Lucene search
K

382 matches found

Veracode
Veracode
added 2025/12/02 6:35 a.m.8 views

Improper Null Termination

python-ldap is vulnerable to an Improper Null Termination. The vulnerability is due to incorrect handling of the NUL byte in escapednchars, where it emits a backslash plus a literal NUL instead of the RFC-4514 \00, allowing attackers to supply crafted input that consistently breaks DN constructio...

6.9CVSS6.9AI score0.00427EPSS
Exploits1References5Affected Software2
Hacker One
Hacker One
added 2025/11/20 3:47 a.m.26 views

curl: Out-of-bounds read in HTTP method handling causes undefined behavior and potential crash This is sharp, Gaurav. We’ve got a real memory-safety bug ins

Summary -​‍​‌‍​‍‌​‍​‌‍​‍‌ Component: libcurl core HTTP handling HTTP/2 request translation and CONNECT detection - Type: out-of-bounds read resulting from missing null-termination - Impact: Behavior not defined by the specification, the program can crash DoS and CONNECT requests can be...

6.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2025/11/18 9:2 a.m.3 views

kernel: scsi: lpfc: Use memcpy() for BIOS version

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Use memcpy for BIOS version The strlcat with FORTIFY support is triggering a panic because it thinks the target buffer will overflow although the correct target buffer size is passed in. Anyway, instead of memset with...

5.5CVSS5.9AI score0.00167EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/11/14 12:0 a.m.6 views

Siemens RUGGEDCOM ROS Devices Improper Check for Unusual or Exceptional Conditions (CVE-2021-42020)

The third-party component, in its TFTP functionality fails to check for null terminations in file names. If an attacker were to exploit this, it could result in data corruption, and possibly a hard-fault of the application. This plugin only works with Tenable.ot. Please visit...

7.5CVSS7.4AI score0.0097EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/11/12 9:56 p.m.6 views

CVE-2025-40198 ext4: avoid potential buffer over-read in parse_apply_sb_mount_options()

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid potential buffer over-read in parseapplysbmountoptions Unlike other strings in the ext4 superblock, we rely on tune2fs to make sure smountopts is NUL terminated. Harden parseapplysbmountoptions by treating smountopts ...

0.00188EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/11/11 9:13 a.m.2 views

kernel: scsi: lpfc: Use memcpy() for BIOS version

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Use memcpy for BIOS version The strlcat with FORTIFY support is triggering a panic because it thinks the target buffer will overflow although the correct target buffer size is passed in. Anyway, instead of memset with...

5.5CVSS5.9AI score0.00167EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2025/10/31 4:38 p.m.4 views

Astra Linux - уязвимость в curl

libcurl's URL API function curlurlget offers punycode conversions, to and from IDN. Asking to convert a name that is exactly 256 bytes, libcurl ends up reading outside of a stack based buffer when built to use the macidn IDN backend. The conversion function then fills up the provided buffer exact...

4.3CVSS7.1AI score0.00786EPSS
Exploits1References2
CVE
CVE
added 2025/10/29 4:50 p.m.18 views

CVE-2025-62792

CVE-2025-62792 affects Wazuh prior to 4.12.0, where a buffer over-read occurs in w_expression_match() because the buffer allocated in OS_CleanMSG() is not properly NULL terminated. This allows a compromised agent to trigger a read beyond the end of the allocated buffer by sending a crafted messag...

7.5CVSS6.5AI score0.0035EPSS
Exploits1References1Affected Software1
EUVD
EUVD
added 2025/10/22 3:31 p.m.5 views

EUVD-2023-60026

In the Linux kernel, the following vulnerability has been resolved: s390/crypto: use vector instructions only if available for ChaCha20 Commit 349d03ffd5f6 "crypto: s390 - add crypto library interface for ChaCha20" added a library interface to the s390 specific ChaCha20 implementation. However no...

4.7AI score0.00193EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/10/10 10:53 p.m.9 views

python-ldap is Vulnerable to Improper Encoding or Escaping of Output and Improper Null Termination

Summary ldap.dn.escapednchars escapes \x00 incorrectly by emitting a backslash followed by a literal NUL byte instead of the RFC-4514 hex form \00. Any application that uses this helper to construct DNs from untrusted input can be made to consistently fail before a request is sent to the LDAP...

6.9CVSS7.2AI score0.00427EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2025/10/10 10:4 p.m.19 views

CVE-2025-61912 python-ldap Vulnerable to Improper Encoding or Escaping of Output and Improper Null Termination

python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, ldap.dn.escapednchars escapes \x00 incorrectly by emitting a backslash followed by a literal NUL byte instead of the RFC-4514 hex form \00. Any application that uses this helper to...

6.9CVSS0.00427EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2003-0768

Malware in sbrugna...

5CVSS6.1AI score0.01774EPSS
Exploits1References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-8888

Malware in sbrugna...

10CVSS9.5AI score0.00904EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-4245

Malware in sbrugna...

4.3CVSS5.9AI score0.01899EPSS
Exploits1References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-12741

Malware in sbrugna...

7.5CVSS7.5AI score0.01211EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-11919

Malware in sbrugna...

7.8CVSS7.7AI score0.00198EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-9421

Malware in sbrugna...

7.8CVSS7.7AI score0.00281EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2006-7222

Malware in sbrugna...

4.3CVSS6.4AI score0.00983EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-28579

Malware in sbrugna...

6CVSS6AI score0.0034EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-3542

Malware in sbrugna...

9.1CVSS9AI score0.00959EPSS
Exploits0References2
Rows per page
Query Builder