Lucene search
K

106 matches found

Cvelist
Cvelist
added 2 days ago32 views

CVE-2026-48337 Illustrator | Out-of-bounds Write (CWE-787)

Illustrator is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00138EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added last week3 views

netty-codec-haproxy: Netty-codec-haproxy: Denial of Service via malformed HAProxy message

A flaw was found in netty-codec-haproxy, a component of the Netty network application framework. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy message with a malformed PP2TYPESSL TLV Type-Length-Value header. This can lead to an IndexOutOfBoundsException...

7.5CVSS5.9AI score0.00594EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/25 1:43 p.m.7 views

EUVD-2026-39354

In EmberZNet v9.0.2 and earlier, a malformed GetProfileResponse message can trigger out-of-bounds reads while iterating interval entries and terminate the process. These messages must come from a device that has already joined the network, and no information leakage back to the sender was observe...

7.1CVSS5.8AI score0.00249EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in opencolorio

A vulnerability was discovered in AcademySoftwareFoundation OpenColorIO version 2.5.0. This issue affects the ConvertToRegularExpression function in the src/OpenColorIO/FileRules.cpp file. Performing certain manipulations can lead to an out-of-bounds read vulnerability. The attack can be carried...

4.8CVSS5.3AI score0.00165EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Chromium

Insufficient data validation in Mojo in Google Chrome prior to 129.0.6668.89 allowed a remote attacker who had compromised the renderer process to perform an out-of-bounds memory write via a crafted HTML page. Chromium security severity: High...

9.6CVSS7.2AI score0.00585EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Tunnels: Fixed the crash when generating IPV4 PMTU errors due to KASAN. If we attempt to emit an ICMP error in response to a non-linear SKB, we encounter the following issue: Bug: KASAN: Out-of-bounds access in...

7.1CVSS6AI score0.0014EPSS
Exploits0References2
OSV
OSV
added 2026/04/06 10:16 p.m.5 views

DEBIAN-CVE-2026-35444

SDLimage is a library to load images of various formats as SDL surfaces. In dolayersurface in src/IMGxcf.c, pixel index values from decoded XCF tile data are used directly as colormap indices without validating them against the colormap size cmnum. A crafted .xcf file with a small colormap and...

6.1CVSS5.4AI score0.00262EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the dpaa2-switch interrupt handler not clearing the interrupt state after detecting an out-of-bounds...

7.8CVSS7AI score0.00123EPSS
Exploits0References6
OSV
OSV
added 2026/03/30 12:0 a.m.3 views

ALSA-2026:6004 Important: freerdp security update

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fixes: freerdp: FreeRDP: Arbitrary code execution via heap out-of-bounds write ...

8.8CVSS6.5AI score0.00591EPSS
Exploits2References6
OSV
OSV
added 2026/03/27 1:33 a.m.5 views

SUSE-SU-2026:1101-1 Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.3 fixes various security issues The following security issues were fixed: - CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds bsc1257629. - CVE-2025-38488: smb: client: fix use-after-free in...

7.8CVSS6.6AI score0.00278EPSS
Exploits0References19
OSV
OSV
added 2026/03/24 4:49 p.m.3 views

SUSE-SU-2026:20882-1 Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-29.1 fixes various security issues The following security issues were fixed: - CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds bsc1257629. - CVE-2025-38488: smb: client: fix use-after-free in cryptmessag...

7.8CVSS6.8AI score0.00278EPSS
Exploits0References15
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.9 views

OpenHarmony 缓冲区错误漏洞

OpenHarmony is an open-source project for a Harmony operating system developed by the OpenAtom Foundation in China. Versions of OpenHarmony prior to v5.1.0 contained a buffer error vulnerability. This vulnerability stems from out-of-bounds writing, which could allow local attackers to execute...

7.8CVSS6.4AI score0.0016EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.6 views

PT-2026-25626

in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios...

5.5CVSS6.3AI score0.0016EPSS
Exploits0References1
OSV
OSV
added 2026/03/12 2:16 p.m.6 views

GHSA-5GGV-92R5-CP4P ImageMagick has Heap Buffer Overflow in WaveletDenoiseImage

A crafted image could cause an out of bounds heap write inside the WaveletDenoiseImage method. When processing a crafted image with the -wavelet-denoise operation an out of bounds write can occur. ================================================================= ==661320==ERROR: AddressSanitizer:...

5.5CVSS5.8AI score0.00106EPSS
Exploits0References4
Snyk
Snyk
added 2026/03/11 8:42 p.m.4 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the Track::load function. An attacker can cause a denial of service by triggering an out-of-bounds read by sending malformed stsz/stts combination with more samples than are covered by stsc. Remediation A fix was...

4.8CVSS5.8AI score0.00117EPSS
Exploits0References2
OSV
OSV
added 2026/02/18 2:47 p.m.21 views

CLSA-2026-1771241609 kernel: Fix of 13 CVEs

vsock: Do not allow binding to VMADDRPORTANY CVE-2025-38618 - cnic: Fix use-after-free bugs in cnicdeletetask CVE-2025-39945 - scsi: bfa: Double-free fix CVE-2025-38699 - pptp: ensure minimal skb length in pptpxmit CVE-2025-38574 - ipv6: reject malicious packets in ipv6gsosegment CVE-2025-38572 -...

7.8CVSS7AI score0.00295EPSS
Exploits0References1
NVD
NVD
added 2026/02/10 8:16 p.m.4 views

CVE-2025-29949

Insufficient input parameter sanitization in AMD Secure Processor ASP Boot Loader legacy recovery mode only could allow an attacker to write out-of-bounds to corrupt Secure DRAM potentially resulting in denial of service...

4.8CVSS0.00134EPSS
Exploits0References1
NVD
NVD
added 2026/02/09 10:16 p.m.11 views

CVE-2026-25920

SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, a heap out-of-bounds read vulnerability exists in SumatraPDF's MOBI HuffDic decompressor. The bounds check in AddCdicData only validates half the range that DecodeOne actually accesses. Opening a crafted .mobi file can read...

5.5CVSS0.00217EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/01/30 1:37 a.m.13 views

SUSE CVE-2020-37011

Gnome Fonts Viewer 3.34.0 contains a heap corruption vulnerability that allows attackers to trigger an out-of-bounds write by crafting a malicious TTF font file. Attackers can generate a specially crafted TTF file with an oversized pattern to exhaust memory through repeated malloc calls and...

8.4CVSS5.8AI score0.00411EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/12/16 11:55 p.m.7 views

CVE-2025-10888

AA maliciously crafted MODEL file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...

7.8CVSS7.6AI score0.00218EPSS
Exploits0References1
Rows per page
Query Builder