Lucene search
K

56 matches found

RedHat Linux
RedHat Linux
added 2 days ago5 views

kernel: crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id

In the Linux kernel, the following vulnerability has been resolved: crypto: asymmetrickeys - prevent overflow in asymmetrickeygenerateid Use checkaddoverflow to guard against potential integer overflows when adding the binary blob lengths and the size of an asymmetrickeyid structure and return...

6.2AI score0.0017EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2 days ago4 views

EulerOS 2.0 SP10 : libssh2 (EulerOS-SA-2026-2700)

According to the versions of the libssh2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauthpassword of the file...

9.1CVSS6.9AI score0.00466EPSS
Exploits0References2
OSV
OSV
added 2026/07/07 11:45 a.m.4 views

PYSEC-2026-1961 TensorFlow vulnerable to segfault when opening multiframe gif

Impact Integer overflow occurs when 2^31 = numframes height width channels 2^32, for example Full HD screencast of at least 346 frames. python import urllib.request dat =...

6.5CVSS6.7AI score0.00305EPSS
Exploits0References6
OSV
OSV
added 2026/06/18 8:51 a.m.3 views

SUSE-SU-2026:2444-1 Security update for ffmpeg-4

This update for ffmpeg-4 fixes the following issues Update to version 4.4.7: - CVE-2023-6601: HLS Unsafe File Extension Bypass bsc1220545. - CVE-2024-35366: FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parseoptions function of sbgdec.c within the libavformat module. When...

9.8CVSS6.3AI score0.00715EPSS
Exploits3References20
OSV
OSV
added 2026/05/08 2:39 p.m.8 views

JLSEC-2026-492

A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauthpassword of the file src/userauth.c. Such manipulation of the argument usernamelen/passwordlen leads to integer overflow. The attack may be launched remotely. The name of the patch is...

9.1CVSS5.8AI score0.00466EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2026/05/01 10:16 p.m.7 views

CVE-2026-7598

A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauthpassword of the file src/userauth.c. Such manipulation of the argument usernamelen/passwordlen leads to integer overflow. The attack may be launched remotely. The name of the patch is...

7.5CVSS6.9AI score0.00466EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/05/01 9:30 p.m.7 views

CVE-2026-7598

A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauthpassword of the file src/userauth.c. Such manipulation of the argument usernamelen/passwordlen leads to integer overflow. The attack may be launched remotely. The name of the patch is...

9.1CVSS7AI score0.00466EPSS
Exploits0
SUSE Linux
SUSE Linux
added 2026/04/22 4:23 p.m.7 views

Security update for libraw

This update for libraw fixes the following issues: CVE-2026-5342: out-of-bounds read via LibRaw::nikonloadpaddedpackedraw bsc1261499. CVE-2026-20884: integer overflow and heap buffer overflow via deflatedngloadraw bsc1261671. CVE-2026-20889: heap-based buffer overflow in x3fthumbloaderbsc1261672...

9.2CVSS6AI score0.00746EPSS
Exploits7References28
CVE
CVE
added 2026/04/07 1:49 p.m.46 views

CVE-2026-24450

CVE-2026-24450 is a LibRaw vulnerability in uncompressed_fp_dng_load_raw caused by an integer overflow that can lead to a heap-based buffer overflow when processing a malicious DNG file. Exploitation would require a crafted file; multiple advisories (e.g., ALINUX3-SA-2026:0125, RHSA/RHSA family, ...

9.8CVSS6.2AI score0.00454EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/03/09 5:48 p.m.3 views

MGASA-2026-0052 Updated rootcerts, nss & firefox packages fix security vulnerabilities

Incorrect boundary conditions in the WebRTC: Audio/Video component. CVE-2026-2757 Use-after-free in the JavaScript: GC component. CVE-2026-2758 Incorrect boundary conditions in the Graphics: ImageLib component. CVE-2026-2759 Sandbox escape due to incorrect boundary conditions in the Graphics:...

10CVSS5.8AI score0.00604EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/02 6:42 p.m.6 views

EUVD-2026-9245

In multiple functions of memprotect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.4CVSS6.1AI score0.00152EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/12/22 4:30 p.m.1 views

Security update for glib2

This update for glib2 fixes the following issues: CVE-2025-14512: integer overflow in the GIO escapebytestring function when processing malicious files or remote filesystem attribute values can lead to denial-of-service bsc1254878. CVE-2025-14087: buffer underflow in the GVariant parser...

7.7CVSS8AI score0.00767EPSS
Exploits1References12
Debian
Debian
added 2025/11/25 7:57 p.m.13 views

[SECURITY] [DLA 4383-1] rails security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4383-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès November 25, 2025 https://wiki.debian.org/LTS -...

8.7CVSS8.8AI score0.01265EPSS
Exploits3
OSV
OSV
added 2025/10/16 4:15 p.m.35 views

CVE-2025-62496

A vulnerability exists in the QuickJS engine's BigInt string parsing logic jsbigintfromstring when attempting to create a BigInt from a string with an excessively large number of digits. The function calculates the necessary number of bits nbits required to store the BigInt using the formula:...

8.8CVSS5.9AI score
Exploits0References2
OSV
OSV
added 2025/09/22 4:15 a.m.3 views

ALPINE-CVE-2025-59800

In Artifex Ghostscript through 10.05.1, ocrbeginpage in devices/gdevpdfocr.c has an integer overflow that leads to a heap-based buffer overflow in ocrline8...

5.5CVSS7.4AI score0.00166EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/09/22 12:0 a.m.3 views

CVE-2025-59800

In Artifex Ghostscript through 10.05.1, ocrbeginpage in devices/gdevpdfocr.c has an integer overflow that leads to a heap-based buffer overflow in ocrline8...

5.5CVSS7.5AI score0.00166EPSS
Exploits0References2
OSV
OSV
added 2025/08/14 10:12 a.m.4 views

SUSE-SU-2025:20594-1 Security update for libarchive

This update for libarchive fixes the following issues: - CVE-2025-5918: reading past EOF may be triggered for piped file streams bsc1244279 - CVE-2025-5917: off by one error in buildustarentryname at archivewritesetformatpax.c bsc1244336 - CVE-2025-5916: integer overflow while reading warc files ...

7.8CVSS6.9AI score0.00341EPSS
Exploits2References11
OSV
OSV
added 2025/08/14 4:48 a.m.4 views

USN-7694-1 libxml2 vulnerabilities

Ahmed Lekssays discovered that libxml2 did not properly perform certain mathematical operations, leading to an integer overflow. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2025-6021 Ahmed Lekssays discovere...

9.1CVSS7AI score0.01437EPSS
Exploits1References5
OSV
OSV
added 2025/04/16 3:16 p.m.3 views

UBUNTU-CVE-2025-22081

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix a couple integer overflows on 32bit systems On 32bit systems the "off + sizeofstruct NTFSDE" addition can have an integer wrapping issue. Fix it by using sizeadd...

6CVSS6.2AI score0.00176EPSS
Exploits0References40
OSV
OSV
added 2025/04/08 4:15 a.m.6 views

UBUNTU-CVE-2025-3408

A vulnerability was found in Nothings stb up to f056911. It has been rated as critical. Affected by this issue is the function stbdupreplace. The manipulation leads to integer overflow. The attack may be launched remotely. Continious delivery with rolling releases is used by this product...

8.8CVSS5.5AI score0.00467EPSS
Exploits0References3
Rows per page
Query Builder