Lucene search
K

2051 matches found

EUVD
EUVD
added yesterday3 views

EUVD-2026-41601

A flaw has been found in Open Asset Import Library Assimp up to 6.0.5. Impacted is the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. This manipulation causes heap-based buffer overflow. The attack is restricted to local...

5.3CVSS6.2AI score
Exploits0References8
Cvelist
Cvelist
added 5 days ago31 views

CVE-2026-13573 llvm llvm-project ValueSymbolTable ValueSymbolTable.cpp insert stack-based overflow

A vulnerability was found in llvm llvm-project up to 22.1.6. This affects the function llvm::StringMap::insert in the library /lib/IR/ValueSymbolTable.cpp of the component ValueSymbolTable Module. The manipulation results in stack-based buffer overflow. Attacking locally is a requirement. The...

4.8CVSS0.00124EPSS
Exploits0References7
CVE
CVE
added 5 days ago9 views

CVE-2026-13573

CVE-2026-13573 affects the LLVM project (up to 22.1.6), specifically the ValueSymbolTable module’s file lib/IR/ValueSymbolTable.cpp and its function StringMap::insert. The issue is a stack-based buffer overflow introduced in that function, enabling a local attacker to exploit it. The exploit has ...

4.8CVSS5.9AI score0.00124EPSS
Exploits0References7
NVD
NVD
added 6 days ago10 views

CVE-2026-13502

A flaw has been found in antlr ANTLR4 up to 4.13.2. This affects the function ObjectInputStream.readObject of the file antlr4-maven-plugin/src/main/java/org/antlr/mojo/antlr4/GrammarDependencies.java of the component Maven Plugin. This manipulation causes time-of-check time-of-use. The attack is...

4.5CVSS0.00091EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/26 8:49 a.m.6 views

CVE-2026-53193

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA timer component. This vulnerability occurs when a timer object is freed while timer instances are still associated with it, particularly when userspace-driven timers are involved. A local user can exploit this by...

7.8CVSS5.8AI score0.00141EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.8 views

Siemens RUGGEDCOM RST2428P Uncontrolled Recursion (CVE-2025-8732)

A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has been disclosed to...

4.8CVSS5AI score0.00143EPSS
Exploits1References3
CVE
CVE
added 2026/06/17 7:2 a.m.13 views

CVE-2026-28575

CVE-2026-28575 affects the Android framework in PackageInstaller.Session.transfer (frameworks/base/services/core/java/com/android/server/pm/PackageInstallerSession.java). The issue is described as a logic error causing memory exhaustion that can lead to a local denial of service without requiring...

10CVSS5.6AI score0.00125EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/16 9:32 p.m.11 views

EUVD-2026-37216

In smmuattachdev of arm-smmu-v3.c, there is a possible way to sign malicious Android Runtime bootclass artifacts due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5AI score0.00067EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/16 6:51 p.m.22 views

CVE-2026-0137

In edgetpusyncfencegroupshutdown of edgetpu-dmabuf.c, there is a possible elevation of privilege due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

0.00073EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 6:51 p.m.23 views

CVE-2026-0133

In smmuattachdev of arm-smmu-v3.c, there is a possible way to sign malicious Android Runtime bootclass artifacts due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00067EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/14 10:45 p.m.8 views

CVE-2026-12190 Genspark AI Workspace App ai.mainfunc.genspark improper authorization in handler for custom url scheme

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the component ai.mainfunc.genspark. The manipulation leads to improper authorization in handler for custom url scheme. The attack can only be performed from a local environment...

5.3CVSS5.3AI score0.00105EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/08 2:0 a.m.6 views

CVE-2026-11478

A flaw has been found in kokke tiny-regex-c up to f2632c6d9ed25272987471cdb8b70395c2460bdb. This vulnerability affects the function matchstar of the file re.c of the component Pattern Handler. This manipulation causes inefficient regular expression complexity. The attack is restricted to local...

4.8CVSS4.9AI score0.00113EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.9 views

EulerOS Virtualization 2.13.0 : gdb (EulerOS-SA-2026-2164)

According to the versions of the gdb packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw has been found in GNU Binutils 2.45. Impacted is the function bfdelfparseehframe of the file bfd/elf-eh-frame.c of the componen...

7.8CVSS5.5AI score0.00667EPSS
Exploits6References7
RedhatCVE
RedhatCVE
added 2026/06/05 7:44 p.m.8 views

CVE-2026-0070

In multiple functions of DevicePolicyManagerService.java, there is a possible way to hide a system critical package due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS5.7AI score0.00071EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:12 p.m.9 views

CVE-2026-0072

In addInputMethodListener of com.android.server.inputmethod.InputMethodManagerService, there is a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS5.6AI score0.00122EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 11:45 a.m.27 views

CVE-2026-10803

MLflow up to 3.10.0 contains a flaw in mlflow.data.digest_utils (Digest Computation) where manipulation leads to use of a weak hash. This affects the Digest Utils function in the Dataset Digest Computation component and enables a local attack. The reported exploitability is high in complexity wit...

3.6CVSS5.1AI score0.00103EPSS
Exploits1References7Affected Software1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

FastDeploy 安全漏洞

FastDeploy is an open-source tool developed by PaddlePaddle for deploying large language model and visual model inferences. Versions of FastDeploy 2.4.1 and earlier contain security vulnerabilities. These vulnerabilities stem from the weak hashing used in the hashfeatures function of the...

3.6CVSS5AI score0.00075EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/06/03 10:45 a.m.6 views

CVE-2026-10722

A vulnerability has been found in cilium ebpf up to 0.21.0. This affects the function loadRawSpec of the file btf/btf.go of the component LoadCollectionSpec/LoadCollectionSpecFromReader. Such manipulation of the argument offset leads to integer overflow. The attack can only be performed from a...

4.8CVSS5.4AI score0.00179EPSS
Exploits1References9Affected Software1
CVE
CVE
added 2026/06/03 10:45 a.m.39 views

CVE-2026-10722

CVE-2026-10722 affects cilium/ebpf up to 0.21.0, impacting the LoadCollectionSpec/LoadCollectionSpecFromReader path via the loadRawSpec function in btf/btf.go. The vulnerability is an integer overflow caused by crafted input; exploitation is local. Public disclosure is noted, and the patch name i...

5.5CVSS5.4AI score0.00179EPSS
Exploits1References9Affected Software1
EUVD
EUVD
added 2026/06/02 12:31 a.m.14 views

EUVD-2026-33785

In updateState of GraphicsDriverEnableAngleAsSystemDriverController.java, there is a possible persistent dos issue due to an unusual root cause. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS5.9AI score0.00071EPSS
Exploits0References2
Rows per page
Query Builder