2129 matches found
CVE-2026-14503
The CVE-2026-14503 entry concerns the pCloud WP Backup plugin for WordPress, affected up to version 2.0.3. The root cause is a Sensitive Information Exposure via the wp2pcl_ajax_process_request_inner path. An authenticated attacker with subscriber-level access or higher can trigger generation of ...
JLSEC-2026-770 OSGeo GDAL vulnerable to out-of-bounds read
A weakness has been identified in OSGeo gdal up to 3.13.0dev-4. The affected element is the function GDfieldinfo of the file frmts/hdf4/hdf-eos/GDapi.c. Executing a manipulation can lead to out-of-bounds read. The attack needs to be launched locally. The exploit has been made available to the...
CVE-2026-58550
Out-of-bounds read vulnerability in the image codec module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
UBUNTU-CVE-2026-56136
In NTFS-3G through 2026.2.25, an out-of-bounds read exists in ntfsirnill in libntfs-3g/index.c that allows an attacker to read possibly confidential information in an ntfs-3g process by crafting a malicious NTFS image. This read operation is triggered by creation of a file with a crafted name...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the TGA RLE encoder process. An attacker can access sensitive heap data and potentially cause limited denial of service by crafting a specially designed image file. Remediation Upgrade pillow to version 12.3.0 or...
Adobe Audition < 25.6.6 / 26.0 < 26.3 Multiple Vulnerabilities (APSB26-71) (macOS)
The version of Adobe Audition installed on the remote macOS host is prior to 25.6.6, 26.3. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-71 advisory. - Audition is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution i...
DEBIAN-CVE-2026-58102
Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow a heap out-of-bounds read via a long certificate extension OID in hvexts. When building the extension hash via extensions, extensionsbylongname, extensionsbyoid, or hasextensionoid, the code passes OBJobj2txt's return value as the hash-key...
RLSA-2026:36366 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: fs/smb/client: fix out-of-bounds read in cifssanitizeprepath CVE-2026-43112 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...
RockyLinux 9 : gstreamer1-plugins-bad-free (RLSA-2026:36834)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:36834 advisory. gstreamer1-plugins-bad-free: GStreamer: Denial of service via AV1 tilelistobu parser byte/bit confusion CVE-2026-52718 gstreamer1-plugins-bad-free:...
EUVD-2026-42328
U-Boot through 2026.04-rc3 contains an out-of-bounds read vulnerability in tcprxstatemachine net/tcp.c when CONFIGPROTTCP is enabled, allowing remote attackers to read beyond TCP segment boundaries by crafting a malicious packet with a mismatched IP total length and TCP data offset field. Attacke...
CVE-2026-56362 ImageMagick - Heap-buffer-overflow Read in GetPixelIndex via OpenPixelCache Metadata Desynchronization
ImageMagick before 7.1.2-15 contains a heap-buffer-overflow read vulnerability in GetPixelIndex caused by OpenPixelCache updating image channel metadata before pixel cache memory allocation. Attackers can trigger memory and disk allocation failures to cause a heap-buffer-overflow read affecting a...
CVE-2026-57255 Security vulnerability in Foxit PDF Editor/Reader — OOB Read via NaN-Bypass Clamp
The application opens a PDF containing an abnormal color space whose attributes reference a valid but semantically malformed function. The function's output is not validated; when subsequently read, it produces an illegal pointer that accesses an out-of-bounds region, crashing the application...
OESA-2026-2812 httpd security update
Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: Out-of-bounds Read vulnerability in Apache HTTP Server with modheaders and modmime and multiple response languages. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67.CVE-2026-43951...
DEBIAN-CVE-2026-13819
Out of bounds read in ANGLE in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...
CVE-2026-14048
Use after free in Chromecast in Google Chrome prior to 150.0.7871.47 allowed an attacker on the local network segment to obtain potentially sensitive information from process memory via a malicious peripheral. Chromium security severity: Low...
CVE-2026-47729
A flaw was found in Squid. Due to improper input validation, an out-of-bounds read can occur in the FTP gateway. This issue allows an authenticated and trusted client to read memory from random transactions when accessing a misbehaving FTP server using the Squid gateway feature. Mitigation When F...
CVE-2026-56788
RTKLIB 2.4.3 is affected by an out-of-bounds read in getcodepri when processing unrecognized RINEX observation codes. Crafted RINEX files with unknown observation types trigger negative indexing into the codepris table, causing reliable crashes and potential memory disclosure of adjacent global d...
CVE-2026-40210 Out-of-bounds read in SetMacAddrAction
An out-of-bounds read might happen when SetMacAddrAction is used, potentially resulting in uninitialized memory being sent over the network or a crash...
EUVD-2026-39316
In the Linux kernel, the following vulnerability has been resolved: sctp: fix uninit-value in sctprcvasconflookup sctprcvasconflookup in net/sctp/input.c only checks that the ASCONF chunk can hold the ADDIP header and a parameter header, then calls af-fromaddrparam, which reads the full address 1...
Astra Linux – Vulnerability in freerdp3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfrailserverexecuteresult indexed the global errorcodenames array 7 elements, indices 0–6 using an unchecked execResult-execResult value received from the server. This led to a potential out-of-bounds read...