Lucene search
K

408 matches found

OSV
OSV
added 2026/03/25 4:22 p.m.5 views

USN-8123-1 mbedtls vulnerabilities

It was discovered that Mbed TLS incorrectly handled memory allocation failures. A remote attacker could possibly use this issue to crash the program. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2021-44732 Jonathan Winzig discovered that Mbed TLS incorrectly handled crafted...

9.8CVSS6.1AI score0.02569EPSS
Exploits4References8
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 6:56 a.m.7 views

Security Bulletin: Multiple vulnerabilities in IBM MQ Operator and Queue manager container images

Summary Multiple vulnerabilities were addressed in IBM MQ Operator and Queue manager container images Vulnerability Details CVEID:CVE-2025-9086 DESCRIPTION: 1. A cookie is set using the secure keyword for https://target 2. curl is redirected to or otherwise made to speak with http://target same...

9.8CVSS7.7AI score0.47621EPSS
Exploits10Affected Software1
OSV
OSV
added 2026/03/20 1:15 a.m.6 views

UBUNTU-CVE-2026-32829

lz4flex is a pure Rust implementation of LZ4 compression/decompression. In versions 0.11.5 and below, and 0.12.0, decompressing invalid LZ4 data can leak sensitive information from uninitialized memory or from previous decompression operations. The library fails to properly validate offset values...

8.2CVSS5.8AI score0.00608EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/20 12:49 a.m.5 views

EUVD-2026-13426

lz4flex is a pure Rust implementation of LZ4 compression/decompression. In versions 0.11.5 and below, and 0.12.0, decompressing invalid LZ4 data can leak sensitive information from uninitialized memory or from previous decompression operations. The library fails to properly validate offset values...

8.2CVSS5.7AI score0.00608EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/18 6:22 p.m.23 views

CVE-2026-31963 HTSlib CRAM reader has heap buffer overflow due to improper validation of input

HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data. As one method of removing redundant data, CRAM uses reference-based compression so that instead of storing the full sequence for each alignment record it...

8.8CVSS0.00348EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/03/12 8:52 a.m.3 views

SUSE CVE-2026-31870

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.37.1, when a cpp-httplib client uses the streaming API httplib::stream::Get, httplib::stream::Post, etc., the library calls std::stoull directly on the Content-Length header value received from the server...

7.5CVSS5.6AI score0.00453EPSS
Exploits1References3
EUVD
EUVD
added 2026/03/10 9:32 p.m.4 views

EUVD-2025-208533

In hypalloc of arch/arm64/kvm/hyp/nvhe/alloc.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

5.9AI score0.00087EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2026/03/06 12:0 a.m.8 views

GStreamer RealMedia Demuxer Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the processing of video...

7.8CVSS6.2AI score0.00431EPSS
Exploits0References1
OSV
OSV
added 2026/03/05 10:17 p.m.7 views

USN-8078-1 zutty vulnerability

Carter Sande discovered that Zutty did not correctly echo invalid input to the console on DECRQSS. An attacker could possibly use this issue to execute arbitrary commands...

9.8CVSS5.9AI score0.01754EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2026/03/05 10:17 p.m.9 views

USN-8078-1: Zutty vulnerability

Carter Sande discovered that Zutty did not correctly echo invalid input to the console on DECRQSS. An attacker could possibly use this issue to execute arbitrary commands...

9.8CVSS6AI score0.01754EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2026/03/04 3:31 p.m.3 views

CVE-2025-59787 HTTP 5XX Internal Server Errors

2N Access Commander application version 3.4.2 and prior returns HTTP 500 Internal Server Error responses when receiving malformed or manipulated requests, indicating improper handling of invalid input and potential security or availability impacts...

5.3CVSS5.9AI score0.00191EPSS
Exploits0References1
CVE
CVE
added 2026/03/04 3:31 p.m.11 views

CVE-2025-59787

2N Access Commander, affected through version 3.4.2 and earlier, returns HTTP 500 on malformed or manipulated input, indicating improper input validation in the web-facing interface. The description notes potential security or availability impact but does not detail exploitable vectors beyond the...

6.5CVSS5.9AI score0.00191EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/03/04 12:0 a.m.8 views

2N Access Commander 安全漏洞

2N Access Commander is an access control solution provided by 2N Corporation. Versions of 2N Access Commander prior to 3.4.2 contained a security vulnerability. This vulnerability stemmed from the return of an HTTP 500 internal server error when processing malformed or manipulated requests. This...

6.5CVSS5.8AI score0.00191EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/02/23 12:0 a.m.6 views

FreeBSD : openexr -- buffer overflow in istream_nonparallel_read on invalid input data (716d25a6-0fdc-11f1-bfdf-ff9355aecb00)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 716d25a6-0fdc-11f1-bfdf-ff9355aecb00 advisory. Cary Phillips reports: openexr v3.4.5 ... fixes an incorrect size check in istreamnonparallelread that...

5.8AI score
Exploits0References3
FreeBSD
FreeBSD
added 2026/02/16 12:0 a.m.9 views

openexr -- buffer overflow in istream_nonparallel_read on invalid input data

Cary Phillips reports: openexr v3.4.5 ... fixes an incorrect size check in istreamnonparallelread that could lead to a buffer overflow on invalid input data...

5.9AI score
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/02/13 12:0 a.m.5 views

CVE-2026-0966

A flaw was found in libssh. The API function sshgethexa is vulnerable to a denial of service when processing zero-length input. This can be exploited remotely by an attacker during GSSAPI Generic Security Service Application Program Interface authentication if the server's logging verbosity is se...

8.2CVSS6.3AI score0.00582EPSS
Exploits0References4
Snyk
Snyk
added 2026/02/10 6:47 p.m.3 views

Buffer Underwrite (Buffer Underflow)

Overview Affected versions of this package are vulnerable to Buffer Underwrite Buffer Underflow in the sshgethexa function on invalid input. An attacker can cause a buffer underflow and potentially execute arbitrary code or crash the application by supplying specially crafted input. Workaround Th...

8.2CVSS7AI score0.00582EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/02/03 9:19 p.m.3 views

CVE-2025-47399

Memory Corruption while processing IOCTL call to update sensor property settings with invalid input parameters...

7.8CVSS5.3AI score0.00092EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/02 3:20 p.m.3 views

CVE-2025-47399 Buffer Copy Without Checking Size of Input in Camera

Memory Corruption while processing IOCTL call to update sensor property settings with invalid input parameters...

7.8CVSS5.3AI score0.00092EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/02 3:20 p.m.3 views

CVE-2025-47399

Memory Corruption while processing IOCTL call to update sensor property settings with invalid input parameters...

7.8CVSS5.3AI score0.00092EPSS
Exploits0References2
Rows per page
Query Builder