Lucene search
K

2219 matches found

BDU FSTEC
BDU FSTEC
•added yesterday•17 views

The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

8.4CVSS6AI score0.00456EPSS
Exploits0References2
NVD
NVD
•added 6 days ago•7 views

CVE-2026-10699

Missing release of memory after effective lifetime vulnerability in Progress MOVEit Transfer Custom Reports modules. This issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.8, from 2025.1.0 before 2025.1.4, from 2026.0.0 before 2026.0.1...

7.5CVSS0.00283EPSS
Exploits0References1
Positive Technologies
Positive Technologies
•added 6 days ago•7 views

PT-2026-56453

Missing release of memory after effective lifetime vulnerability in Progress MOVEit Transfer Custom Reports modules. This issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.8, from 2025.1.0 before 2025.1.4, from 2026.0.0 before 2026.0.1...

7.5CVSS5.9AI score0.00283EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
•added 2026/07/01 3:11 p.m.•6 views

CVE-2026-24266

NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause a use-after-free issue. A successful exploit of this vulnerability might lead to denial of service...

5.9CVSS5.8AI score0.00717EPSS
Exploits0References4Affected Software1
OSV
OSV
•added 2026/06/30 11:16 a.m.•2 views

DEBIAN-CVE-2026-53916

Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. An unauthenticated client that opens a STOMP NIO connection can send header bytes that never terminate which makes the broker buffer them without limit, exhausting the JVM hea...

7.5CVSS5.9AI score0.00796EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2026/06/30 8:26 a.m.•13 views

CVE-2026-12610

A flaw was found in sssd. When authenticating with a YubiKey, the SSSD PAM responder can crash due to a use-after-free vulnerability, where a memory pointer is incorrectly handled. A local attacker could exploit this flaw by manipulating smartcard or YubiKey contents, leading to a denial of servi...

6.4CVSS5.8AI score0.00155EPSS
Exploits0References4
OSV
OSV
•added 2026/06/29 11:50 a.m.•7 views

PYSEC-2026-549 TensorFlow has a heap out-of-buffer read vulnerability in the QuantizeAndDequantize operation

Impact Attackers using Tensorflow can exploit the vulnerability. They can access heap memory which is not in the control of user, leading to a crash or RCE. When axis is larger than the dim of input, c-Diminput,axis goes out of bound. Same problem occurs in the QuantizeAndDequantizeV2/V3/V4/V4Gra...

9.8CVSS6.7AI score0.00831EPSS
Exploits1References6
CVE
CVE
•added 2026/06/28 10:30 p.m.•12 views

CVE-2026-13511

CVE-2026-13511 affects VoltAgent up to 2.1.17, specifically the Memory REST API’s memory.handlers.ts function handleGetMemoryConversation. The issue arises from manipulating the argument conversationId, leading to improper authorization. Exploitation is described as possible from remote, with hig...

3.1CVSS5.2AI score0.0022EPSS
Exploits0References7
OSV
OSV
•added 2026/06/26 5:2 p.m.•4 views

GHSA-XV9W-7V6Q-HPJH fluent-plugin-s3 Vulnerable to Denial of Service (DoS) via Decompression Bomb in `in_s3`

The fluent-plugin-s3 plugin specifically the ins3 input plugin supports reading and decompressing heavily compressed files such as gzip, lzma2, and lzop from Amazon S3. It was discovered that the plugin read the entire decompressed payload into memory at once without enforcing a strict size limit...

2.7CVSS5.8AI score
Exploits0References3
RedhatCVE
RedhatCVE
•added 2026/06/26 12:18 a.m.•9 views

CVE-2026-53247

A flaw was found in the Linux kernel's ethernet driver for MediaTek mtkethsoc network devices. This vulnerability, a 'use-after-free', occurs when the system attempts to free a memory region while it is still being used by network packet processing. This can allow a local attacker to trigger syst...

9.8CVSS5.9AI score0.00507EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/25 10:33 a.m.•4 views

libpng: libpng: Arbitrary code execution due to use-after-free vulnerability

A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...

7.5CVSS7AI score0.01052EPSS
Exploits1References10
RedHat Linux
RedHat Linux
•added 2026/06/22 3:13 p.m.•5 views

mod_http2: Apache HTTP Server: HTTP/2 DoS by Memory Increase

A flaw was found in Apache HTTP Server. This late release of memory after effective lifetime vulnerability allows a remote, unauthenticated attacker to cause a denial of service DoS. The vulnerability can lead to resource exhaustion, making the server unavailable to legitimate users...

7.5CVSS5.8AI score0.04409EPSS
Exploits1References5
Redos
Redos
•added 2026/06/22 12:0 a.m.•5 views

ROS-20260622-73-0011

The vulnerability in Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.5CVSS6.5AI score0.00375EPSS
Exploits0
Tenable Nessus
Tenable Nessus
•added 2026/06/22 12:0 a.m.•8 views

Amazon Linux 2 : webkitgtk4, --advisory ALAS2-2026-3381 (ALAS-2026-3381)

The version of webkitgtk4 installed on the remote host is prior to 2.52.4-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3381 advisory. The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7....

8.8CVSS6.8AI score0.00693EPSS
Exploits0References34
Redos
Redos
•added 2026/06/17 12:0 a.m.•7 views

ROS-20260617-73-0006

The vulnerability in ImageMagick 7 is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.2CVSS8.6AI score0.0042EPSS
Exploits0
OSV
OSV
•added 2026/06/16 8:41 a.m.•5 views

USN-8432-1 freerdp2, freerdp3 vulnerabilities

It was discovered that FreeRDP incorrectly handled memory under certain circumstances, which could lead to an out-of-bounds heap write. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2026-45700 In addition, this update fixes a regression...

9.8CVSS5.7AI score0.0049EPSS
Exploits1References3
Redos
Redos
•added 2026/06/16 12:0 a.m.•8 views

ROS-20260616-73-0022

The vulnerability in ImageMagick is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a system failure...

8.1CVSS5.5AI score0.00334EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2026/06/15 2:0 p.m.•15 views

Chromium: CVE-2026-12007 Use after freeĀ  Core

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS5.2AI score0.00287EPSS
Exploits0
Redos
Redos
•added 2026/06/15 12:0 a.m.•8 views

ROS-20260615-73-0010

The vulnerability of the RDP client FreeRDP is related to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

7.5CVSS5.4AI score0.00427EPSS
Exploits0
Redos
Redos
•added 2026/06/15 12:0 a.m.•11 views

ROS-20260615-73-0029

The vulnerability of the xfclipboardformatequal function in the RDP client FreeRDP relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

9.8CVSS8.3AI score0.00567EPSS
Exploits1
Rows per page
Query Builder