Lucene search
K

252 matches found

OSV
OSV
added 2026/06/28 2:16 a.m.3 views

DEBIAN-CVE-2026-58049

FFmpeg's RASC video decoder decodedlta in libavcodec/rasc.c performs 32-bit reads and writes at the row cursor before the NEXTLINE row-boundary check and validates the DLTA region in pixel rather than byte units, so a DLTA run on a PAL8 frame can access several bytes past the row allocation. A...

8.8CVSS5.8AI score0.00217EPSS
Exploits0References1
NVD
NVD
added 2026/06/28 2:16 a.m.30 views

CVE-2026-58049

FFmpeg's RASC video decoder decodedlta in libavcodec/rasc.c performs 32-bit reads and writes at the row cursor before the NEXTLINE row-boundary check and validates the DLTA region in pixel rather than byte units, so a DLTA run on a PAL8 frame can access several bytes past the row allocation. A...

8.8CVSS0.00217EPSS
Exploits0References6
OSV
OSV
added 2026/06/28 2:16 a.m.4 views

UBUNTU-CVE-2026-58049

FFmpeg's RASC video decoder decodedlta in libavcodec/rasc.c performs 32-bit reads and writes at the row cursor before the NEXTLINE row-boundary check and validates the DLTA region in pixel rather than byte units, so a DLTA run on a PAL8 frame can access several bytes past the row allocation. A...

8.8CVSS5.8AI score0.00217EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/28 1:32 a.m.8 views

CVE-2026-58049

FFmpeg's RASC video decoder decodedlta in libavcodec/rasc.c performs 32-bit reads and writes at the row cursor before the NEXTLINE row-boundary check and validates the DLTA region in pixel rather than byte units, so a DLTA run on a PAL8 frame can access several bytes past the row allocation. A...

8.8CVSS5.8AI score0.00217EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/28 1:32 a.m.7 views

CVE-2026-58049 FFmpeg - Out-of-Bounds Write in RASC Decoder decode_dlta()

FFmpeg's RASC video decoder decodedlta in libavcodec/rasc.c performs 32-bit reads and writes at the row cursor before the NEXTLINE row-boundary check and validates the DLTA region in pixel rather than byte units, so a DLTA run on a PAL8 frame can access several bytes past the row allocation. A...

8.8CVSS5.8AI score0.00217EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/28 1:32 a.m.8 views

EUVD-2026-39969

FFmpeg's RASC video decoder decodedlta in libavcodec/rasc.c performs 32-bit reads and writes at the row cursor before the NEXTLINE row-boundary check and validates the DLTA region in pixel rather than byte units, so a DLTA run on a PAL8 frame can access several bytes past the row allocation. A...

8.8CVSS5.8AI score0.00217EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/28 1:32 a.m.6 views

CVE-2026-58049

FFmpeg's RASC video decoder decodedlta in libavcodec/rasc.c performs 32-bit reads and writes at the row cursor before the NEXTLINE row-boundary check and validates the DLTA region in pixel rather than byte units, so a DLTA run on a PAL8 frame can access several bytes past the row allocation. A...

8.8CVSS5.8AI score0.00217EPSS
Exploits0
CVE
CVE
added 2026/06/28 1:32 a.m.55 views

CVE-2026-58049

CVE-2026-58049 concerns FFmpeg’s RASC video decoder (decode_dlta in libavcodec/rasc.c). The issue arises when the code performs 32-bit reads/writes at the row cursor before the NEXT_LINE boundary check and validates the DLTA region in pixels rather than bytes. On PAL8 frames, this enables a DLTA ...

8.8CVSS5.8AI score0.00217EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/28 12:0 a.m.12 views

PT-2026-53081

Name of the Vulnerable Software and Affected Versions FFmpeg versions prior to the latest patch Description The RASC video decoder in libavcodec contains a flaw where the decode dlta function in libavcodec/rasc.c performs 32-bit reads and writes at the row cursor before the NEXT LINE row-boundary...

8.8CVSS6AI score0.00217EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/06/04 10:3 a.m.14 views

CVE-2026-8036

Improper input validation in NI-PAL may allow a local authenticated user to access arbitrary system memory, potentially leading to privilege escalation. This vulnerability affects NI-PAL 26.3.0 and prior versions on Windows and Linux...

8.4CVSS5.9AI score0.00107EPSS
Exploits0References1
NVD
NVD
added 2026/06/02 8:16 p.m.13 views

CVE-2026-8035

Improper input validation in the NI-PAL kernel driver may allow a local authenticated user to cause a denial of service by triggering a crash due to a NULL pointer dereference. This vulnerability affects NI-PAL 26.3.0 and prior versions on Windows and Linux...

7.1CVSS0.00096EPSS
Exploits0References1
NVD
NVD
added 2026/06/02 8:16 p.m.18 views

CVE-2026-8036

Improper input validation in NI-PAL may allow a local authenticated user to access arbitrary system memory, potentially leading to privilege escalation. This vulnerability affects NI-PAL 26.3.0 and prior versions on Windows and Linux...

8.4CVSS0.00107EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/02 5:26 p.m.9 views

CVE-2026-8036 Local privilege escalation in NI-PAL

Improper input validation in NI-PAL may allow a local authenticated user to access arbitrary system memory, potentially leading to privilege escalation. This vulnerability affects NI-PAL 26.3.0 and prior versions on Windows and Linux...

8.4CVSS5.9AI score0.00107EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/02 5:26 p.m.35 views

CVE-2026-8036 Local privilege escalation in NI-PAL

Improper input validation in NI-PAL may allow a local authenticated user to access arbitrary system memory, potentially leading to privilege escalation. This vulnerability affects NI-PAL 26.3.0 and prior versions on Windows and Linux...

8.4CVSS0.00107EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/02 5:26 p.m.8 views

CVE-2026-8036

Improper input validation in NI-PAL may allow a local authenticated user to access arbitrary system memory, potentially leading to privilege escalation. This vulnerability affects NI-PAL 26.3.0 and prior versions on Windows and Linux...

8.4CVSS5.9AI score0.00107EPSS
Exploits0References2
CVE
CVE
added 2026/06/02 5:26 p.m.22 views

CVE-2026-8036

NI-PAL is affected by improper input validation that may allow a local authenticated user to access arbitrary system memory, enabling privilege escalation. Affected: NI-PAL 26.3.0 and prior on Windows and Linux. Root cause: input validation weakness. Impact: local privilege escalation with potent...

8.4CVSS5.9AI score0.00107EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/02 5:22 p.m.7 views

CVE-2026-8035

Improper input validation in the NI-PAL kernel driver may allow a local authenticated user to cause a denial of service by triggering a crash due to a NULL pointer dereference. This vulnerability affects NI-PAL 26.3.0 and prior versions on Windows and Linux...

7.1CVSS5.8AI score0.00096EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/02 5:22 p.m.10 views

CVE-2026-8035 NULL pointer dereference in NI-PAL

Improper input validation in the NI-PAL kernel driver may allow a local authenticated user to cause a denial of service by triggering a crash due to a NULL pointer dereference. This vulnerability affects NI-PAL 26.3.0 and prior versions on Windows and Linux...

7.1CVSS5.8AI score0.00096EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/02 5:22 p.m.12 views

EUVD-2026-33991

Improper input validation in the NI-PAL kernel driver may allow a local authenticated user to cause a denial of service by triggering a crash due to a NULL pointer dereference. This vulnerability affects NI-PAL 26.3.0 and prior versions on Windows and Linux...

7.1CVSS5.8AI score0.00096EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/02 5:22 p.m.35 views

CVE-2026-8035 NULL pointer dereference in NI-PAL

Improper input validation in the NI-PAL kernel driver may allow a local authenticated user to cause a denial of service by triggering a crash due to a NULL pointer dereference. This vulnerability affects NI-PAL 26.3.0 and prior versions on Windows and Linux...

7.1CVSS0.00096EPSS
Exploits0References1
Rows per page
Query Builder