Lucene search
+L

2232 matches found

BDU FSTEC
BDU FSTEC
added yesterday21 views

The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

8.4CVSS6AI score0.00456EPSS
Exploits0References2
OSV
OSV
added 2 days ago8 views

UBUNTU-CVE-2026-61868

ImageMagick before 7.1.2-26 and 6.9.x before 6.9.13-51 contains a memo...

6.3CVSS6.1AI score0.00222EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 4 days ago5 views

Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability

Memory allocation with excessive size value in Windows Local Security Authority Subsystem Service LSASS allows an unauthorized attacker to deny service over a network...

7.5CVSS6.1AI score0.00816EPSS
Exploits0
NVD
NVD
added 2026/07/08 3:16 p.m.8 views

CVE-2026-10699

Missing release of memory after effective lifetime vulnerability in Progress MOVEit Transfer Custom Reports modules. This issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.8, from 2025.1.0 before 2025.1.4, from 2026.0.0 before 2026.0.1...

7.5CVSS0.00283EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.8 views

PT-2026-56453

Missing release of memory after effective lifetime vulnerability in Progress MOVEit Transfer Custom Reports modules. This issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.8, from 2025.1.0 before 2025.1.4, from 2026.0.0 before 2026.0.1...

7.5CVSS5.9AI score0.00283EPSS
Exploits0References3
Snyk
Snyk
added 2026/07/01 9:19 p.m.4 views

Use of Uninitialized Resource

Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

6.9CVSS6AI score0.00197EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/01 3:11 p.m.7 views

CVE-2026-24266

NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause a use-after-free issue. A successful exploit of this vulnerability might lead to denial of service...

5.9CVSS5.8AI score0.00717EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/06/30 11:16 a.m.4 views

DEBIAN-CVE-2026-53916

Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. An unauthenticated client that opens a STOMP NIO connection can send header bytes that never terminate which makes the broker buffer them without limit, exhausting the JVM hea...

7.5CVSS5.9AI score0.00796EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/30 8:26 a.m.13 views

CVE-2026-12610

A flaw was found in sssd. When authenticating with a YubiKey, the SSSD PAM responder can crash due to a use-after-free vulnerability, where a memory pointer is incorrectly handled. A local attacker could exploit this flaw by manipulating smartcard or YubiKey contents, leading to a denial of servi...

6.4CVSS5.8AI score0.00155EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.12 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : SQLite vulnerabilities (USN-8480-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8480-1 advisory. It was discovered that SQLite incorrectly handled certain memory operations in the FTS5 full-text search extension. An...

8.5CVSS7.2AI score0.00175EPSS
Exploits0References3
OSV
OSV
added 2026/06/29 11:50 a.m.8 views

PYSEC-2026-549 TensorFlow has a heap out-of-buffer read vulnerability in the QuantizeAndDequantize operation

Impact Attackers using Tensorflow can exploit the vulnerability. They can access heap memory which is not in the control of user, leading to a crash or RCE. When axis is larger than the dim of input, c-Diminput,axis goes out of bound. Same problem occurs in the QuantizeAndDequantizeV2/V3/V4/V4Gra...

9.8CVSS6.7AI score0.00831EPSS
Exploits1References6
CVE
CVE
added 2026/06/28 10:30 p.m.14 views

CVE-2026-13511

CVE-2026-13511 affects VoltAgent up to 2.1.17, specifically the Memory REST API’s memory.handlers.ts function handleGetMemoryConversation. The issue arises from manipulating the argument conversationId, leading to improper authorization. Exploitation is described as possible from remote, with hig...

3.1CVSS5.2AI score0.0022EPSS
Exploits0References7
OSV
OSV
added 2026/06/26 5:2 p.m.5 views

GHSA-XV9W-7V6Q-HPJH fluent-plugin-s3 Vulnerable to Denial of Service (DoS) via Decompression Bomb in `in_s3`

The fluent-plugin-s3 plugin specifically the ins3 input plugin supports reading and decompressing heavily compressed files such as gzip, lzma2, and lzop from Amazon S3. It was discovered that the plugin read the entire decompressed payload into memory at once without enforcing a strict size limit...

2.7CVSS5.8AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/26 12:18 a.m.11 views

CVE-2026-53247

A flaw was found in the Linux kernel's ethernet driver for MediaTek mtkethsoc network devices. This vulnerability, a 'use-after-free', occurs when the system attempts to free a memory region while it is still being used by network packet processing. This can allow a local attacker to trigger syst...

9.8CVSS5.9AI score0.00507EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/25 10:33 a.m.4 views

libpng: libpng: Arbitrary code execution due to use-after-free vulnerability

A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...

7.5CVSS7AI score0.01052EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2026/06/22 3:13 p.m.6 views

mod_http2: Apache HTTP Server: HTTP/2 DoS by Memory Increase

A flaw was found in Apache HTTP Server. This late release of memory after effective lifetime vulnerability allows a remote, unauthenticated attacker to cause a denial of service DoS. The vulnerability can lead to resource exhaustion, making the server unavailable to legitimate users...

7.5CVSS5.8AI score0.04409EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.9 views

Amazon Linux 2 : webkitgtk4, --advisory ALAS2-2026-3381 (ALAS-2026-3381)

The version of webkitgtk4 installed on the remote host is prior to 2.52.4-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3381 advisory. The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7....

8.8CVSS6.8AI score0.00693EPSS
Exploits0References34
Redos
Redos
added 2026/06/22 12:0 a.m.7 views

ROS-20260622-73-0011

The vulnerability in Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.5CVSS6.5AI score0.00375EPSS
Exploits0
Redos
Redos
added 2026/06/17 12:0 a.m.8 views

ROS-20260617-73-0006

The vulnerability in ImageMagick 7 is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.2CVSS8.6AI score0.0042EPSS
Exploits0
OSV
OSV
added 2026/06/16 8:41 a.m.6 views

USN-8432-1 freerdp2, freerdp3 vulnerabilities

It was discovered that FreeRDP incorrectly handled memory under certain circumstances, which could lead to an out-of-bounds heap write. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2026-45700 In addition, this update fixes a regression...

9.8CVSS5.7AI score0.00502EPSS
Exploits1References3
Rows per page
Query Builder