Lucene search
K

66 matches found

NVD
NVD
added 6 days ago9 views

CVE-2026-57245

When the application opens a PDF, traverses and builds the annotation elements related to hyperlinks, it fails to validate the abnormal annotation relationships and field combinations. This results in the internal objects entering an invalid state. Eventually, during the destruction phase, an...

7.8CVSS0.00116EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 6 days ago6 views

CVE-2026-57245

When the application opens a PDF, traverses and builds the annotation elements related to hyperlinks, it fails to validate the abnormal annotation relationships and field combinations. This results in the internal objects entering an invalid state. Eventually, during the destruction phase, an...

7.8CVSS5.9AI score0.00116EPSS
Exploits0References2Affected Software2
Positive Technologies
Positive Technologies
added 6 days ago11 views

PT-2026-56336

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Opening a PDF allows JavaScript to modify form field properties, causing the state of the underlying objects referenced by the program to become invalid. This...

7.8CVSS6.1AI score0.00116EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:8 a.m.7 views

jq --rawfile invalid-state reuse after String too long causes heap-buffer-overflow

...

7.1CVSS5.8AI score0.00165EPSS
Exploits1
Cvelist
Cvelist
added 2026/06/25 5:17 p.m.38 views

CVE-2026-49839 jq --rawfile invalid-state reuse after String too long causes heap-buffer-overflow

jq is a command-line JSON processor. Prior to 1.8.2, jq --rawfile can turn a handled oversized-string error into invalid-state reuse and a real heap out-of-bounds write in assertion-disabled builds. When jvloadfileraw=1 reads an attacker-controlled file, it repeatedly appends file chunks to the...

7.1CVSS0.00165EPSS
Exploits1References1
CVE
CVE
added 2026/06/25 5:17 p.m.30 views

CVE-2026-49839

Summary: CVE-2026-49839 affects jq prior to 1.8.2, where in the --rawfile path an oversized string can trigger invalid-state reuse and heap-buffer-overflow writes. In detail, when jv_load_file(raw=1) reads attacker-controlled data, file chunks are appended to a single jv string accumulator; after...

7.1CVSS5.8AI score0.00165EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2026/06/25 7:40 a.m.12 views

BIT-PYTHON-MIN-2026-9669 bz2.BZ2Decompressor reuse after error can cause a stack buffer overflow

bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to a stack buffer...

8.2CVSS5.4AI score0.00433EPSS
Exploits0References10
NVD
NVD
added 2026/06/08 11:17 p.m.15 views

CVE-2026-9669

bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to a stack buffer...

8.2CVSS0.00433EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.18 views

PT-2026-47453

Name of the Vulnerable Software and Affected Versions Python affected versions not specified Description bz2.BZ2Decompressor objects can be reused following a decompression error. If an application catches the resulting OSError and attempts to retry using the same decompressor, specially crafted...

8.2CVSS5.4AI score0.00622EPSS
Exploits0References67
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the batman-adv module not rejecting new tpmeter sessions during network disconnection. This allow...

7.8CVSS5.8AI score0.00139EPSS
Exploits0References5
NVD
NVD
added 2026/03/06 7:16 p.m.7 views

CVE-2025-69652

GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort SIGABRT when processing a crafted ELF binary with malformed DWARF abbrev or debug information. Due to incomplete state cleanup in processdebuginfo, an invalid debuginfop state may propagate into DWARF attribute parsing...

6.2CVSS0.00173EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/02/04 4:8 p.m.5 views

CVE-2026-23102

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: signal: Fix restoration of SVE context When SME is supported, Restoring SVE signal context can go wrong in a few ways, including placing the task into an invalid state where the kernel may read from out-of-bounds...

5.5AI score0.00117EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/10/14 7:57 p.m.3 views

GHSA-HRHF-2VCR-GHCH CometBFT's invalid BitArray handling can lead to network halt

Name: ASA-2025-003: Invalid BitArray handling can lead to network halt Criticality: High Considerable Impact; Possible Likelihood per ACMv1.2 Affected versions: = v0.38.18, = v0.37.15, and main development branches Affected users: Validators, Full nodes, Users Description A bug was discovered in...

8.7CVSS7AI score
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-24911

Malware in sbrugna...

7.8CVSS7.6AI score0.00204EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2019-7497

Malware in sbrugna...

6.5CVSS7.8AI score0.0134EPSS
Exploits0References13
RedhatCVE
RedhatCVE
added 2025/05/22 4:39 p.m.8 views

CVE-2020-3640

u'Resizing the usage table header before passing all the checks leads to the function exiting with a usage table in invalid state when a HLOS adversary calls the function with wrong input' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and...

7.8CVSS7.2AI score0.00204EPSS
Exploits0
OSV
OSV
added 2025/05/01 3:16 p.m.6 views

DEBIAN-CVE-2022-49820

In the Linux kernel, the following vulnerability has been resolved: mctp i2c: don't count unused / invalid keys for flow release We're currently hitting the WARNON in mctpi2cflowrelease: if midev-releasecount midev-i2clockcount WARNONCE1, "release count overflow"; This may be hit if we expire a...

5.5CVSS5.4AI score0.0014EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2025/02/26 2:24 a.m.19 views

CVE-2022-49709

In the Linux kernel, the following vulnerability has been resolved: cfi: Fix cfislowpathdiag RCU usage with cpuidle RCUNONIDLE usage during cfislowpathdiag can result in an invalid RCU state in the cpuidle code path: WARNING: CPU: 1 PID: 0 at kernel/rcu/tree.c:613 rcueqsenter+0xe4/0x138 ... Call...

5.5CVSS5.4AI score0.00243EPSS
Exploits0
NVD
NVD
added 2025/02/20 12:15 a.m.5 views

CVE-2024-6697

The product does not handle or incorrectly handles when it has insufficient privileges to access resources or functionality as specified by their permissions. This may cause it to follow unexpected code paths that may leave the product in an invalid state. CWE-280 Hitachi Vantara Pentaho Business...

6.5CVSS0.00303EPSS
Exploits0References1
OSV
OSV
added 2024/12/04 3:15 p.m.6 views

UBUNTU-CVE-2024-53133

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Handle dml allocation failure to avoid crash Why In the case where a dml allocation fails for any reason, the current state's dml contexts would no longer be valid. Then subsequent calls dcstatecopyinternal would...

7.8CVSS6.6AI score0.00201EPSS
Exploits0References17
Rows per page
Query Builder