Lucene search
K

8869 matches found

RedhatCVE
RedhatCVE
added yesterday4 views

CVE-2026-60103

A flaw was found in Blender. A remote attacker could exploit an out-of-bounds read vulnerability by providing a specially crafted .blend file. This vulnerability occurs when the application processes a malicious memberindex value without proper validation, leading to an attempt to access memory...

6.8CVSS6.1AI score
Exploits0References6
NVD
NVD
added yesterday6 views

CVE-2026-60103

Blender 3.0.0 through 5.1.2 contains an out-of-bounds read vulnerability that allows attackers to trigger a crash or read adjacent heap memory by supplying a crafted .blend file with a malicious signed short memberindex value in the SDNA block. The memberindex field is used as an array index into...

6.8CVSS
Exploits0References3
CVE
CVE
added yesterday15 views

CVE-2026-60103

Blender 3.0.0–5.1.2 contains an out-of-bounds read via a crafted .blend SDNA block. The signed short member_index is used as an array index into sdna->members[] in sdna_expand_names() without bounds checking, producing an invalid pointer that is then passed to strlen(), causing a SIGSEGV or un...

6.8CVSS6.1AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 4 days ago8 views

CVE-2026-53877

A flaw was found in Django. Instantiating django.contrib.gis.gdal.GDALRaster with a bytes object representing a raster file can trigger a heap buffer over-read in the vsibuffer property, reading roughly 32 bytes past the end of the allocated buffer. An attacker who can supply crafted raster data...

6.3CVSS6.1AI score0.00291EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 5 days ago5 views

MiracleLinux 8 : php:7.4 (AXSA:2026-1217:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-1217:01 advisory. php: php-soap: php-src: PHP SOAP extension: Remote Code Execution via use-after-free vulnerability CVE-2026-6722 PHP: PHP: Denial of Service via...

9.8CVSS7.1AI score0.0078EPSS
Exploits1References7
Debian CVE
Debian CVE
added 6 days ago4 views

CVE-2026-15109

Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

6.5CVSS6AI score0.00215EPSS
Exploits0
Cvelist
Cvelist
added 6 days ago32 views

CVE-2026-15109

Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

0.00215EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 6 days ago4 views

httpd: mod_proxy_ajp: heap-based buffer over-read and memory disclosure in ajp_parse_data()

A flaw was found in the modproxyajp module of httpd. When processing AJP Apache JServ Protocol messages, the ajpparsedata function attempts to read data beyond the allocated buffer size, allowing an attacker or a malformed request to cause a heap-based buffer over-read. This issue potentially lea...

7.5CVSS7.1AI score0.00394EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 6 days ago4 views

httpd: mod_proxy_ajp: heap-based buffer over-read due to missing null-termination check

A flaw was found in the modproxyajp module of httpd. When processing AJP Apache JServ Protocol messages, the server fails to properly check if a string is null-terminated before attempting to read it, allowing an attacker or a malformed request to cause a heap-based buffer over-read. This issue...

5.3CVSS6.2AI score0.00485EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 6 days ago3 views

httpd: mod_proxy_ajp: heap-based buffer over-read due to missing null-termination check

A flaw was found in the modproxyajp module of httpd. When processing AJP Apache JServ Protocol messages, the server fails to properly check if a string is null-terminated before attempting to read it, allowing an attacker or a malformed request to cause a heap-based buffer over-read. This issue...

5.3CVSS6.2AI score0.00485EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 6 days ago3 views

httpd: mod_proxy_ajp: heap-based buffer over-read and memory disclosure in ajp_parse_data()

A flaw was found in the modproxyajp module of httpd. When processing AJP Apache JServ Protocol messages, the ajpparsedata function attempts to read data beyond the allocated buffer size, allowing an attacker or a malformed request to cause a heap-based buffer over-read. This issue potentially lea...

7.5CVSS7.1AI score0.00394EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added last week4 views

httpd: mod_proxy_ajp: heap-based buffer over-read and memory disclosure in ajp_parse_data()

A flaw was found in the modproxyajp module of httpd. When processing AJP Apache JServ Protocol messages, the ajpparsedata function attempts to read data beyond the allocated buffer size, allowing an attacker or a malformed request to cause a heap-based buffer over-read. This issue potentially lea...

7.5CVSS6AI score0.00394EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added last week4 views

httpd: mod_proxy_ajp: heap-based buffer over-read due to missing null-termination check

A flaw was found in the modproxyajp module of httpd. When processing AJP Apache JServ Protocol messages, the server fails to properly check if a string is null-terminated before attempting to read it, allowing an attacker or a malformed request to cause a heap-based buffer over-read. This issue...

5.3CVSS6AI score0.00485EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added last week6 views

Important: Red Hat Security Advisory: httpd:2.4 security update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabilit...

9.8CVSS6.6AI score0.11471EPSS
Exploits9References8
RedHat Linux
RedHat Linux
added last week4 views

kernel: drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs()

A flaw was found in the Linux kernel's Direct Rendering Manager DRM Graphics Execution Manager GEM component. This vulnerability arises from an inconsistent calculation of plane dimensions, which can lead to incorrect memory allocation checks. A local attacker could exploit this by creating a...

7.8CVSS6.7AI score0.00139EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added last week10 views

kernel: netfilter: nfnetlink_cthelper: fix OOB read in nfnl_cthelper_dump_table()

A flaw was found in the Linux kernel's nfnetlinkcthelper component. This vulnerability, an out-of-bounds read, occurs in the nfnlcthelperdumptable function when a network connection tracking helper is removed during a dump operation, leading to a bypassed bounds check. A local attacker could...

7.1CVSS5.9AI score0.00132EPSS
Exploits0References5
NVD
NVD
added 2026/07/07 3:16 p.m.8 views

CVE-2026-53877

An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16. django.contrib.gis.gdal.GDALRaster over-reads its in-memory buffer when constructed from a bytes object, which can disclose adjacent memory or cause service degradation via a potential segmentation fault when the vsibuffer...

6.3CVSS0.00291EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/07/07 2:10 p.m.4 views

CVE-2026-53877

An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16. django.contrib.gis.gdal.GDALRaster over-reads its in-memory buffer when constructed from a bytes object, which can disclose adjacent memory or cause service degradation via a potential segmentation fault when the vsibuffer...

6.3CVSS6AI score0.00291EPSS
Exploits0
EUVD
EUVD
added 2026/07/07 2:10 p.m.8 views

EUVD-2026-42044

An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16. django.contrib.gis.gdal.GDALRaster over-reads its in-memory buffer when constructed from a bytes object, which can disclose adjacent memory or cause service degradation via a potential segmentation fault when the vsibuffer...

6.3CVSS6AI score0.00291EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/07 2:10 p.m.34 views

CVE-2026-53877 Heap buffer over-read in GDALRaster

An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16. django.contrib.gis.gdal.GDALRaster over-reads its in-memory buffer when constructed from a bytes object, which can disclose adjacent memory or cause service degradation via a potential segmentation fault when the vsibuffer...

6.3CVSS0.00291EPSS
Exploits0References3
Rows per page
Query Builder