Lucene search
K

13 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/22 9:4 p.m.5 views

CVE-2026-56306

Capgo before 12.128.2 contains a weak parsing vulnerability in the x-limited-key-id header that allows attackers to bypass subkey enforcement by submitting malformed values, zero, or duplicate headers that result in NaN or falsy values. Remote attackers can manipulate the x-limited-key-id header ...

6.4CVSS5.9AI score0.00251EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/03 12:0 a.m.4 views

EUVD-2025-208239

An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400, 1580, and 2500. A NULL pointer dereference of session-ncphdrbuf in pilotparsingncp causes a denial of service...

5.9AI score0.00286EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/03 12:0 a.m.19 views

CVE-2025-62817

An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400, 1580, and 2500. A NULL pointer dereference of session-ncphdrbuf in pilotparsingncp causes a denial of service...

0.00286EPSS
Exploits0References2
OSV
OSV
added 2025/10/10 7:15 a.m.5 views

CVE-2025-21054

Out-of-bounds read in the parsing header for JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to potentially access out-of-bounds memory...

5.5CVSS5.8AI score0.0011EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/10 6:33 a.m.5 views

EUVD-2025-33678

Out-of-bounds read in the parsing header for JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to potentially access out-of-bounds memory...

4CVSS6AI score0.0011EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/10 6:33 a.m.3 views

CVE-2025-21053

Out-of-bounds write in the parsing header for JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to cause memory corruption...

4CVSS6.1AI score0.00116EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/04/09 12:0 a.m.22 views

The vulnerability of the `gf_opus_parse_packet_header` function in the `media_tools/av_parsers.c` file, implemented by the MP4Box packaging tool for the GPAC multimedia platform, allows a hacker to trigger a service failure.

The vulnerability of the gfopusparsepacketheader function in the mediatools/avparsers.c file, belonging to the MP4Box packaging tool of the GPAC multimedia platform, is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow a remote attacker to cause a service...

9.4CVSS5.9AI score
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/10/24 12:0 a.m.26 views

RHEL 9 : python3.12 (RHSA-2024:8447)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:8447 advisory. Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It...

7.5CVSS7.1AI score0.02203EPSS
Exploits2References5
Cvelist
Cvelist
added 2024/05/28 2:2 p.m.25 views

CVE-2023-35950

Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within the code responsibl...

7.8CVSS8.3AI score0.00495EPSS
Exploits1References2
OSV
OSV
added 2021/06/18 6:31 p.m.13 views

GHSA-WM2M-XRRP-J74C HTTP Request Smuggling in netius

netius prior to 1.17.58 is vulnerable to HTTP Request Smuggling. HTTP pipelining issues and request smuggling attacks might be possible due to incorrect Transfer encoding header parsing which could allow for CL:TE or TE:TE attacks...

6.1CVSS6.2AI score0.00811EPSS
Exploits0References6
Mageia
Mageia
added 2021/03/12 1:25 a.m.86 views

Updated python-httplib2 packages fix a security vulnerability

A malicious server which responds with long series of \xa0 characters in the www-authenticate header may cause Denial of Service CPU burn while parsing header of the httplib2 client accessing said server CVE-2021-21240...

7.5CVSS3.3AI score0.03876EPSS
Exploits1References2
OSV
OSV
added 2021/01/26 6:16 p.m.2 views

UBUNTU-CVE-2021-3185

A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when parsing a h264 header, an attacker could cause the stack to be smashed, memory corruption and possibly code execution...

9.8CVSS7.2AI score0.02377EPSS
Exploits0References3
OSV
OSV
added 2021/01/02 6:15 a.m.2 views

DEBIAN-CVE-2020-28851

In x/text in Go 1.15.4, an "index out of range" panic occurs in language.ParseAcceptLanguage while parsing the -u- extension. x/text/language is supposed to be able to parse an HTTP Accept-Language header...

7.5CVSS7.5AI score0.02297EPSS
Exploits1References1
Rows per page
Query Builder