Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-14626

Malware in sbrugna...

9.8CVSS8.8AI score0.02301EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2025-26790

Malicious code in bioql PyPI...

6.3AI score0.00149EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/09/04 3:32 p.m.10 views

CVE-2025-38679 media: venus: Fix OOB read due to missing payload bound check

In the Linux kernel, the following vulnerability has been resolved: media: venus: Fix OOB read due to missing payload bound check Currently, The eventseqchanged handler processes a variable number of properties sent by the firmware. The number of properties is indicated by the firmware and used t...

0.00149EPSS
Exploits0References6
Microsoft CVE
Microsoft CVE
added 2025/09/04 5:27 a.m.5 views

In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because a property name associated with a \p{...} regular expression construct is mishandled. The earliest affected version is 5.30.0.

...

9.8CVSS7AI score
Exploits0
NVD
NVD
added 2025/04/08 7:15 p.m.9 views

CVE-2025-3416

A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string...

3.7CVSS0.00452EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/04/08 6:24 p.m.8 views

CVE-2025-3416 Rust-openssl: rust-openssl use-after-free in `md::fetch` and `cipher::fetch`

A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string...

3.7CVSS3.8AI score0.00452EPSS
Exploits0References6
OSV
OSV
added 2025/04/08 6:24 p.m.29 views

CVE-2025-3416 Rust-openssl: rust-openssl use-after-free in `md::fetch` and `cipher::fetch`

A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string...

3.7CVSS5.8AI score0.00452EPSS
Exploits0References9
Cvelist
Cvelist
added 2025/04/08 6:24 p.m.14 views

CVE-2025-3416 Rust-openssl: rust-openssl use-after-free in `md::fetch` and `cipher::fetch`

A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string...

3.7CVSS0.00452EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2025/04/08 6:24 p.m.8 views

CVE-2025-3416

A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string...

3.7CVSS4.8AI score0.00452EPSS
Exploits0
CNNVD
CNNVD
added 2021/05/28 12:0 a.m.4 views

css-what 安全漏洞

css-what is a CSS selector parser. A security vulnerability exists in css-what versions prior to 5.0.1, which stems from the fact that the css-what package does not ensure that property parsing has linear time complexity with respect to input size. No details of the vulnerability are available at...

7.5CVSS7.2AI score0.02267EPSS
Exploits0References8
OSV
OSV
added 2017/03/15 2:59 p.m.7 views

UBUNTU-CVE-2017-6209

Stack-based buffer overflow in the parseidentifier function in tgsitext.c in the TGSI auxiliary module in the Gallium driver in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service out-of-bounds array access and QEMU process crash via vectors related to parsing...

6.5CVSS7AI score0.00388EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2014/10/30 7:45 p.m.7 views

file: incomplete fix for CVE-2012-1571 in cdf_read_property_info

It was found that the fix for CVE-2012-1571 was incomplete; the File Information fileinfo extension did not correctly parse certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...

6.5CVSS7.2AI score0.20237EPSS
Exploits2References4
Rows per page
Query Builder