Lucene search
K

83 matches found

Cvelist
Cvelist
added 2026/03/20 3:54 a.m.21 views

CVE-2026-32945 PJSIP is vulnerable to Heap-based Buffer Overflow through DNS parser

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a Heap-based Buffer Overflowvulnerability in the DNS parser's name length handler. Thisimpacts applications using PJSIP's built-in DNS resolver, such as those configured with...

8.4CVSS0.00308EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/20 3:54 a.m.4 views

EUVD-2026-13519

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a Heap-based Buffer Overflowvulnerability in the DNS parser's name length handler. Thisimpacts applications using PJSIP's built-in DNS resolver, such as those configured with...

8.4CVSS5.8AI score0.00308EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2026/03/20 3:54 a.m.5 views

CVE-2026-32945

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a Heap-based Buffer Overflowvulnerability in the DNS parser's name length handler. Thisimpacts applications using PJSIP's built-in DNS resolver, such as those configured with...

9.8CVSS5.4AI score0.00308EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2026/03/19 11:3 a.m.3 views

CVE-2006-10002

XML::Parser versions through 2.45 for Perl could overflow the pre-allocated buffer size cause a heap corruption double free or corruption and crashes. A :utf8 PerlIO layer, parsestream in Expat.xs could overflow the XML input buffer because Perl's read returns decoded characters while SvPV gives...

9.8CVSS6AI score0.00604EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/03/19 11:3 a.m.4 views

CVE-2006-10002

XML::Parser versions through 2.45 for Perl could overflow the pre-allocated buffer size cause a heap corruption double free or corruption and crashes. A :utf8 PerlIO layer, parsestream in Expat.xs could overflow the XML input buffer because Perl's read returns decoded characters while SvPV gives...

9.8CVSS5.7AI score0.00604EPSS
Exploits0
NVD
NVD
added 2026/03/16 2:19 p.m.4 views

CVE-2026-3081

GStreamer H.266 Codec Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...

7.8CVSS0.00425EPSS
Exploits0References5
OSV
OSV
added 2026/03/13 8:7 p.m.5 views

GHSA-F269-VFMQ-VJVJ Undici: Malicious WebSocket 64-bit length overflows parser and crashes the client

Impact A server can reply with a WebSocket frame using the 64-bit length form and an extremely large length. undici's ByteParser overflows internal math, ends up in an invalid state, and throws a fatal TypeError that terminates the process. Patches Patched in the undici version v7.24.0 and v6.24....

7.5CVSS5.8AI score0.00488EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.9 views

Amazon Linux 2 : gimp, --advisory ALAS2GIMP-2026-011 (ALASGIMP-2026-011)

The version of gimp installed on the remote host is prior to 2.8.22-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2GIMP-2026-011 advisory. GIMP: PSD loader: heap-buffer-overflow in freadpascalstring no null terminator CVE-2026-2239 An integer overflow...

6.5CVSS7.2AI score0.00838EPSS
Exploits3References8
OSV
OSV
added 2026/02/24 11:16 a.m.6 views

SUSE-SU-2026:0604-1 Security update for gimp

This update for gimp fixes the following issues: - CVE-2026-2272: integer overflow in ICO file handling can lead to a heap buffer overflow bsc1258000. - CVE-2026-2271: integer overflow in the PSP file parser can lead to a heap buffer overflow bsc1257999. - CVE-2026-2239: missing null terminator...

6.5CVSS6AI score0.00838EPSS
Exploits3References7
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 8 : dotnet3.1-3.1.417-1.el8.ML.1 (AXSA:2022-3098:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3098:04 advisory. dotnet: ASP.NET Denial of Service via FormPipeReader CVE-2022-24464 dotnet: double parser stack buffer overrun CVE-2022-24512 brotli: buffer overflo...

7.5CVSS7.9AI score0.03228EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 8 : dotnet5.0-5.0.212-1.el8.ML.1 (AXSA:2022-3097:08)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3097:08 advisory. dotnet: ASP.NET Denial of Service via FormPipeReader CVE-2022-24464 dotnet: double parser stack buffer overrun CVE-2022-24512 brotli: buffer overflo...

7.5CVSS8.2AI score0.03228EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.8 views

MiracleLinux 8 : grub2-2.02-90.1.0.1.el8 (AXSA:2021-1565:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1565:02 advisory. grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled CVE-2020-14372 grub2: Use-after-free in rmmod...

8.2CVSS6.1AI score0.01738EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/01/06 12:0 a.m.7 views

Elastic Beats filebeat 7.0.x < 8.19.9 / 9.0.x < 9.1.9 / 9.2.x 9.2.3 Multiple Vulnerabilities

The version of Elastic Beats filebeat installed on the remote host is 7.0.x prior to 8.19.9, 9.0.x prior to 9.1.9, 9.2.x prior to 9.2.3. It is, therefore, affected by multiple vulnerabilities. - Improper Bounds Check CWE-787 in Packetbeat can allow a remote unauthenticated attacker to exploit a...

6.5CVSS6AI score0.00387EPSS
Exploits0References8
OSV
OSV
added 2026/01/05 10:36 a.m.2 views

SUSE-SU-2026:0013-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2025-65955: possible use-after-free/double-free in Options::fontFamily when clearing a family can lead to crashes or memory corruption bsc1254435. - CVE-2025-66628: possible integer overflow in the TIM image parser's ReadTIMImage...

7.5CVSS6AI score0.00439EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2025/12/24 12:0 a.m.1 views

SUSE SLES15 / openSUSE 15 Security Update : mozjs52 (SUSE-SU-2025:4512-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4512-1 advisory. - CVE-2024-45491: Fixed integer overflow in dtdCopy bsc1230037 - CVE-2024-50602: Fixed DoS via XMLResumeParser bsc1232599 -...

9.8CVSS7.4AI score0.01686EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2025/12/11 12:0 a.m.5 views

ImageMagick < 7.1.2-10 Integer Overflow (GHSA-6hjr-v6g4-3fm8)

The remote Windows host has a version of ImageMagick installed that is prior to 7.1.2-10. It is, therefore, affected by an integer overflow vulnerability. ImageMagick is a software suite to create, edit, compose, or convert bitmap images. In versions 7.1.2-9 and prior, the TIM PSX TIM image parse...

7.5CVSS5.7AI score0.00439EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/10 12:0 a.m.27 views

CVE-2025-65803

An integer overflow in the psdParser::ReadImageData function of FreeImage v3.18.0 and before allows attackers to cause a Denial of Service DoS via supplying a crafted PSD file...

0.00246EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/12/03 12:0 a.m.9 views

Debian dsa-6065 : krita - security update

The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6065 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6065-1 [email protected] https://www.debian.org/security/...

6.7CVSS6.5AI score0.0018EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-2543

Malware in sbrugna...

9.3CVSS6.4AI score0.05837EPSS
Exploits0References7
CVE
CVE
added 2025/10/01 8:7 p.m.21 views

CVE-2025-59149

Suricata (Open Information Security Foundation) 8.0.0 is affected by a vulnerability in rules that use ldap.responses.attribute_type with transforms, causing a stack buffer overflow during startup or rule reload. The issue is fixed in version 8.0.1. Workarounds include disabling rules that use ld...

6.2CVSS6.8AI score0.00189EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder