Lucene search
K

54409 matches found

CVE
CVE
added 2026/03/02 7:40 p.m.24 views

CVE-2026-27631

CVE-2026-27631 affects the Exiv2 library/editor. The vulnerability resides in the preview component and is triggered when Exiv2 is run with an extra command line argument (e.g., -pp). An integer overflow can cause code to attempt to create a huge std::vector, leading to a crash via an uncaught ex...

6.9CVSS5.8AI score0.00255EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/03/02 7:40 p.m.4 views

CVE-2026-27631 Exiv2: Uncaught exception - cannot create std::vector larger than max_size()

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an uncaught exception was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra...

6.9CVSS5.8AI score0.00255EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2026/03/02 7:40 p.m.4 views

CVE-2026-27631

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an uncaught exception was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra...

6.9CVSS5.8AI score0.00255EPSS
Exploits0References4
NVD
NVD
added 2026/03/02 7:16 p.m.7 views

CVE-2026-0028

In pkvmhostshareguest of memprotect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.4CVSS0.00152EPSS
Exploits0References4
NVD
NVD
added 2026/03/02 7:16 p.m.11 views

CVE-2026-0031

In multiple functions of memprotect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.4CVSS0.00152EPSS
Exploits0References4
OSV
OSV
added 2026/03/02 7:16 p.m.8 views

AZL-79382 CVE-2026-0031 affecting package hyperv-daemons 6.6.126.1-1

In multiple functions of memprotect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.4CVSS6AI score0.00152EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/02 6:42 p.m.2 views

CVE-2026-0031

In multiple functions of memprotect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.4CVSS6.1AI score0.00152EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/03/02 6:42 p.m.4 views

CVE-2026-0031

In multiple functions of memprotect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

6.1AI score0.00152EPSS
Exploits0References4
CVE
CVE
added 2026/03/02 6:42 p.m.24 views

CVE-2026-0031

CVE-2026-0031 affects Google Android’s kernel code (mem_protect.c) with an out-of-bounds write caused by an integer overflow. This vulnerability allows local privilege escalation without user interaction. Public references indicate Android kernel fixes/updates were released (and related advisorie...

8.4CVSS6.1AI score0.00152EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/03/02 6:42 p.m.30 views

CVE-2026-0031

In multiple functions of memprotect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00152EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/02 6:42 p.m.3 views

CVE-2026-0028

In pkvmhostshareguest of memprotect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

6.1AI score0.00152EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/02 6:42 p.m.3 views

CVE-2026-0028

In pkvmhostshareguest of memprotect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.4CVSS6.1AI score0.00152EPSS
Exploits0References6
EUVD
EUVD
added 2026/03/02 6:42 p.m.7 views

EUVD-2026-9242

In pkvmhostshareguest of memprotect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.4CVSS6.1AI score0.00152EPSS
Exploits0References4
CVE
CVE
added 2026/03/02 6:42 p.m.17 views

CVE-2026-0028

CVE-2026-0028 affects the Linux kernel code path __pkvm_host_share_guest in mem_protect.c, where an integer overflow can cause an out-of-bounds write. This leads to local privilege escalation without user interaction. The existing references in the connected documents (Android kernel changes and ...

8.4CVSS6.1AI score0.00152EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/03/02 6:42 p.m.29 views

CVE-2026-0028

In pkvmhostshareguest of memprotect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00152EPSS
Exploits0References4
Snyk
Snyk
added 2026/03/02 6:30 p.m.1 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the CompositeDeepScanLine::readPixels function. An attacker can cause memory corruption or potentially execute arbitrary code by providing a specially crafted multipart deep EXR file with large sample...

8.4CVSS6.1AI score0.00201EPSS
Exploits2References2
OSV
OSV
added 2026/03/02 6:30 p.m.4 views

GHSA-CR4V-6JM6-4963 OpenEXR's CompositeDeepScanLine integer-overflow leads to heap OOB write

Summary Function: CompositeDeepScanLine::readPixels, reachable from high-level multipart deep read flows MultiPartInputFile + DeepScanLineInputPart + CompositeDeepScanLine. Vulnerable lines src/lib/OpenEXR/ImfCompositeDeepScanLine.cpp: - totalsizesptr += countsjptr; line 511 - overallsamplecount ...

8.4CVSS6.2AI score0.00201EPSS
Exploits2References3
Github Security Blog
Github Security Blog
added 2026/03/02 6:30 p.m.5 views

OpenEXR's CompositeDeepScanLine integer-overflow leads to heap OOB write

Summary Function: CompositeDeepScanLine::readPixels, reachable from high-level multipart deep read flows MultiPartInputFile + DeepScanLineInputPart + CompositeDeepScanLine. Vulnerable lines src/lib/OpenEXR/ImfCompositeDeepScanLine.cpp: - totalsizesptr += countsjptr; line 511 - overallsamplecount ...

8.4CVSS6.2AI score0.00201EPSS
Exploits2References3Affected Software1
OSV
OSV
added 2026/03/02 5:16 p.m.8 views

AZL-78518 CVE-2026-23865 affecting package freetype 2.13.2-1

An integer overflow in the ttvarloaditemvariationstore function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2...

5.3CVSS5.8AI score0.00141EPSS
Exploits0References1
OSV
OSV
added 2026/03/02 5:16 p.m.5 views

AZL-78701 CVE-2026-23865 affecting package freetype 2.13.1-1

An integer overflow in the ttvarloaditemvariationstore function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2...

5.3CVSS5.8AI score0.00141EPSS
Exploits0References1
Rows per page
Query Builder