Lucene search
K

6656 matches found

OSV
OSV
added 2026/05/19 12:12 a.m.18 views

OSV-2026-777 Heap-buffer-overflow in md_is_link_title

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=514122612 Crash type: Heap-buffer-overflow READ 1 Crash state: mdislinktitle mdanalyzeinlines mdprocessnormalblockcontents...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/18 12:15 a.m.9 views

OSV-2024-1464 Use-of-uninitialized-value in Splash::compositeBackground

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=513891492 Crash type: Use-of-uninitialized-value Crash state: Splash::compositeBackground SplashOutputDev::setSoftMask Gfx::doSoftMask...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/18 12:8 a.m.8 views

OSV-2026-765 Heap-use-after-free in gf_node_get_id

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=513783541 Crash type: Heap-use-after-free READ 8 Crash state: gfnodegetid lsrreadcommandlist lsrdecodelaserunit...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/17 12:16 a.m.14 views

OSV-2026-760 Heap-buffer-overflow in md_decode_utf8__

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=513677122 Crash type: Heap-buffer-overflow READ 1 Crash state: mddecodeutf8 mdskipunicodewhitespace mdlinklabelhash...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/14 12:10 a.m.9 views

OSV-2026-733 Use-of-uninitialized-value in JBIG2Stream::readSymbolDictSeg

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=512468082 Crash type: Use-of-uninitialized-value Crash state: JBIG2Stream::readSymbolDictSeg JBIG2Stream::readSegments JBIG2Stream::rewind...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/14 12:5 a.m.10 views

OSV-2026-727 Global-buffer-overflow in md_start_new_block

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=512429152 Crash type: Global-buffer-overflow READ 4 Crash state: mdstartnewblock mdparse mdhtml...

5.8AI score
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.11 views

Grafana OSS 安全漏洞

Grafana OSS is an open-source visualization dashboard developed by Grafana. There is a security vulnerability in Grafana OSS, which stems from the plugin resource endpoints’ ability to read the entire request body into memory, leading to unlimited memory allocation. This could potentially cause...

6.5CVSS5.8AI score0.00328EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.11 views

Grafana OSS 安全漏洞

Grafana OSS is an open-source visualization dashboard developed by Grafana. There is a security vulnerability in Grafana OSS, which arises from the possibility of users continuing to perform operations within a short period after their token permissions for service accounts have been revoked. Thi...

5.9CVSS5.8AI score0.00245EPSS
Exploits0References1
OSV
OSV
added 2026/05/12 12:11 a.m.9 views

OSV-2026-717 Stack-use-after-scope in enter_block_callback

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=511831392 Crash type: Stack-use-after-scope READ 4 Crash state: enterblockcallback mdprocessallblocks mdparse...

5.8AI score
Exploits0References1
Cvelist
Cvelist
added 2026/05/11 4:3 p.m.49 views

CVE-2026-33359 Meari unauthenticated alert image access in cloud object storage

In Meari IoT Cloud alert image storage on Alibaba OSS latest observed; storage service version not disclosed, motion snapshots are retrievable without authentication, signed URLs, or expiry enforcement. URLs function as direct object references and remain valid beyond expected operational windows...

7.5CVSS0.00293EPSS
Exploits0References2
OSV
OSV
added 2026/05/11 12:8 a.m.8 views

OSV-2026-712 Heap-buffer-overflow in Mat_VarGetCellsLinear

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=511531637 Crash type: Heap-buffer-overflow READ 8 Crash state: MatVarGetCellsLinear matiostructcellfuzzer.cpp...

5.8AI score
Exploits0References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.9 views

Meari Alibaba OSS 安全漏洞

Meari Alibaba OSS is an IoT cloud data storage solution developed by Meari Company, which integrates object storage services. There is a security vulnerability in Meari Alibaba OSS. This vulnerability arises from the lack of authentication, signed URLs, and expiration controls in Meari IoT Cloud...

7.5CVSS5.8AI score0.00293EPSS
Exploits0References1
OSV
OSV
added 2026/05/09 12:17 a.m.9 views

OSV-2026-703 Heap-use-after-free in js_atomics_op

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=510792185 Crash type: Heap-use-after-free WRITE 4 Crash state: jsatomicsop jscallcfunction JSCallInternal...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/08 12:2 a.m.9 views

OSV-2026-696 Use-of-uninitialized-value in JXRHandler::read

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=510577322 Crash type: Use-of-uninitialized-value Crash state: JXRHandler::read kimgiofuzzer.cc interceptormalloc...

5.8AI score
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/07 2:17 a.m.16 views

SUSE CVE-2026-43126

In the Linux kernel, the following vulnerability has been resolved: ALSA: mixer: oss: Add card disconnect checkpoints ALSA OSS mixer layer calls the kcontrol ops rather individually, and pending calls might be not always caught at disconnecting the device. For avoiding the potential UAF scenarios...

7CVSS5.7AI score0.00129EPSS
Exploits0References20
Debian CVE
Debian CVE
added 2026/05/06 11:27 a.m.8 views

CVE-2026-43126

In the Linux kernel, the following vulnerability has been resolved: ALSA: mixer: oss: Add card disconnect checkpoints ALSA OSS mixer layer calls the kcontrol ops rather individually, and pending calls might be not always caught at disconnecting the device. For avoiding the potential UAF scenarios...

7.8CVSS5.7AI score0.00129EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-43126

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: mixer: oss: Add card disconnect checkpoints ALSA OSS mixer layer calls the kcontrol ops rather individually, and pending calls might be not always caught ...

7.8CVSS6.3AI score0.00129EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/04 12:0 a.m.12 views

PT-2026-37193

Name of the Vulnerable Software and Affected Versions Argo Workflows versions 4.0.0 through 4.0.4 Description The workflow executor logs artifact repository credentials in plaintext during artifact operations. This occurs because the logging driver passes the entire ArtifactDriver struct to the...

8.5CVSS5.8AI score0.00357EPSS
Exploits1References14
Vulnrichment
Vulnrichment
added 2026/04/30 9:16 p.m.7 views

CVE-2026-6542 Monitor API allows cross-user read of transaction logs and deletion of build data via flow_id

IBM Langflow OSS 1.0.0 through 1.8.4 could allow any user to supply a flowid to read transaction logs and vertex build data belonging to other users, and to delete persisted vertex build data for another user's flow...

6.5CVSS5.8AI score0.00201EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/30 9:16 p.m.31 views

CVE-2026-6542 Monitor API allows cross-user read of transaction logs and deletion of build data via flow_id

IBM Langflow OSS 1.0.0 through 1.8.4 could allow any user to supply a flowid to read transaction logs and vertex build data belonging to other users, and to delete persisted vertex build data for another user's flow...

6.5CVSS0.00201EPSS
Exploits0References1
Rows per page
Query Builder