Lucene search
+L

126072 matches found

bdu_fstec
bdu_fstec
added 2 hours ago17 views

The vulnerabilities in the net/bluetooth/eir.c and net/bluetooth/mgmt.c modules of Linux kernel allow a hacker to cause a service failure.

The vulnerability in the net/bluetooth/eir.c and net/bluetooth/mgmt.c modules of Linux kernel systems relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a system failure...

7CVSS6.1AI score0.0013EPSS
Exploits0References5Affected Software2
nvd
nvd
added 12 hours ago6 views

CVE-2026-3842

A flaw was found in QEMU. This vulnerability allows a local attacker within a guest virtual machine to write data beyond its allocated memory. This occurs when cpuphysicalmemorymap returns a shorter length than expected, leading to an out-of-bounds write. Successful exploitation could result in...

7.8CVSS
Exploits0References3
cvelist
cvelist
added 13 hours ago13 views

CVE-2026-3842 Qemu-kvm: hyperv/syndbg: missing mapped-length guard after cpu_physical_memory_map causes host oob write

A flaw was found in QEMU. This vulnerability allows a local attacker within a guest virtual machine to write data beyond its allocated memory. This occurs when cpuphysicalmemorymap returns a shorter length than expected, leading to an out-of-bounds write. Successful exploitation could result in...

7.8CVSS
Exploits0References2
cve
cve
added 13 hours ago18 views

CVE-2026-3842

CVE-2026-3842 affects QEMU (hyperf/syndbg path) where a missing mapped-length guard after calling cpu_physical_memory_map() enables a local attacker inside a guest VM to perform an out-of-bounds write. The root cause is that cpu_physical_memory_map() can return a shorter length than expected, tri...

7.8CVSS6.9AI score
Exploits0References2
redhatcve
redhatcve
added yesterday4 views

CVE-2026-15685

A flaw was found in Ollama. This vulnerability allows remote attackers to create a denial-of-service DoS condition on affected installations. The issue occurs within the downloadBlob function due to improper validation of user-supplied data, which can lead to memory access beyond the bounds of an...

7.5CVSS6.9AI score0.00391EPSS
Exploits0References4
cve
cve
added yesterday8 views

CVE-2026-50144

ncnn (mobile-optimized neural network framework) contains an out-of-bounds heap write in ParamDict::load_param() when loading a malicious .param model, caused by a negative parameter id indexing before params[NCNN_MAX_PARAM_COUNT]. This is exploitable via Net::load_param() and is fixed by commit ...

7.1CVSS6.1AI score0.00018EPSS
Exploits0References2
nvd
nvd
added yesterday5 views

CVE-2026-62349

TDengine is an open source, time-series database optimized for Internet of Things devices. In 3.4.1.6 and earlier, source/libs/parser/src/parUtil.c trimString checks space for only one byte before processing SQL string escape sequences %, , or \x, allowing a one-byte out-of-bounds write to the...

8.3CVSS
Exploits0References1
nvd
nvd
added yesterday5 views

CVE-2026-62351

TDengine is a time-series database optimized for Internet of Things devices. Prior to 3.4.1.15, source/libs/transport/src/transComm.c transDecompressMsg read STransCompMsg.contLen when pHead-comp == 1 without first validating that the RPC packet contained the 8-byte STransCompMsg structure, causi...

7.5CVSS
Exploits0References1
cve
cve
added yesterday7 views

CVE-2026-62353

TDengine before version 3.4.1.14 contains an out-of-bounds read in the SQL lexer (parTokenizer.c tGetToken) where a trailing backslash in a string literal can cause the parser to read beyond the null terminator, potentially crashing the server and leaking adjacent memory. The issue requires an au...

5.4CVSS6.1AI score
Exploits0References1
cve
cve
added yesterday8 views

CVE-2026-62351

TDengine before 3.4.1.15 is affected. In transDecompressMsg() within source/libs/transport/src/transComm.c, the code reads STransCompMsg.contLen when pHead->comp == 1 without first validating that the RPC packet contains the 8-byte STransCompMsg structure. This can cause an unauthenticated out...

7.5CVSS6.1AI score
Exploits0References1
nvd
nvd
added yesterday4 views

CVE-2026-10673

The Zephyr ADIN2111/ADIN1110 10BASE-T1S/T1L Ethernet driver drivers/ethernet/ethadin2111.c reassembles received Ethernet frames in OPEN Alliance OA SPI mode by copying device-supplied 64-byte data chunks into a fixed static buffer ctx-buf of size CONFIGETHADIN2111BUFFERSIZE default 1524 bytes. In...

8.3CVSS
Exploits0References3
osv
osv
added yesterday4 views

MGASA-2026-0253 Updated openssl packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion. CVE-2026-7383 Out-of-Bounds Read in CMS Password-Based Decryption. CVE-2026-9076 Heap Buffer Over-read in ASN.1 Content Parsing. CVE-2026-34180 PKCS12 Files with PBMAC1 Are...

9.1CVSS6.1AI score0.02719EPSS
Exploits0References8
redhat
redhat
added yesterday3 views

kernel: smb: client: fix OOB reads parsing symlink error response

A flaw was found in the Linux kernel's Server Message Block SMB client. A remote, untrusted server could send a specially crafted symlink error response, leading to an out-of-bounds read vulnerability. This could result in the disclosure of sensitive information from the kernel's memory to a loca...

8.1CVSS6.6AI score0.00378EPSS
Exploits0References5
euvd
euvd
added yesterday4 views

EUVD-2026-44657

Out-of-bounds read vulnerability in the image codec module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

4CVSS6.1AI score
Exploits0References4
cve
cve
added yesterday4 views

CVE-2026-58553

CVE-2026-58553 is described as an out-of-bounds read in the image codec module with potential impact to service confidentiality. Metrics show CVSSv3.1: Local attack vector, Low attack complexity, No privileges required, No user interaction, Confidentiality impact None, Integrity impact None, Avai...

4CVSS6.1AI score
Exploits0References4
cvelist
cvelist
added yesterday17 views

CVE-2026-58553

Out-of-bounds read vulnerability in the image codec module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

4CVSS
Exploits0References4
euvd
euvd
added yesterday6 views

EUVD-2026-44656

Out-of-bounds read vulnerability in the image codec module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

5.1CVSS6.1AI score
Exploits0References4
cvelist
cvelist
added yesterday18 views

CVE-2026-58552

Out-of-bounds read vulnerability in the image codec module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

5.1CVSS
Exploits0References4
cve
cve
added yesterday6 views

CVE-2026-58552

CVE-2026-58552 describes an out-of-bounds read in the image codec module. The CVSS v3.1 base score is 5.1 (MEDIUM); attack vector: LOCAL , no privileges required, no user interaction. Impacts: confidentiality and availability may be affected; integrity: NONE . The connected documents provide no c...

5.1CVSS6.1AI score
Exploits0References4
euvd
euvd
added yesterday5 views

EUVD-2026-44655

Out-of-bounds read vulnerability in the image codec module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

5.1CVSS6.1AI score
Exploits0References4
Rows per page
Query Builder