20128 matches found
CVE-2026-42477
A heap-based out-of-bounds read vulnerability in RWObjReader::read in the OBJ file parser in Open CASCADE Technology OCCT V800rc5 allows user-assisted attackers to cause a denial of service or obtain sensitive information by persuading a victim to open a crafted OBJ file. The issue occurs because...
DEBIAN-CVE-2026-42476
Two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser in Open CASCADE Technology OCCT V800rc5 exist in RWStlReader::ReadAscii because buffers returned by StandardReadLineBuffer::ReadLine are not properly length-validated before strncasecmp or direct byte access...
CVE-2026-42484
A heap-based buffer overflow in hextobinary in the PKZIP hash parser in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted PKZIP hash file. The issue affects modules 17200, 17210, 17220, 17225, and 17230. When datatypeenum=1,...
UBUNTU-CVE-2026-42483
A heap-based buffer overflow in the Kerberos hash parser in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted Kerberos hash file. The issue affects modulehashdecode in multiple Kerberos-related modules because accountinfolen is...
CVE-2026-42483
A heap-based buffer overflow in the Kerberos hash parser in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted Kerberos hash file. The issue affects modulehashdecode in multiple Kerberos-related modules because accountinfolen is...
CVE-2026-42484
A heap-based buffer overflow in hextobinary in the PKZIP hash parser in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted PKZIP hash file. The issue affects modules 17200, 17210, 17220, 17225, and 17230. When datatypeenum=1,...
UBUNTU-CVE-2026-42484
A heap-based buffer overflow in hextobinary in the PKZIP hash parser in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted PKZIP hash file. The issue affects modules 17200, 17210, 17220, 17225, and 17230. When datatypeenum=1,...
Security Bulletin: IBM Maximo Application Suite - Manage Component uses socket.io-parser-4.2.4 in inspections app which is vulnerable to CVE-2026-33151
Summary IBM Maximo Application Suite - Manage Component uses socket.io-parser-4.2.4 in inspections app which is vulnerable to CVE-2026-33151 Vulnerability Details CVEID:CVE-2026-33151 DESCRIPTION: Socket.IO is an open source, real-time, bidirectional, event-based, communication framework. Prior t...
CLSA-2026-1776179858 Fix of 5 CVEs
SECURITY UPDATE: fix vulnerability in MSL coder - debian/patches/CVE-2026-25988.patch: fix vulnerability in MSL coder - CVE-2026-25988 SECURITY UPDATE: fix path traversal via policy bypass - debian/patches/CVE-2026-25965.patch: fix path traversal via policy bypass - CVE-2026-25965 SECURITY UPDATE...
CVE-2026-5404
K12 RF5 file parser crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...
DEBIAN-CVE-2026-5404
K12 RF5 file parser crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...
UBUNTU-CVE-2026-5404
K12 RF5 file parser crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...
CVE-2026-5404
K12 RF5 file parser crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...
Wireshark 安全漏洞
Wireshark is a set of network packet analysis tools developed by the Wireshark team. The software’s function is to capture network packets and display detailed data for analysis. Versions of Wireshark from 4.6.0 to 4.6.4, as well as 4.4.0 to 4.4.14, have security vulnerabilities. These...
CVE-2026-42481
Open CASCADE Technology OCCT V800rc5 contains multiple vulnerabilities in its IGES and STEP file parsers that can be triggered by crafted IGES or STEP files. These issues include an out-of-bounds read in Geom2dBSplineCurve::EvalD0 during IGES B-spline curve evaluation, an out-of-bounds read in...
CVE-2026-42480
CVE-2026-42480 is a stack-based out-of-bounds read in Open CASCADE Technology (OCCT) VRML parser: VrmlData_Scene::ReadLine. The quoted-string escape handler uses ptr[++anOffset] without proper bounds checking, enabling denial-of-service via a crafted VRML file. Affected component is OCCT v8_0_0_r...
CVE-2026-42477
A heap-based out-of-bounds read vulnerability in RWObjReader::read in the OBJ file parser in Open CASCADE Technology OCCT V800rc5 allows user-assisted attackers to cause a denial of service or obtain sensitive information by persuading a victim to open a crafted OBJ file. The issue occurs because...
PT-2026-36353
Name of the Vulnerable Software and Affected Versions hashcat version 7.1.2 Description A heap-based buffer overflow exists in the hex to binary function within the PKZIP hash parser. This occurs when data type enum is less than or equal to 1, allowing attacker-controlled hex data from a...
CVE-2026-42481
The CVE-2026-42481 entry concerns Open CASCADE Technology (OCCT) in the V8_0_0_rc5 release. The affected components are the IGES and STEP file parsers. Documented issues include an out-of-bounds read in Geom2d_BSplineCurve::EvalD0 during IGES B-spline curve evaluation, another out-of-bounds read ...
EUVD-2026-26599
Two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser in Open CASCADE Technology OCCT V800rc5 exist in RWStlReader::ReadAscii because buffers returned by StandardReadLineBuffer::ReadLine are not properly length-validated before strncasecmp or direct byte access...