Lucene search
+L

13 matches found

euvd
euvd
added 6 days ago7 views

EUVD-2026-42939

ESF-IDF is the Espressif Internet of Things IOT Development Framework. Versions 6.0.1, 5.5.4, 5.4.4, 5.3.5, and possibly prior contain an out-of-bounds write in jpegparsedqtmarker in components/espdriverjpeg/jpegparsemarker.c because the attacker-controlled DQT marker Tq nibble is used as an inde...

7.5CVSS6.1AI score0.00385EPSS
Exploits0References7
nvd
nvd
added 2026/07/02 4:17 a.m.10 views

CVE-2026-57269

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.3CVSS0.0024EPSS
Exploits0References2
nvd
nvd
added 2026/04/10 4:17 a.m.9 views

CVE-2026-5466

wolfSSL's ECCSI signature verifier wcVerifyEccsiHash decodes the r and s scalars from the signature blob via mpreadunsignedbin with no check that they lie in 1, q-1. A crafted forged signature could verify against any message for any identity, using only publicly-known constants...

8.1CVSS0.00147EPSS
Exploits0References1
osv
osv
added 2026/04/10 4:17 a.m.8 views

UBUNTU-CVE-2026-5466

wolfSSL's ECCSI signature verifier wcVerifyEccsiHash decodes the r and s scalars from the signature blob via mpreadunsignedbin with no check that they lie in 1, q-1. A crafted forged signature could verify against any message for any identity, using only publicly-known constants...

8.1CVSS5.8AI score0.00147EPSS
Exploits0References4
cvelist
cvelist
added 2026/04/10 3:0 a.m.34 views

CVE-2026-5466 wc_VerifyEccsiHash missing sanity check

wolfSSL's ECCSI signature verifier wcVerifyEccsiHash decodes the r and s scalars from the signature blob via mpreadunsignedbin with no check that they lie in 1, q-1. A crafted forged signature could verify against any message for any identity, using only publicly-known constants...

7.6CVSS0.00147EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/04/10 12:0 a.m.8 views

PT-2026-31862

Name of the Vulnerable Software and Affected Versions wolfSSL affected versions not specified Description The ECCSI signature verifier wc VerifyEccsiHash in wolfSSL decodes the r and s scalars from the signature blob using mp read unsigned bin without verifying that these values fall within the...

7.6CVSS5.8AI score0.00147EPSS
Exploits0References5
osv
osv
added 2025/10/30 3:2 p.m.5 views

GO-2025-4027 Gnark-crypto doesn't range check input values during ECDSA and EdDSA deserialization in github.com/consensys/gnark-crypto

Gnark-crypto doesn't range check input values during ECDSA and EdDSA deserialization in github.com/consensys/gnark-crypto...

9.8CVSS7.1AI score0.00844EPSS
Exploits0References5
redhat
redhat
added 2024/01/17 7:20 p.m.5 views

OpenJDK: array out-of-bounds access due to missing range check in C1 compiler (8314468)

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or...

7.4CVSS7.2AI score0.00911EPSS
Exploits0References5
redhat
redhat
added 2024/01/17 4:6 p.m.6 views

OpenJDK: array out-of-bounds access due to missing range check in C1 compiler (8314468)

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or...

7.4CVSS7.2AI score0.00911EPSS
Exploits0References5
redhat
redhat
added 2024/01/17 3:48 p.m.4 views

OpenJDK: array out-of-bounds access due to missing range check in C1 compiler (8314468)

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or...

7.4CVSS7.2AI score0.00911EPSS
Exploits0References5
redhat
redhat
added 2024/01/17 2:0 p.m.3 views

OpenJDK: array out-of-bounds access due to missing range check in C1 compiler (8314468)

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or...

7.4CVSS7.2AI score0.00911EPSS
Exploits0References5
redhat
redhat
added 2024/01/17 1:54 p.m.4 views

OpenJDK: array out-of-bounds access due to missing range check in C1 compiler (8314468)

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or...

7.4CVSS7.2AI score0.00911EPSS
Exploits0References5
osv
osv
added 2023/09/04 3:15 a.m.6 views

CVE-2023-20845

In imgsys, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07197795; Issue ID: ALPS07340357...

4.2CVSS5.7AI score0.00091EPSS
Exploits0References1
Rows per page
Query Builder