Lucene search
+L

21 matches found

osv
osv
added 2026/07/06 6:27 a.m.4 views

OESA-2026-2843 perl security update

Perl 5 is a highly capable, feature-rich programming language with over 30 years of development. Perl 5 runs on over 100 platforms from portables to mainframes and is suitable for both rapid prototyping and large scale development projects. Security Fixes: Socket versions before 2.041 for Perl ha...

9.1CVSS5.9AI score0.00389EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/06/24 12:0 a.m.12 views

PT-2026-51970

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds read occurs during the copying of elements from a BPF MAP TYPE CGROUP STORAGE map to a per-CPU pcpu map when the value size is not aligned to 8 bytes. The pcpu init valu...

7.1CVSS5.7AI score0.00116EPSS
Exploits0References7
attackerkb
attackerkb
added 2026/05/20 9:18 a.m.11 views

CVE-2026-33278

NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep copying a data structure and erroneously overwriting a destination pointer. An adversary can exploit the...

10CVSS6.5AI score0.01272EPSS
Exploits0References2Affected Software1
osv
osv
added 2026/05/04 7:16 a.m.18 views

UBUNTU-CVE-2026-43859

mutt before 2.3.2 sometimes uses strfcpy instead of memcpy for the IMAP authcram MD5 digest...

3.7CVSS5.8AI score0.00162EPSS
Exploits0References2
cve
cve
added 2026/05/01 12:0 a.m.14 views

CVE-2026-42483

CVE-2026-42483 describes a heap-based buffer overflow in the Kerberos hash parser of hashcat v7.1.2, affecting the module_hash_decode path in multiple Kerberos-related modules. The root cause is that account_info_len is calculated from untrusted delimiter positions without upper-bound validation,...

9.8CVSS6.4AI score0.00304EPSS
Exploits1References1Affected Software1
nessus
nessus
added 2026/01/15 12:0 a.m.10 views

Oracle Linux 10 : gnupg2 (ELSA-2026-0697)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-0697 advisory. - Fix CVE-2025-68973 gpg.fail/memcpy Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus h...

7.8CVSS5.9AI score0.00129EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2025/12/12 12:0 a.m.6 views

PT-2025-51033

Name of the Vulnerable Software and Affected Versions PCSX2 versions 2.5.377 and below Description PCSX2, a PlayStation 2 emulator, contains a flaw where an unchecked offset and size within memcpy operations in the CDVD SCMD 0x91 and SCMD 0x8F handlers can lead to an out-of-bounds read from...

5.3CVSS6.5AI score0.00301EPSS
Exploits0References11
github
github
added 2025/11/21 6:3 p.m.11 views

MLX has Wild Pointer Dereference in load_gguf()

Summary Segmentation fault in mlx::core::loadgguf when loading malicious GGUF files. Untrusted pointer from external gguflib library is dereferenced without validation, causing application crash. Environment: - OS: Ubuntu 20.04.6 LTS - Compiler: Clang 19.1.7 Vulnerability Location: mlx/io/gguf.cp...

7.5CVSS7.1AI score0.00336EPSS
Exploits1References4Affected Software1
redhat
redhat
added 2025/11/12 1:52 p.m.6 views

kernel: wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: slab-out-of-bounds read in brcmfgetassocies Fix a slab-out-of-bounds read that occurs in kmemdup called from brcmfgetassocies. The bug could occur when associnfo-reqlen, data from a URB provided by a USB device, i...

7.1CVSS6.9AI score0.00152EPSS
Exploits0References5
nvd
nvd
added 2025/10/19 1:15 a.m.8 views

CVE-2025-62672

rplay through 3.3.2 allows attackers to cause a denial of service SIGSEGV and daemon crash or possibly have unspecified other impact. This occurs in memcpy in the RPLAYDATA case in rplayunpack in librplay/rplay.c, potentially reachable via packet data with no authentication...

5.3CVSS0.00527EPSS
Exploits0References3
debiancve
debiancve
added 2025/10/19 12:0 a.m.5 views

CVE-2025-62672

rplay through 3.3.2 allows attackers to cause a denial of service SIGSEGV and daemon crash or possibly have unspecified other impact. This occurs in memcpy in the RPLAYDATA case in rplayunpack in librplay/rplay.c, potentially reachable via packet data with no authentication...

5.3CVSS5.7AI score0.00527EPSS
Exploits0
nessus
nessus
added 2025/10/07 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987189)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987189 advisory. In the Linux kernel, the following vulnerability has been resolved: media: ngene: Fix out-of-bounds bug in ngenecommandconfigfreebuf Fix an 11-year old bug in...

7.1CVSS6AI score0.00234EPSS
Exploits0References4
nessus
nessus
added 2025/09/10 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2018-5684

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Libav through 12.2, there is an invalid memcpy call in the ffmovreadstsdentries function of libavformat/mov.c. Remote attackers could leverage this...

8.8CVSS7.8AI score0.01213EPSS
Exploits1References2
nessus
nessus
added 2025/08/15 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-37746

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - perf/dwcpcie: fix duplicate pcidev devices During platformdeviceregister, wrongly using struct device pcidev as platformdata caused a kmemdup copy of pcidev...

5.5CVSS6.2AI score0.0013EPSS
Exploits0References3
osv
osv
added 2022/11/11 11:4 a.m.5 views

OESA-2022-2067 libtiff security update

This provides support for the Tag Image File Format TIFF, a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libtiff...

7.1CVSS6.9AI score0.01542EPSS
Exploits4References5
redhat
redhat
added 2022/11/08 9:33 a.m.7 views

libtiff: out-of-bounds read in _TIFFmemcpy() in tif_unix.c

A buffer overflow vulnerability was found in libtiff. This flaw allows an attacker with network access to pass specially crafted files, causing an application to halt or crash. The root cause of this issue was from the memcpy function in tifunix.c...

5.5CVSS7.5AI score0.01336EPSS
Exploits1References4
redhat
redhat
added 2021/11/09 5:42 p.m.4 views

python-pillow: Negative-offset memcpy in TIFF image reader

A flaw was found in python-pillow. In TiffDecode.c, there is a negative-offset memcpy with an invalid size which could lead to a system crash...

7.5CVSS7.3AI score0.02372EPSS
Exploits0References4
cnnvd
cnnvd
added 2021/07/20 12:0 a.m.4 views

MAT File I/O Library 缓冲区错误漏洞

The MAT File I/O Library matio is an open source, C language library for reading and writing binary MATLAB MAT files. A buffer error vulnerability exists in matio a.k.a. MAT File I O Library 1.5.20 and 1.5.21, which stems from a heap-based buffer overflow in the H5MM memcpy called from the H5MM...

6.5CVSS6.7AI score0.01503EPSS
Exploits0References8
redhat
redhat
added 2020/08/12 11:45 a.m.9 views

kernel: heap-based buffer overflow in mwifiex_ret_wmm_get_status function in drivers/net/wireless/marvell/mwifiex/wmm.c

A flaw was found in the Linux kernel. The Marvell mwifiex driver allows a remote WiFi access point to trigger a heap-based memory buffer overflow due to an incorrect memcpy operation. The highest threat from this vulnerability is to data integrity and system availability...

7.1CVSS7.4AI score0.01218EPSS
Exploits0References4
osv
osv
added 2020/04/01 10:15 p.m.5 views

UBUNTU-CVE-2020-6096

An exploitable signed comparison vulnerability exists in the ARMv7 memcpy implementation of GNU glibc 2.30.9000. Calling memcpy on ARMv7 targets that utilize the GNU glibc implementation with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker...

8.1CVSS7.6AI score0.05223EPSS
Exploits0References5
Rows per page
Query Builder