Lucene search
K

22 matches found

Cvelist
Cvelist
added 2026/07/06 11:15 a.m.38 views

CVE-2025-15667 GPAC MP4Box avc_ext.c gf_isom_nalu_sample_rewrite double free

A vulnerability was determined in GPAC up to 2.5-DEV. This vulnerability affects the function gfisomnalusamplerewrite of the file src/isomedia/avcext.c of the component MP4Box. This manipulation of the argument naluoutbs causes double free. It is possible to launch the attack on the local host. T...

4.8CVSS0.00112EPSS
Exploits0References8
OSV
OSV
added 2026/05/26 6:30 p.m.2 views

CVE-2026-9572 GPAC MP4Box media.c Media_GetSample memory leak

A security vulnerability has been detected in GPAC up to 2.4.0. Affected by this issue is the function MediaGetSample of the file src/isomedia/media.c of the component MP4Box. Such manipulation of the argument cat leads to memory leak. The attack can only be performed from a local environment. Th...

4.8CVSS5.2AI score0.00161EPSS
Exploits1References9
ATTACKERKB
ATTACKERKB
added 2026/05/11 12:30 a.m.7 views

CVE-2026-8257

A vulnerability was detected in WebAssembly Binaryen up to 117. This issue affects the function IRBuilder::makeBrOn of the file src/wasm/wasm-ir-builder.cpp of the component BrOn Parser. Performing a manipulation results in reachable assertion. The attack needs to be approached locally. The explo...

4.8CVSS5.3AI score0.00159EPSS
Exploits1References8Affected Software1
OSV
OSV
added 2026/05/11 12:30 a.m.3 views

CVE-2026-8257 WebAssembly Binaryen BrOn wasm-ir-builder.cpp makeBrOn assertion

A vulnerability was detected in WebAssembly Binaryen up to 117. This issue affects the function IRBuilder::makeBrOn of the file src/wasm/wasm-ir-builder.cpp of the component BrOn Parser. Performing a manipulation results in reachable assertion. The attack needs to be approached locally. The explo...

4.8CVSS5.2AI score0.00159EPSS
Exploits1References10
OSV
OSV
added 2026/05/01 9:15 p.m.4 views

CVE-2026-7597 mem0ai mem0 faiss.py pickle.dump deserialization

A vulnerability was found in mem0ai mem0 up to 1.0.11. This affects the function pickle.load/pickle.dump of the file mem0/vectorstores/faiss.py. Performing a manipulation results in deserialization. It is possible to initiate the attack remotely. The exploit has been made public and could be used...

5.3CVSS6AI score0.00315EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/04/26 12:0 a.m.10 views

PT-2026-35227

A vulnerability was determined in baomidou dynamic-datasource 2.5.0. Affected by this vulnerability is the function DsSpelExpressionProcessordoDetermineDatasource of the file dynamic-datasource-spring/src/main/java/com/baomidou/dynamic/datasource/processor/DsSpelExpressionProcessor.java of the...

6.5CVSS5.1AI score0.00237EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/04/07 11:29 p.m.8 views

SUSE CVE-2026-5663

A security flaw has been discovered in OFFIS DCMTK up to 3.7.0. This impacts the function executeOnReception/executeOnEndOfStudy of the file dcmnet/apps/storescp.cc of the component storescp. Performing a manipulation results in os command injection. Remote exploitation of the attack is possible...

9.8CVSS5.5AI score0.01721EPSS
Exploits0References3
VulnCheck KEV
VulnCheck KEV
added 2026/04/06 12:0 a.m.9 views

VulnCheck KEV: CVE-2026-3965

A security vulnerability has been detected in whyour qinglong up to 2.20.1. Affected is an unknown function of the file back/loaders/express.ts of the component API Interface. The manipulation of the argument command leads to protection mechanism failure. The attack may be initiated remotely. The...

6.5CVSS5.3AI score0.00441EPSS
In wildExploits0References12
NVD
NVD
added 2026/03/30 4:16 p.m.6 views

CVE-2026-5123

A weakness has been identified in osrg GoBGP up to 4.3.0. This impacts the function DecodeFromBytes of the file pkg/packet/bgp/bgp.go. Executing a manipulation of the argument data1 can lead to off-by-one. The attack may be launched remotely. Attacks of this nature are highly complex. The...

6.3CVSS0.00409EPSS
Exploits0References6
OSV
OSV
added 2026/03/18 8:5 p.m.4 views

GHSA-7C47-XR7Q-P6HG free5GC NRF Discovery EncodeGroupId Function Panics on Malformed group-id-list Parameter

Impact This is an Improper Input Validation vulnerability leading to Denial of Service. - Security Impact: A remote attacker can cause the NRF service to panic and crash by sending a crafted HTTP GET request with a malformed group-id-list parameter. This results in complete denial of service for...

8.7CVSS5.9AI score0.00674EPSS
Exploits1References6
Cvelist
Cvelist
added 2026/02/16 2:32 a.m.36 views

CVE-2026-2531 MindsDB File Upload security.py clear_filename server-side request forgery

A security vulnerability has been detected in MindsDB up to 25.14.1. This vulnerability affects the function clearfilename of the file mindsdb/utilities/security.py of the component File Upload. Such manipulation leads to server-side request forgery. The attack may be performed from remote. The...

6.5CVSS0.00226EPSS
Exploits1References7
Cvelist
Cvelist
added 2026/02/09 3:32 p.m.31 views

CVE-2026-2240 janet-lang janet compile.c janetc_pop_funcdef out-of-bounds

A vulnerability has been found in janet-lang janet up to 1.40.1. The impacted element is the function janetcpopfuncdef of the file src/core/compile.c. Such manipulation leads to out-of-bounds read. The attack must be carried out locally. The exploit has been disclosed to the public and may be use...

4.8CVSS0.00157EPSS
Exploits1References8
CVE
CVE
added 2025/11/13 3:32 p.m.146 views

CVE-2025-13120

Summary : CVE-2025-13120 affects mruby up to 3.4.0, specifically the sort_cmp function in src/array.c, causing a use-after-free condition. Exploitation requires local access. A public patch is available (commit eb398971bfb43c38db3e04528b68ac9a7ce509bc). If CVE is relevant to you, apply the offici...

5.5CVSS5.2AI score0.00142EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2025/10/22 1:23 p.m.10 views

CVE-2023-53699 riscv: move memblock_allow_resize() after linear mapping is ready

In the Linux kernel, the following vulnerability has been resolved: riscv: move memblockallowresize after linear mapping is ready The initial memblock metadata is accessed from kernel image mapping. The regions arrays need to "reallocated" from memblock and accessed through linear mapping to cove...

0.00195EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2025/07/27 5:32 a.m.8 views

CVE-2025-8224

A vulnerability has been found in GNU Binutils 2.44 and classified as problematic. This vulnerability affects the function bfdelfgetstrsection of the file bfd/elf.c of the component BFD Library. The manipulation leads to null pointer dereference. Local access is required to approach this attack...

5.5CVSS4.4AI score0.00225EPSS
Exploits1References8Affected Software1
OSV
OSV
added 2025/07/13 10:15 p.m.2 views

DEBIAN-CVE-2025-7545

A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copysection of the file binutils/objcopy.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the publ...

7.8CVSS5.2AI score0.00254EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/05/16 2:13 p.m.19 views

Vyper's `slice()` may elide side-effects when output length is 0

Impact the slice builtin can elide side effects when the output length is 0, and the source bytestring is a builtin msg.data or .code. the reason is that for these source locations, the check that length = 1 is skipped:...

6.3CVSS6.7AI score0.00384EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2023/11/17 11:6 a.m.4 views

OESA-2023-1838 shim security update

Initial UEFI bootloader that handles chaining to a trusted full \ bootloader under secure boot environments. Security Fixes: A vulnerability classified as critical has been found in rhboot shim up to 15.7 on ARM. This affects the function mirroroneesl of the file mok.c of the component mok...

6.2CVSS6.9AI score0.00434EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/01/05 12:0 a.m.6 views

PT-2023-12409 · Unknown · Woorank Robots-Txt-Guard

Name of the Vulnerable Software and Affected Versions: Woorank robots-txt-guard affected versions not specified Description: A vulnerability was found in the function makePathPattern of the file lib/patterns.js. The manipulation of the argument pattern leads to inefficient regular expression...

7.5CVSS4.6AI score0.00938EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2022/02/09 11:15 p.m.9 views

CVE-2022-20042

In Bluetooth, there is a possible information disclosure due to incorrect error handling. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108487; Issue ID: ALPS06108487...

5.5CVSS6.1AI score0.00122EPSS
Exploits0References2
Rows per page
Query Builder