Lucene search
K

382 matches found

RedHat Linux
RedHat Linux
added yesterday2 views

httpd: mod_proxy_ajp: heap-based buffer over-read due to missing null-termination check

A flaw was found in the modproxyajp module of httpd. When processing AJP Apache JServ Protocol messages, the server fails to properly check if a string is null-terminated before attempting to read it, allowing an attacker or a malformed request to cause a heap-based buffer over-read. This issue...

5.3CVSS6.2AI score0.00485EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2 days ago4 views

httpd: mod_proxy_ajp: heap-based buffer over-read due to missing null-termination check

A flaw was found in the modproxyajp module of httpd. When processing AJP Apache JServ Protocol messages, the server fails to properly check if a string is null-terminated before attempting to read it, allowing an attacker or a malformed request to cause a heap-based buffer over-read. This issue...

5.3CVSS6AI score0.00485EPSS
Exploits0References5
NVD
NVD
added 4 days ago7 views

CVE-2026-12386

Improper null termination vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Pen allows Overflow Buffers. This issue affects Pardus Pen: from =4.1.5 before 4.2.1...

3.9CVSS0.00096EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-12386 Buffer Overflow in TUBITAK BILGEM's Pardus Pen

Improper null termination vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Pen allows Overflow Buffers. This issue affects Pardus Pen: from =4.1.5 before 4.2.1...

3.9CVSS0.00096EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago8 views

EUVD-2026-41764

Improper null termination vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Pen allows Overflow Buffers. This issue affects Pardus Pen: from =4.1.5 before 4.2.1...

3.9CVSS5.9AI score0.00096EPSS
Exploits0References1
CVE
CVE
added 4 days ago12 views

CVE-2026-12386

CVE-2026-12386 describes an improper null termination vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Pen, causing an overflow in buffers. Affected: Pardus Pen versions ≤ 4.1.5, before 4.2.1. The provided documents do not specify the exact vulnerable component, cod...

3.9CVSS5.9AI score0.00096EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 4 days ago11 views

PT-2026-55802

Name of the Vulnerable Software and Affected Versions Pardus Pen versions 4.1.5 through 4.2.0 Description An improper null termination issue in Pardus Pen allows for buffer overflows. This occurs when a string is not properly terminated with a null character, potentially allowing data to overwrit...

3.9CVSS6.1AI score0.00096EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/07/01 3:33 a.m.6 views

CVE-2026-44041 UltraVNC vncWc2Mb calls wcslen() before validating that the wide string is NUL-terminated

UltraVNC through 1.8.2.2 contains an out-of-bounds read in the wide-string to multibyte conversion helper. In rfb/dh.cpp:204, the vncWc2Mb function passes a caller-supplied WCHAR pointer to wcslen before any bounds check. If the caller provides a wide-character buffer that is not properly...

4.3CVSS5.9AI score0.00255EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 9:16 a.m.2 views

UBUNTU-CVE-2026-53150

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Reject zero-length property entries in validator tbpropertyentryvalid accepts entries with length == 0 for DIRECTORY, DATA, and TEXT types. A zero-length TEXT entry passes validation but causes an underflow in the...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References11
EUVD
EUVD
added 2026/06/25 8:38 a.m.4 views

EUVD-2026-39241

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Reject zero-length property entries in validator tbpropertyentryvalid accepts entries with length == 0 for DIRECTORY, DATA, and TEXT types. A zero-length TEXT entry passes validation but causes an underflow in the...

5.8AI score0.00128EPSS
Exploits0References8
Redos
Redos
added 2026/06/25 12:0 a.m.4 views

ROS-20260625-73-0003

The vulnerability in gnutls is related to errors that occur when a string or array is terminated with the null character. Exploiting this vulnerability can allow an attacker to cause service failures or execute arbitrary code...

9.8CVSS6.1AI score0.0105EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/23 3:37 a.m.55 views

CVE-2026-55654 Openssh: heap out-of-bounds read in red hat enterprise linux versions of openssh gssapi indicator cleanup due to missing null sentinel termination

A flaw was found in OpenSSH. This vulnerability, a heap out-of-bounds read, occurs during the cleanup of GSSAPI Generic Security Service Application Programming Interface indicators when a trailing NULL termination is missing in the auth-indicators array. A remote attacker, under specific...

3.7CVSS0.00308EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2026/06/22 3:18 p.m.7 views

httpd: mod_proxy_ajp: heap-based buffer over-read due to missing null-termination check

A flaw was found in the modproxyajp module of httpd. When processing AJP Apache JServ Protocol messages, the server fails to properly check if a string is null-terminated before attempting to read it, allowing an attacker or a malformed request to cause a heap-based buffer over-read. This issue...

5.3CVSS6AI score0.00485EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/22 3:13 p.m.5 views

httpd: mod_proxy_ajp: heap-based buffer over-read due to missing null-termination check

A flaw was found in the modproxyajp module of httpd. When processing AJP Apache JServ Protocol messages, the server fails to properly check if a string is null-terminated before attempting to read it, allowing an attacker or a malformed request to cause a heap-based buffer over-read. This issue...

5.3CVSS6AI score0.00485EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/08 2:21 p.m.10 views

kernel: Buffer overflow in drivers/xen/sys-hypervisor.c

A flaw was found in the Linux kernel. A buffer overflow vulnerability exists in the Xen hypervisor driver drivers/xen/sys-hypervisor.c. This flaw occurs because the HYPERVISORxenversionXENVERbuildid function returns a build ID that is not properly null-terminated. When the buildidshow function...

7.8CVSS5.7AI score0.00197EPSS
Exploits0References5
OSV
OSV
added 2026/06/08 11:33 a.m.10 views

USN-8395-1 netatalk vulnerabilities

Arjun Basnet discovered that Netatalk incorrectly sanitized user input in its MySQL CNID backend. A remote authenticated attacker could possibly use this issue to conduct SQL injection attacks. CVE-2026-44047 Arjun Basnet discovered that Netatalk incorrectly handled UCS-2 character set conversion...

9.9CVSS6.2AI score0.00516EPSS
Exploits0References11
Rockylinux
Rockylinux
added 2026/06/04 12:4 p.m.15 views

httpd security update

An update is available for httpd. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd packages provide the Apache HTTP Server, a powerful, efficient, and...

9.8CVSS6.3AI score0.01325EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/06/02 3:24 p.m.9 views

CVE-2026-45678

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the Postgres protocol parser assumes BIND message payloads contain a valid NUL-terminated portal name. A crafted empty or unterminated payload can make OBI slice beyond th...

7.5CVSS5.9AI score0.00341EPSS
Exploits1References3Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/01 2:43 a.m.48 views

httpd: mod_proxy_ajp: heap-based buffer over-read due to missing null-termination check

A flaw was found in the modproxyajp module of httpd. When processing AJP Apache JServ Protocol messages, the server fails to properly check if a string is null-terminated before attempting to read it, allowing an attacker or a malformed request to cause a heap-based buffer over-read. This issue...

5.3CVSS5.8AI score0.00485EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/27 9:42 p.m.21 views

httpd: mod_proxy_ajp: heap-based buffer over-read due to missing null-termination check

A flaw was found in the modproxyajp module of httpd. When processing AJP Apache JServ Protocol messages, the server fails to properly check if a string is null-terminated before attempting to read it, allowing an attacker or a malformed request to cause a heap-based buffer over-read. This issue...

5.3CVSS5.8AI score0.00485EPSS
Exploits0References5
Rows per page
Query Builder