Lucene search
K

2114 matches found

EUVD
EUVD
added 6 days ago5 views

EUVD-2026-42328

U-Boot through 2026.04-rc3 contains an out-of-bounds read vulnerability in tcprxstatemachine net/tcp.c when CONFIGPROTTCP is enabled, allowing remote attackers to read beyond TCP segment boundaries by crafting a malicious packet with a mismatched IP total length and TCP data offset field. Attacke...

6.9CVSS6AI score0.00467EPSS
Exploits0References3
Cvelist
Cvelist
added 6 days ago33 views

CVE-2026-56362 ImageMagick - Heap-buffer-overflow Read in GetPixelIndex via OpenPixelCache Metadata Desynchronization

ImageMagick before 7.1.2-15 contains a heap-buffer-overflow read vulnerability in GetPixelIndex caused by OpenPixelCache updating image channel metadata before pixel cache memory allocation. Attackers can trigger memory and disk allocation failures to cause a heap-buffer-overflow read affecting a...

3.3CVSS0.00188EPSS
Exploits0References2
Cvelist
Cvelist
added 6 days ago35 views

CVE-2026-57255 Security vulnerability in Foxit PDF Editor/Reader — OOB Read via NaN-Bypass Clamp

The application opens a PDF containing an abnormal color space whose attributes reference a valid but semantically malformed function. The function's output is not validated; when subsequently read, it produces an illegal pointer that accesses an out-of-bounds region, crashing the application...

6.1CVSS0.00107EPSS
Exploits0References1
OSV
OSV
added 2026/07/06 6:26 a.m.3 views

OESA-2026-2812 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: Out-of-bounds Read vulnerability in Apache HTTP Server with modheaders and modmime and multiple response languages. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67.CVE-2026-43951...

6.5CVSS5.9AI score0.00525EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:16 p.m.4 views

DEBIAN-CVE-2026-13819

Out of bounds read in ANGLE in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...

8.1CVSS5.8AI score0.00308EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/30 10:39 p.m.26 views

CVE-2026-14048

Use after free in Chromecast in Google Chrome prior to 150.0.7871.47 allowed an attacker on the local network segment to obtain potentially sensitive information from process memory via a malicious peripheral. Chromium security severity: Low...

0.00116EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/25 10:39 p.m.5 views

CVE-2026-47729

A flaw was found in Squid. Due to improper input validation, an out-of-bounds read can occur in the FTP gateway. This issue allows an authenticated and trusted client to read memory from random transactions when accessing a misbehaving FTP server using the Squid gateway feature. Mitigation When F...

6.5CVSS5.8AI score
Exploits1References4
CVE
CVE
added 2026/06/25 6:13 p.m.18 views

CVE-2026-56788

RTKLIB 2.4.3 is affected by an out-of-bounds read in getcodepri when processing unrecognized RINEX observation codes. Crafted RINEX files with unknown observation types trigger negative indexing into the codepris table, causing reliable crashes and potential memory disclosure of adjacent global d...

7.1CVSS5.9AI score0.00119EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/06/25 12:23 p.m.31 views

CVE-2026-40210 Out-of-bounds read in SetMacAddrAction

An out-of-bounds read might happen when SetMacAddrAction is used, potentially resulting in uninitialized memory being sent over the network or a crash...

4.8CVSS0.00336EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 8:39 a.m.5 views

EUVD-2026-39316

In the Linux kernel, the following vulnerability has been resolved: sctp: fix uninit-value in sctprcvasconflookup sctprcvasconflookup in net/sctp/input.c only checks that the ASCONF chunk can hold the ADDIP header and a parameter header, then calls af-fromaddrparam, which reads the full address 1...

5.7AI score0.00544EPSS
Exploits0References8
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfrailserverexecuteresult indexed the global errorcodenames array 7 elements, indices 0–6 using an unchecked execResult-execResult value received from the server. This led to a potential out-of-bounds read...

7.5CVSS5.8AI score0.00454EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.22.0, the ecamencodercompressh264 function relied on server-controlled dimensions and did not validate the source buffer size, resulting in a out-of-bounds read in swsscale. This vulnerability has been fixed in...

9.1CVSS5.5AI score0.00489EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/23 8:9 p.m.28 views

CVE-2026-47388 NocoDB: Missing Ownership Check in MCP Attachment Read

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, a low-privilege MCP token holder with knowledge of an attachment path could read any file in shared storage, including attachments belonging to other bases and workspaces, because the MCP readAttachment tool did not...

2.3CVSS0.00209EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/23 5:47 p.m.36 views

CVE-2020-9713 Acrobat Reader | Out-of-bounds Read (CWE-125)

Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose...

5.5CVSS0.00185EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/19 4:28 p.m.7 views

CVE-2026-56210

A heap-buffer-overflow read vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC Scalable Video Coding layer ID control function allows setting a spatiallayerid exceeding the configured number of layers. This causes an out-of-bounds heap rea...

7.1CVSS5.8AI score0.00245EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/19 1:16 p.m.34 views

CVE-2026-48138 Out-of-bounds read vulnerability in the NI grpc-device streaming API

There is an out-of-bounds read vulnerability in the NI grpc-device streaming API due to a missing bounds check that may result in a denial of service. Successful exploitation requires an attacker to supply a specially crafted write request. This affects NI grpc-device 2.17.0 and prior versions...

8.7CVSS0.00343EPSS
Exploits0References2
Mageia
Mageia
added 2026/06/18 9:28 p.m.14 views

Updated luajit packages fix security vulnerabilities

In LuaJIT through 2.0.5, as used in Moonjit before 2.1.2 and other products, debug.getinfo has a type confusion issue that leads to arbitrary memory write or read operations, because certain cases involving valid stack levels and options are mishandled. CVE-2019-19391 LuaJIT through 2.1.0-beta3 h...

9.8CVSS7.1AI score0.01469EPSS
Exploits4References3
NVD
NVD
added 2026/06/17 6:17 p.m.13 views

CVE-2026-30802

Out-of-bounds Read vulnerability in RTI Connext Micro Core Libraries allows Overread Buffers.This issue affects Connext Micro: from 4.0.0 before 4.3.0, from 2.4.5 before 2.4...

8.8CVSS0.00249EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 5:20 p.m.10 views

EUVD-2026-37755

Out-of-bounds Read vulnerability in RTI Connext Micro Core Libraries allows Overread Buffers.This issue affects Connext Micro: from 4.0.0 before 4.3.0...

8.8CVSS5.2AI score0.00249EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 5:20 p.m.20 views

CVE-2026-30802

CVE-2026-30802 is an out-of-bounds read vulnerability in RTI Connext Micro (Core Libraries) affecting Connext Micro versions 4.0.0 up to but not including 4.3.0. The issue is described as an overread of buffers. The provided documents do not specify the exact vulnerable component (file/module), r...

8.8CVSS5.8AI score0.00249EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder