Lucene search
+L

760 matches found

Tenable Nessus
Tenable Nessus
added 5 days ago11 views

Linux Distros Unpatched Vulnerability : CVE-2026-61870

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick before 7.1.2-26 contains a memory leak vulnerability in the VIFF encoder when memory allocation fails. Attackers can trigger allocation failures by...

7.5CVSS6.1AI score0.00191EPSS
Exploits0References3
NVD
NVD
added 6 days ago8 views

CVE-2026-61861

ImageMagick before 7.1.2-26 contains a use-after-free vulnerability in the FormatMagickCaption method when memory allocation fails. Attackers can trigger memory allocation failures to cause a dangling pointer to reference freed memory, potentially enabling denial of service or code execution...

7.5CVSS0.00323EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago8 views

EUVD-2026-43188

ImageMagick before 7.1.2-26 contains a use-after-free vulnerability in the FormatMagickCaption method when memory allocation fails. Attackers can trigger memory allocation failures to cause a dangling pointer to reference freed memory, potentially enabling denial of service or code execution...

6.3CVSS6.2AI score0.00323EPSS
Exploits0References2
CVE
CVE
added 6 days ago19 views

CVE-2026-61870

ImageMagick before 7.1.2-26 contains a memory leak in the VIFF encoder when memory allocation fails. An attacker can trigger allocation failures by processing specially crafted VIFF images to exhaust memory and cause a DoS. Remediation: upgrade to ImageMagick 7.1.2-26 or later; apply vendor patch...

7.5CVSS6.1AI score0.00191EPSS
Exploits0References2Affected Software1
OSV
OSV
added 6 days ago4 views

CVE-2026-61870 ImageMagick before 7.1.2-26 Memory Leak via VIFF Encoder

ImageMagick before 7.1.2-26 contains a memory leak vulnerability in the VIFF encoder when memory allocation fails. Attackers can trigger allocation failures by processing specially crafted VIFF images to exhaust available memory and cause denial of service...

2.1CVSS6.1AI score0.00191EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 6 days ago8 views

PT-2026-57446

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-26 Description A use-after-free issue exists in the FormatMagickCaption function. This occurs when memory allocation fails, causing a dangling pointer to reference memory that has already been freed. An...

7.5CVSS6.3AI score0.00323EPSS
Exploits0References18
NVD
NVD
added last week8 views

CVE-2026-56373

ImageMagick before 7.1.2-15 contains a use-after-free vulnerability in the PDB decoder that uses a stale pointer when memory allocation fails. Attackers can trigger this vulnerability by processing malicious PDB files to cause crashes or write a single zero byte to freed memory...

6.3CVSS0.0023EPSS
Exploits0References2
Cvelist
Cvelist
added last week32 views

CVE-2026-56373 ImageMagick - Use-After-Free Write in PDB Decoder

ImageMagick before 7.1.2-15 contains a use-after-free vulnerability in the PDB decoder that uses a stale pointer when memory allocation fails. Attackers can trigger this vulnerability by processing malicious PDB files to cause crashes or write a single zero byte to freed memory...

6.3CVSS0.0023EPSS
Exploits0References2
OSV
OSV
added last week3 views

CVE-2026-56373 ImageMagick - Use-After-Free Write in PDB Decoder

ImageMagick before 7.1.2-15 contains a use-after-free vulnerability in the PDB decoder that uses a stale pointer when memory allocation fails. Attackers can trigger this vulnerability by processing malicious PDB files to cause crashes or write a single zero byte to freed memory...

6.3CVSS6.1AI score0.0023EPSS
Exploits0References4
NVD
NVD
added 2026/07/01 2:16 p.m.6 views

CVE-2026-53335

In the Linux kernel, the following vulnerability has been resolved: mm/damon/lrusort: handle ctx allocation failure DAMONLRUSORT allocates the damonctx object for its kdamond in its init function. damonlrusortenabledstore wrongly assumes the allocation will always succeed once tried. If the...

0.00166EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 1:32 p.m.8 views

EUVD-2026-40968

In the Linux kernel, the following vulnerability has been resolved: mm/damon/reclaim: handle ctx allocation failure Patch series "mm/damon/reclaim,lrusort: handle ctx allocation failures". DAMONRECLAIM and DAMONLRUSORT could dereference NULL pointers if their damonctx object allocations fail. The...

6.2AI score0.00166EPSS
Exploits0References3
CVE
CVE
added 2026/07/01 1:32 p.m.26 views

CVE-2026-53334

The CVE-2026-53334 entry concerns the Linux kernel’s DAMON subsystem (mm/damon/reclaim). Concrete details show that if damon_ctx allocations fail, code paths may dereference a NULL ctx pointer in the reclaim path, leading to a NULL dereference. The fix patches the init flow so that damon_reclaim_...

6.2AI score0.00166EPSS
Exploits0References3
OSV
OSV
added 2026/06/26 7:40 p.m.2 views

CVE-2026-53291 ALSA: hda/conexant: Fix missing error check for jack detection

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/conexant: Fix missing error check for jack detection In cxprobe, the return value of sndhdajackdetectenablecallback is ignored. This function returns a pointer, and if it fails e.g., due to memory allocation failure, it...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References10
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Harfbuzz

HarfBuzz is a text shaping engine. Prior to version 12.3.0, there was a null pointer dereference vulnerability in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh. The function fails to check whether hbmalloc returns NULL before using placement new to construct an...

5.3CVSS5.3AI score0.00377EPSS
Exploits1References3
Snyk
Snyk
added 2026/06/10 11:12 p.m.10 views

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free in the CheckPrimitiveExtent function. An attacker can cause a crash by triggering a failed memory allocation, leading to use of freed memory. Remediation A fix was pushed into the master branch but not yet published...

8.2CVSS5.3AI score0.00227EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/08 3:46 p.m.11 views

EUVD-2026-35170

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: osdep: avoid NULL pointer dereference in rtwcbufalloc The return value of kzallocflex is used without ensuring that the allocation succeeded, and the pointer is dereferenced unconditionally. Guard the access t...

5.4AI score0.001EPSS
Exploits0References2
NVD
NVD
added 2026/05/27 8:16 p.m.21 views

CVE-2026-47271

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, src/mem.c implemented out-of-memory guards for xmalloc, xrealloc, and xstrdup using assertdata != NULL. The C standard specifies that all assert expressions are compiled out when NDEBUG is defined at...

5.1CVSS0.00122EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/27 8:8 p.m.13 views

EUVD-2026-32654

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, src/mem.c implemented out-of-memory guards for xmalloc, xrealloc, and xstrdup using assertdata != NULL. The C standard specifies that all assert expressions are compiled out when NDEBUG is defined at...

5.1CVSS5.8AI score0.00122EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/27 3:33 p.m.15 views

EUVD-2026-32362

In the Linux kernel, the following vulnerability has been resolved: mtd: intel-dg: Fix accessing regions before setting nregions The regions array is counted by nregions, but it's set only after accessing it: UBSAN: array-index-out-of-bounds in drivers/mtd/devices/mtdinteldg.c:750:15 index 0 is o...

5.8AI score0.00162EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/27 12:56 p.m.42 views

CVE-2026-46010 rxrpc: Fix error handling in rxgk_extract_token()

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix error handling in rxgkextracttoken Fix a missing bit of error handling in rxgkextracttoken: in the event that rxgkdecryptskb returns -ENOMEM, it should just return that rather than continuing on for anything else, it...

8.1CVSS0.00403EPSS
Exploits0References3
Rows per page
Query Builder