open-source messaging middleware developed by the Apache Foundation in the United States. It supports Java Message Service, clustering, Spring Framework, etc. Versions of Apache ActiveMQ prior to 5.19.2, as well as versions 6.0.0 to 6.1.8 and 6.2.0, have security...

8.8CVSS6.1AI score0.0078EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.1 views

PT-2026-31651

Name of the Vulnerable Software and Affected Versions Apache ActiveMQ versions 6.0.0 through 6.1.8, 6.2.0, and prior to 5.19.2 Description An integer overflow or wraparound issue exists in Apache ActiveMQ when decoding malformed packets. This occurs due to improper validation of the remaining...

8.8CVSS5.8AI score0.0078EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2026/03/04 12:0 a.m.4 views

SUSE SLED15 / SLES15 Security Update : expat (SUSE-SU-2026:0646-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0646-1 advisory. - CVE-2026-24515: Fixed a null dereference in XMLExternalEntityParserCreate. bsc1257144 - CVE-2026-25210: Fixe...

7.8CVSS6.9AI score0.00193EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/03/04 12:0 a.m.6 views

FreeBSD : Mozilla -- Multiple vulnerabilities (15f4e0f6-1338-11f1-a55d-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 15f4e0f6-1338-11f1-a55d-b42e991fc52e advisory. CVE-2026-2809: Memory safety bug in the JavaScript: WebAssembly component. CVE-2026-2808:...

6.8CVSS6AI score0.00475EPSS
Exploits0References3
OSV
OSV
added 2026/03/03 10:42 p.m.1 views

CVE-2026-27622 OpenEXR CompositeDeepScanLine integer-overflow leads to heap OOB write

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, per-pixel totals are accumulated in vector totalsizes for attacker-controlled large counts across many parts,...

8.4CVSS5.8AI score0.00201EPSS
Exploits2References3
Cvelist
Cvelist
added 2026/03/03 10:42 p.m.20 views

CVE-2026-27622 OpenEXR CompositeDeepScanLine integer-overflow leads to heap OOB write

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, per-pixel totals are accumulated in vector totalsizes for attacker-controlled large counts across many parts,...

8.4CVSS0.00201EPSS
Exploits2References1
CVE
CVE
added 2026/03/03 10:42 p.m.34 views

CVE-2026-27622

OpenEXR vulnerability CVE-2026-27622 arises from an integer overflow in CompositeDeepScanLine::readPixels, where per-pixel totals are accumulated into total_sizes and wrapped modulo 2^32, causing derived overall_sample_count to mis-size samples and leading to a heap out-of-bounds write in core un...

8.4CVSS5.9AI score0.00201EPSS
Exploits2References20Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/03 10:42 p.m.2 views

CVE-2026-27622 OpenEXR CompositeDeepScanLine integer-overflow leads to heap OOB write

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, per-pixel totals are accumulated in vector totalsizes for attacker-controlled large counts across many parts,...

8.4CVSS5.9AI score0.00201EPSS
Exploits2References1
OSV
OSV
added 2026/03/03 4:4 p.m.1 views

SUSE-SU-2026:20627-1 Security update for expat

This update for expat fixes the following issues: - CVE-2026-24515: failure to copy the encoding handler data passed to XMLSetUnknownEncodingHandler may cause a NULL dereference bsc1257144. - CVE-2026-25210: lack of buffer size check can lead to an integer overflow bsc1257496...

7.8CVSS6AI score0.00193EPSS
Exploits0References5
Rows per page
Query Builder