Lucene search
K

297 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.13 views

EUVD-2025-17586

Malicious code in bioql PyPI...

5.3CVSS5.4AI score0.00139EPSS
Exploits0References7
Redos
Redos
added 2025/09/10 12:0 a.m.4 views

ROS-20250910-05

Vulnerability of the library for working with DICOM DCMTK format is related to dereferencing of the NULL pointer in the /libsrc/dcrleccd.cc component using a created DICOM file. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability ...

8.1CVSS7AI score0.01692EPSS
Exploits4
Veracode
Veracode
added 2025/08/07 1:18 p.m.3 views

Buffer Overflow

libtiff.so is vulnerable to Buffer Overflow. The vulnerability is due to unsafe memory manipulation in the setrow function within tools/thumbnail.c, leading to a local buffer overflow...

7.8CVSS5AI score0.00271EPSS
Exploits1References9Affected Software2
RedhatCVE
RedhatCVE
added 2025/08/01 12:6 a.m.3 views

CVE-2025-53022

TrustedFirmware-M aka Trusted Firmware for M profile Arm CPUs before 2.1.3 and 2.2.x before 2.2.1 lacks length validation during a firmware upgrade. While processing a new image, the Firmware Upgrade FWU module does not validate the length field of the Type-Length-Value TLV structure for dependen...

8.6CVSS7.4AI score0.0043EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/30 12:0 a.m.4 views

CVE-2025-53022

TrustedFirmware-M aka Trusted Firmware for M profile Arm CPUs before 2.1.3 and 2.2.x before 2.2.1 lacks length validation during a firmware upgrade. While processing a new image, the Firmware Upgrade FWU module does not validate the length field of the Type-Length-Value TLV structure for dependen...

6.7AI score0.0043EPSS
Exploits0References3
CVE
CVE
added 2025/07/30 12:0 a.m.29 views

CVE-2025-53022

Summary of CVE-2025-53022 (TrustedFirmware-M TLV vulnerability) TrustedFirmware-M (for Arm M profile) before 2.1.3 and 2.2.x before 2.2.1 lacks length validation in the Firmware Upgrade (FWU) module when processing TLV structures for dependent components. If the TLV length exceeds the allocated s...

8.6CVSS6.7AI score0.0043EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/07/30 12:0 a.m.10 views

CVE-2025-53022

TrustedFirmware-M aka Trusted Firmware for M profile Arm CPUs before 2.1.3 and 2.2.x before 2.2.1 lacks length validation during a firmware upgrade. While processing a new image, the Firmware Upgrade FWU module does not validate the length field of the Type-Length-Value TLV structure for dependen...

0.0043EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/07/24 12:0 a.m.7 views

The vulnerability of the setparentcontrolinfo() function in Tenda AC6 router software allows a hacker to trigger a service failure.

The vulnerability of the setparentcontrolinfo function in Tenda AC6 router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

9CVSS8.1AI score0.00781EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2025/07/10 11:22 a.m.17 views

CVE-2025-21006

Out-of-bounds write in handling of macro blocks for MPEG4 codec in libsavsvc.so prior to Android 15 allows local attackers to write out-of-bounds memory...

7.8CVSS7AI score0.00123EPSS
Exploits0References1
CVE
CVE
added 2025/07/08 10:34 a.m.27 views

CVE-2025-21006

CVE-2025-21006 describes an out-of-bounds write in the MPEG-4 macroblock handling of the libsavsvc.so library, affecting some Samsung/Android components prior to Android 15. The underlying issue is a memory corruption risk due to improper handling of macro blocks in the MPEG4 codec, allowing a lo...

7.8CVSS6.9AI score0.00123EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 9:20 p.m.9 views

CVE-2021-23887

Privilege Escalation vulnerability in McAfee Data Loss Prevention DLP Endpoint for Windows prior to 11.6.100 allows a local, low privileged, attacker to write to arbitrary controlled kernel addresses. This is achieved by launching applications, suspending them, modifying the memory and restarting...

7.8CVSS6.9AI score0.00217EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:27 p.m.10 views

CVE-2021-26096

Multiple instances of heap-based buffer overflow in the command shell of FortiSandbox before 4.0.0 may allow an authenticated attacker to manipulate memory and alter its content by means of specifically crafted command line arguments...

8.8CVSS7.3AI score0.00768EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:33 p.m.9 views

CVE-2020-27485

Garmin Forerunner 235 before 8.20 is affected by: Array index error. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the attacker must upload a malicious ConnectIQ application to the ConnectIQ store. The ConnectIQ program interpreter fails to check the index...

9.9CVSS6.8AI score0.01625EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/03/30 8:20 p.m.25 views

CVE-2025-2925

A vulnerability has been found in HDF5 up to 1.14.6 and classified as problematic. This vulnerability affects the function H5MMrealloc of the file src/H5MM.c. The manipulation of the argument mem leads to double free. The attack needs to be approached locally. The exploit has been disclosed to th...

3.3CVSS7.1AI score0.00242EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/03/30 6:16 a.m.16 views

CVE-2025-2027

A double free vulnerability has been identified in the ASUS System Analysis service. This vulnerability can be triggered by sending specially crafted local RPC requests, leading to the service crash and potentially memory manipulation in some rare circumstances. Refer to the 'Security Update for...

5.9CVSS7.1AI score0.00159EPSS
Exploits0References1
OSV
OSV
added 2025/03/28 8:15 p.m.6 views

AZL-59343 CVE-2025-2925 affecting package hdf5 for versions less than 1.14.6-1

A vulnerability has been found in HDF5 up to 1.14.6 and classified as problematic. This vulnerability affects the function H5MMrealloc of the file src/H5MM.c. The manipulation of the argument mem leads to double free. The attack needs to be approached locally. The exploit has been disclosed to th...

5.5CVSS4.5AI score0.00242EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2025/03/28 8:0 p.m.13 views

CVE-2025-2925

A vulnerability has been found in HDF5 up to 1.14.6 and classified as problematic. This vulnerability affects the function H5MMrealloc of the file src/H5MM.c. The manipulation of the argument mem leads to double free. The attack needs to be approached locally. The exploit has been disclosed to th...

5.5CVSS3.7AI score0.00242EPSS
Exploits1
NVD
NVD
added 2025/03/28 6:15 a.m.23 views

CVE-2025-2027

A double free vulnerability has been identified in the ASUS System Analysis service. This vulnerability can be triggered by sending specially crafted local RPC requests, leading to the service crash and potentially memory manipulation in some rare circumstances. Refer to the 'Security Update for...

5.9CVSS0.00159EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/28 5:34 a.m.19 views

CVE-2025-2027

A double free vulnerability has been identified in the ASUS System Analysis service. This vulnerability can be triggered by sending specially crafted local RPC requests, leading to the service crash and potentially memory manipulation in some rare circumstances. Refer to the 'Security Update for...

5.9CVSS0.00159EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/28 5:34 a.m.9 views

CVE-2025-2027

A double free vulnerability has been identified in the ASUS System Analysis service. This vulnerability can be triggered by sending specially crafted local RPC requests, leading to the service crash and potentially memory manipulation in some rare circumstances. Refer to the 'Security Update for...

5.9CVSS7AI score0.00159EPSS
Exploits0References1
Rows per page
Query Builder