Lucene search
K

146 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in netcdf

The ezxmlnew function in ezXML 0.8.6 and earlier is vulnerable to OOB write attacks when opening an XML file after exhausting the memory pool...

8.1CVSS7.2AI score0.01178EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in netcdf

A issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmldecode, during the parsing of a crafted XML file, performs incorrect memory handling, resulting in an over-reading of the heap-based buffer in the “normalize line endings” feature...

6.5CVSS6.7AI score0.01169EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerability in netcdf

A issue was discovered in ezXML 0.8.3 through 0.8.6. The ezxmlparse functions improperly handle XML entities, resulting in an infinite loop where memory allocation occurs...

6.5CVSS6.6AI score0.01169EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in netcdf

The ezxmltoxml function in ezxml 0.8.6 and earlier is vulnerable to out-of-band OOB writes when opening an XML file after exhausting the memory pool...

8.1CVSS7.2AI score0.01178EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.9 views

CVE-2026-49014

In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...

7.8CVSS6.5AI score0.00102EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 8:44 a.m.11 views

BIT-GDAL-2026-49014

In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...

7.8CVSS6.6AI score0.00102EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/27 12:57 p.m.15 views

SUSE CVE-2026-49014

In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...

7.4CVSS6.7AI score0.00102EPSS
Exploits0References3
OSV
OSV
added 2026/05/27 2:16 a.m.6 views

DEBIAN-CVE-2026-49014

In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...

7.8CVSS6.7AI score0.00102EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 2:16 a.m.15 views

CVE-2026-49014

In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...

7.8CVSS0.00102EPSS
Exploits0References1
PyPA
PyPA
added 2026/05/27 2:16 a.m.12 views

PYSEC-2026-193

In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...

7.8CVSS6.5AI score0.00102EPSS
Exploits0References1Affected Software1
UbuntuCve
UbuntuCve
added 2026/05/27 2:16 a.m.17 views

CVE-2026-49014

In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...

7.4CVSS6.7AI score0.00102EPSS
Exploits0References2
OSV
OSV
added 2026/05/27 2:16 a.m.9 views

UBUNTU-CVE-2026-49014

In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...

7.8CVSS6.7AI score0.00102EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/27 1:39 a.m.10 views

CVE-2026-49014

In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...

7.4CVSS6.7AI score0.00102EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/27 1:39 a.m.15 views

EUVD-2026-32039

In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...

7.4CVSS6.7AI score0.00102EPSS
Exploits0References1
CVE
CVE
added 2026/05/27 1:39 a.m.30 views

CVE-2026-49014

CVE-2026-49014 affects GDAL versions 3.1.0–3.13.0 via the netCDF driver. The vulnerability resides in scanForGeometryContainers (frmts/netcdf/netcdfsg.cpp), where a geometry attribute is read into a fixed-size stack buffer without validating its length, allowing a stack-based buffer overflow that...

7.8CVSS6.7AI score0.00102EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2026/05/27 1:39 a.m.14 views

CVE-2026-49014

In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...

7.8CVSS6.7AI score0.00102EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/05/27 1:39 a.m.10 views

CVE-2026-49014

In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...

7.8CVSS6.7AI score0.00102EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/27 1:39 a.m.34 views

CVE-2026-49014

In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...

7.4CVSS0.00102EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.16 views

PT-2026-43475

Name of the Vulnerable Software and Affected Versions GDAL versions 3.1.0 through 3.13.0 Description The netCDF driver contains a stack-based buffer overflow in the scanForGeometryContainers function located in frmts/netcdf/netcdfsg.cpp. The issue occurs because the function reads a geometry...

7.8CVSS6.5AI score0.00102EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.15 views

GDAL 安全漏洞

GDAL is an open-source geospatial data abstraction library developed by the GDAL community. Versions 3.1.0 to 3.13.0 of GDAL contain security vulnerabilities. These vulnerabilities stem from the scanForGeometryContainers function in the netCDF driver, which reads geometric properties into a...

7.4CVSS6AI score0.00102EPSS
Exploits0References1
Rows per page
Query Builder