Lucene search
+L

2348 matches found

NVD
NVD
added 17 hours ago8 views

CVE-2026-60060

Improper Handling of Length Parameter Inconsistency CWE-130 vulnerability exists in TTSSH2 plugin of Tera Term provided by TeraTerm Project. When Tera Term attempts to establish an SSH connection to a server set up by an attacker, out-of-bounds read/write may occur. As a result, the contents of...

6.3CVSS
Exploits0References3
EUVD
EUVD
added 18 hours ago7 views

EUVD-2026-45140

Unsigned to Signed Conversion Error CWE-196 vulnerability exists in TTSSH2 plugin of Tera Term provided by TeraTerm Project. When Tera Term attempts to establish an SSH connection to a server set up by an attacker, out-of-bounds read/write may occur. As a result, the contents of adjacent memory...

6.3CVSS6.6AI score
Exploits0References3
Cvelist
Cvelist
added yesterday40 views

CVE-2026-3842 Qemu-kvm: hyperv/syndbg: missing mapped-length guard after cpu_physical_memory_map causes host oob write

A flaw was found in QEMU. This vulnerability allows a local attacker within a guest virtual machine to write data beyond its allocated memory. This occurs when cpuphysicalmemorymap returns a shorter length than expected, leading to an out-of-bounds write. Successful exploitation could result in...

7.8CVSS0.00111EPSS
Exploits0References2
CVE
CVE
added 2 days ago16 views

CVE-2026-14961

CVE-2026-14961 affects Pegatron tdeio64.sys exposing the .�5cTdeIo device. The IOCTL dispatch lacks privilege validation and does not validate user-supplied kernel addresses, allowing arbitrary kernel memory read/write and privilege escalation to NT AUTHORITY\SYSTEM. The linked explainer also not...

6.2CVSS6.2AI score0.00121EPSS
Exploits1References1
NVD
NVD
added 3 days ago5 views

CVE-2026-47976

Media Encoder is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00235EPSS
Exploits0References1
CVE
CVE
added 4 days ago22 views

CVE-2026-9492

CVE-2026-9492 affects Gigabyte Control Center (GCC) MBStorage DRAM lighting control module. The vulnerability resides in the MyPortIO_x64.sys driver, where improper access control allows authenticated local attackers to issue IOCTL commands that can read and write physical memory, leading to kern...

8.5CVSS6.1AI score0.00109EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/10 8:57 p.m.7 views

EUVD-2026-43043

Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a memory write outside the permitted range of memory for the host kernel. A TOCTOU bug existed where a malicious driver could modify values in memory after firmware validation but befo...

6.1AI score0.00092EPSS
Exploits0References1
NVD
NVD
added 2026/07/10 5:16 a.m.8 views

CVE-2026-21057

Improper input validation in Samsung Pass prior to version 5.2.10.3 allows local privileged attackers to write out-of-bounds memory...

6.8CVSS0.00116EPSS
Exploits0References1
NVD
NVD
added 2026/07/10 5:16 a.m.10 views

CVE-2026-21045

Out-of-bounds write in parsing TIFF format in libimagecodec.media.quram.so prior to SMR Jul-2026 Release 1 allows remote attackers to write out-of-bounds memory...

8.3CVSS0.00379EPSS
Exploits1References1
NVD
NVD
added 2026/07/10 5:16 a.m.9 views

CVE-2026-21048

Out-of-bounds write in parsing DNG format in libimagecodec.media.quram.so prior to SMR Jul-2026 Release 1 allows remote attackers to write out-of-bounds memory...

8.3CVSS0.00379EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/07/10 4:58 a.m.9 views

CVE-2026-21057

Improper input validation in Samsung Pass prior to version 5.2.10.3 allows local privileged attackers to write out-of-bounds memory...

6.8CVSS5.9AI score0.00116EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/10 4:58 a.m.34 views

CVE-2026-21057

Improper input validation in Samsung Pass prior to version 5.2.10.3 allows local privileged attackers to write out-of-bounds memory...

6.8CVSS0.00116EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/10 4:58 a.m.9 views

EUVD-2026-42818

Out-of-bounds write in parsing DNG format in libimagecodec.media.quram.so prior to SMR Jul-2026 Release 1 allows remote attackers to write out-of-bounds memory...

8.3CVSS6AI score0.00379EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/07/10 4:58 a.m.39 views

CVE-2026-21048

Out-of-bounds write in parsing DNG format in libimagecodec.media.quram.so prior to SMR Jul-2026 Release 1 allows remote attackers to write out-of-bounds memory...

8.3CVSS0.00379EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/07/10 4:58 a.m.6 views

CVE-2026-21045

Out-of-bounds write in parsing TIFF format in libimagecodec.media.quram.so prior to SMR Jul-2026 Release 1 allows remote attackers to write out-of-bounds memory...

8.3CVSS6AI score0.00379EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/07/10 4:58 a.m.31 views

CVE-2026-21045

Out-of-bounds write in parsing TIFF format in libimagecodec.media.quram.so prior to SMR Jul-2026 Release 1 allows remote attackers to write out-of-bounds memory...

8.3CVSS0.00379EPSS
Exploits1References1
OSV
OSV
added 2026/07/09 6:40 p.m.2 views

SUSE-SU-2026:2829-1 Security update for libaom

This update for libaom fixes the following issues: - CVE-2026-56208: untrusted encoder configuration inputs can lead to a heap-based buffer overflow and a process crash bsc1268650. - CVE-2026-56209: crafted video frames with specific Y-plane pixel values can lead to an arbitrary memory write...

7.6CVSS6.6AI score0.00414EPSS
Exploits0References9
Github Security Blog
Github Security Blog
added 2026/07/08 9:12 p.m.8 views

Serena: Unauthenticated Flask dashboard on fixed port enables DNS rebinding → memory poisoning → RCE

Summary Serena's built-in web dashboard exposes an unauthenticated Flask API on a fixed, predictable port TCP 24282, hardcoded as 0x5EDA in constants.py. The server has no authentication, no CSRF protection, and no Host header validation. A DNS rebinding attack allows a malicious webpage to reach...

8.3CVSS6.7AI score0.00237EPSS
Exploits0References5Affected Software1
RedHat Linux
RedHat Linux
added 2026/07/08 3:22 p.m.4 views

kernel: ALSA: usb-audio: Add sanity check for OOB writes at silencing

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture USB audio subsystem. An inconsistency in how USB audio playback and capture streams are handled can lead to an out-of-bounds write to a memory buffer. This can result in a system crash, causing a denial of service for a...

7.8CVSS5.9AI score0.00123EPSS
Exploits0References5
EUVD
EUVD
added 2026/07/08 12:37 a.m.8 views

EUVD-2026-42126

mem0's openmemory/api component contains an unauthenticated access vulnerability that allows unauthenticated attackers to read, write, and delete arbitrary user memories by accessing API routers registered without authentication middleware. Attackers can supply arbitrary userid parameters or...

9.8CVSS6AI score0.00498EPSS
Exploits0References5
Rows per page
Query Builder