Lucene search
+L

389 matches found

Positive Technologies
Positive Technologies
added 2026/02/13 12:0 a.m.15 views

PT-2026-8018

BACnet Protocol Stack library provides a BACnet application layer, network layer and media access MAC layer communications services. In 1.4.2, 1.5.0.rc2, and earlier, an off-by-one stack-based buffer overflow in the ubasic interpreter causes a crash SIGABRT when processing string literals longer...

5.5CVSS6AI score0.0024EPSS
Exploits1References4
OSV
OSV
added 2026/02/04 5:16 p.m.7 views

UBUNTU-CVE-2026-23092

In the Linux kernel, the following vulnerability has been resolved: iio: dac: ad3552r-hs: fix out-of-bound write in ad3552rhswritedatasource When simplewritetobuffer succeeds, it returns the number of bytes actually copied to the buffer. The code incorrectly uses 'count' as the index for null...

7.8CVSS5.9AI score0.00186EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/02/04 4:8 p.m.36 views

CVE-2026-23092 iio: dac: ad3552r-hs: fix out-of-bound write in ad3552r_hs_write_data_source

In the Linux kernel, the following vulnerability has been resolved: iio: dac: ad3552r-hs: fix out-of-bound write in ad3552rhswritedatasource When simplewritetobuffer succeeds, it returns the number of bytes actually copied to the buffer. The code incorrectly uses 'count' as the index for null...

0.00186EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 10:14 a.m.10 views

CVE-2019-2277

Out of bound read can happen due to lack of NULL termination on user controlled data in WLAN in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MSM8996AU, QCS405, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, ...

7.8CVSS7.3AI score0.00198EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2026/01/08 1:22 p.m.5 views

Security update for php8

This update for php8 fixes the following issues: Security fixes: CVE-2025-14177: getimagesize function may leak uninitialized heap memory into the APPn segments when reading images in multi-chunk mode bsc1255710. CVE-2025-14178: heap buffer overflow occurs in arraymerge when the total element cou...

8.3CVSS7.5AI score0.00573EPSS
Exploits4References12
RedhatCVE
RedhatCVE
added 2026/01/08 3:15 a.m.5 views

CVE-2026-21488

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below are vulnerable to Out-of-bounds Read, Heap-based Buffer Overflow and Improper Null Termination through its CIccTagText::Read function. This issue is fixed in version 2.3.1.2...

6.1CVSS6.8AI score0.00123EPSS
Exploits0References1
NVD
NVD
added 2026/01/06 2:15 p.m.14 views

CVE-2026-21488

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below are vulnerable to Out-of-bounds Read, Heap-based Buffer Overflow and Improper Null Termination through its CIccTagText::Read function. This issue is fixed in version 2.3.1.2...

7.1CVSS0.00123EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/06 1:52 p.m.4 views

CVE-2026-21488 iccDEV has Out-of-bounds Read, Heap-based Buffer Overflow and Improper Null Termination

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below are vulnerable to Out-of-bounds Read, Heap-based Buffer Overflow and Improper Null Termination through its CIccTagText::Read function. This issue is fixed in version 2.3.1.2...

6.1CVSS6.4AI score0.00123EPSS
Exploits0References2
CVE
CVE
added 2026/01/06 1:52 p.m.19 views

CVE-2026-21488

iccDEV is affected in versions 2.3.1.1 and earlier. The root cause is in CIccTagText::Read, leading to multiple issues: Out-of-bounds Read, Heap-based Buffer Overflow, and Improper Null Termination. The vulnerability is fixed in version 2.3.1.2. According to the connected Red Hat and NVD/OSV reco...

7.1CVSS6.4AI score0.00123EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/01/06 1:52 p.m.6 views

EUVD-2026-1157

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below are vulnerable to Out-of-bounds Read, Heap-based Buffer Overflow and Improper Null Termination through its CIccTagText::Read function. This issue is fixed in version 2.3.1.2...

6.1CVSS6.3AI score0.00123EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/06 1:52 p.m.42 views

CVE-2026-21488 iccDEV has Out-of-bounds Read, Heap-based Buffer Overflow and Improper Null Termination

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below are vulnerable to Out-of-bounds Read, Heap-based Buffer Overflow and Improper Null Termination through its CIccTagText::Read function. This issue is fixed in version 2.3.1.2...

6.1CVSS0.00123EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/06 12:0 a.m.15 views

PT-2026-1432

Name of the Vulnerable Software and Affected Versions iccDEV versions 2.3.1.1 and below Description iccDEV is a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below are susceptible to an Out-of-bounds Read, Heap-based Buffer Overflow, and Improper...

6.1CVSS6.7AI score0.00123EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.6 views

PT-2026-6162

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds write issue exists in the IIO DAC AD3552R-HS driver within the Linux kernel. The issue occurs because the code incorrectly uses a potentially oversized 'count' value as ...

7.8CVSS5.9AI score0.00186EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993229)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993229 advisory. In the Linux kernel, the following vulnerability has been resolved: efi: Don't map the entire mokvar table to determine its size Currently, when validating the mokva...

5.5CVSS6.3AI score0.00189EPSS
Exploits0References4
OSV
OSV
added 2025/12/30 1:16 p.m.13 views

UBUNTU-CVE-2022-50871

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fix qmimsghandler data structure initialization qmimsghandler is required to be null terminated by QMI module. There might be a case where a handler for a msg id is not present in the handlers array which can lead t...

5.7AI score0.00166EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/12/30 12:15 p.m.27 views

CVE-2022-50871 wifi: ath11k: Fix qmi_msg_handler data structure initialization

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fix qmimsghandler data structure initialization qmimsghandler is required to be null terminated by QMI module. There might be a case where a handler for a msg id is not present in the handlers array which can lead t...

0.00166EPSS
Exploits0References3
CVE
CVE
added 2025/12/30 12:15 p.m.17 views

CVE-2022-50871

The CVE-2022-50871 entry concerns the Linux kernel component wifi: ath11k, specifically the qmi_msg_handler data structure initialization. The issue could allow an infinite loop while searching for a handler when a msg-id handler is missing from the handlers array, leading to out-of-bounds access...

6.1AI score0.00166EPSS
Exploits0References3
OSV
OSV
added 2025/12/30 12:15 p.m.7 views

CVE-2022-50871 wifi: ath11k: Fix qmi_msg_handler data structure initialization

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fix qmimsghandler data structure initialization qmimsghandler is required to be null terminated by QMI module. There might be a case where a handler for a msg id is not present in the handlers array which can lead t...

6.3AI score0.00166EPSS
Exploits0References6
OSV
OSV
added 2025/12/30 12:10 p.m.7 views

CVE-2022-50828 clk: zynqmp: Fix stack-out-of-bounds in strncpy`

In the Linux kernel, the following vulnerability has been resolved: clk: zynqmp: Fix stack-out-of-bounds in strncpy "BUG: KASAN: stack-out-of-bounds in strncpy+0x30/0x68" Linux-ATF interface is using 16 bytes of SMC payload. In case clock name is longer than 15 bytes, string terminated NULL...

6.5AI score0.00206EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/12/30 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992192)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992192 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmfcpreinitdcmds This patch fixes a...

7.8CVSS6.7AI score0.00153EPSS
Exploits0References4
Rows per page
Query Builder