CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

Tenable Nessus•added 2026/05/22 12:0 a.m.•4 views

Unity Linux 20.1060e / 20.1070e Security Update: apr (UTSA-2026-016610)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016610 advisory. When aprtimeexp or aprosexptime functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be...

7.1CVSS6.7AI score0.0025EPSS

Exploits0References4

Microsoft CVE•added 2025/10/02 6:10 a.m.•4 views

When apr_time_exp*() or apr_os_exp_time*() functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting this value to an apr_time_exp_t value, potentially revealing the contents of a different static heap value or resulting in program termination, and may represent an information disclosure or denial of service vulnerability to applications which call these APR functions with unvalidated external input.

...

7.1CVSS7AI score0.0025EPSS

Exploits0

SUSE CVE•added 2023/02/15 4:41 a.m.•2 views

SUSE CVE-2017-12613

When aprtimeexp or aprosexptime functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting this value to an aprtimeexpt value, potentially revealing the contents of a different static heap value or...

3.4CVSS7AI score0.0025EPSS

Exploits0References7

Veracode•added 2018/04/27 2:25 a.m.•34 views

Out-of-Bounds Read

libapr-1.so is vulnerable to out-of-bounds read. A malicious user can pass a invalid month value to the aprtimeexp or the aprosexptime functions to cause an out-of-bounds read that can lead to sensitive information being disclosed or the application crashing...

7.1CVSS6.7AI score0.0025EPSS

Exploits0References27Affected Software1