Lucene search
K

20 matches found

CNNVD
CNNVD
added 2026/06/09 12:0 a.m.10 views

VMware Spring Framework 安全漏洞

VMware Spring Framework is an open-source Java/JavaEE application framework developed by VMware, a US-based company. This framework helps developers build high-quality applications. Versions 7.0.0 to 7.0.7, 6.2.0 to 6.2.18, 6.1.0 to 6.1.27, and 5.3.0 to 5.3.48 of the VMware Spring Framework conta...

5.9CVSS5.3AI score0.00313EPSS
Exploits0References1
Fedora
Fedora
added 2026/05/27 1:27 a.m.10 views

[SECURITY] Fedora 43 Update: uriparser-1.0.2-1.fc43

Uriparser is a strictly RFC 3986 compliant URI parsing library written in C. uriparser is cross-platform, fast, supports Unicode and is licensed under the New BSD license...

5.1CVSS5.8AI score0.00172EPSS
Exploits0
NVD
NVD
added 2026/05/01 3:16 p.m.5 views

CVE-2026-31775

In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Don't enumerate SPDIF1 at DAIO initialization The recent refactoring of xfi driver changed the assignment of atc-daios at atcgetresources; now it loops over all enum DAIOTYP entries while it looped formerly only a pa...

5.5CVSS0.00107EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/29 12:0 a.m.8 views

VMware Spring Framework 资源管理错误漏洞

VMware Spring Framework is an open-source Java/JavaEE application framework developed by VMware Corporation in the United States. This framework helps developers build high-quality applications. There is a resource management vulnerability in the VMware Spring Framework, which stems from a...

5.3CVSS5.8AI score0.00341EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/29 12:0 a.m.14 views

VMware Spring Framework 安全漏洞

VMware Spring Framework is an open-source Java/JavaEE application framework developed by VMware, a US-based company. This framework helps developers build high-quality applications. There is a security vulnerability in the VMware Spring Framework, which stems from caching malicious resources duri...

3.1CVSS5.8AI score0.00236EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/03 8:10 p.m.18 views

CVE-2026-35562 Allocation of resources without limits in parsing components in Amazon Athena ODBC driver

Allocation of resources without limits in the parsing components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to cause a denial of service by delivering crafted input that triggers excessive resource consumption during the driver's parsing operations. To remediate this...

8.7CVSS0.00379EPSS
Exploits0References6
OSV
OSV
added 2025/12/18 3:15 p.m.5 views

CVE-2025-64467

There is an out of bounds read vulnerability in NI LabVIEW in LVResFile::FindRsrcListEntry when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted...

8.5CVSS6AI score0.00132EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/18 2:53 p.m.15 views

CVE-2025-64469 Stack-based Buffer Overflow in LVResource::DetachResource() in NI LabVIEW

There is a stack-based buffer overflow vulnerability in NI LabVIEW in LVResFile::FindRsrcListEntry when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially...

8.5CVSS0.00134EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/08/18 2:1 a.m.3 views

SUSE CVE-2024-43823

In the Linux kernel, the following vulnerability has been resolved: PCI: keystone: Fix NULL pointer dereference in case of DT error in kspciesetuprcappregs If IORESOURCEMEM is not provided in Device Tree due to any error, resourcelistfirsttype will return NULL and pciparserequestofpciranges will...

5.5CVSS6.3AI score0.00225EPSS
Exploits0References14
OSV
OSV
added 2024/04/22 3:56 p.m.26 views

GHSA-HVP5-5X4F-33FQ JADX file override vulnerability

Summary when jadx parses a resource file, there is an escape problem with the style file, which can overwrite other files in the directory when saving the decompile result. Although I don't think this vulnerability realizes path traversal in the true sense of the word , I reported it anyway Detai...

3.3CVSS7.1AI score
Exploits0References3
NVD
NVD
added 2022/12/22 10:15 p.m.20 views

CVE-2022-41794

A heap based buffer overflow vulnerability exists in the PSD thumbnail resource parsing code of OpenImageIO 2.3.19.0. A specially-crafted PSD file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...

9.8CVSS0.01854EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2022/12/22 10:15 p.m.29 views

CVE-2022-41794

A heap based buffer overflow vulnerability exists in the PSD thumbnail resource parsing code of OpenImageIO 2.3.19.0. A specially-crafted PSD file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...

9.8CVSS7.6AI score0.01854EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/12/22 12:0 a.m.4 views

OpenImageIO 缓冲区错误漏洞

OpenImageIO is an image read and write library that also provides several tools and applications. a heap buffer overflow vulnerability exists in the PSD thumbnail resource parsing code in OpenImageIO v2.3.19.0. An attacker can exploit this vulnerability to cause arbitrary code execution via...

9.8CVSS8.1AI score0.01854EPSS
Exploits1References9
Talos
Talos
added 2020/11/06 12:0 a.m.41 views

BIMx Desktop Viewer Resource Parsing Integer Overflow Vulnerability

Talos Vulnerability Report TALOS-2020-1032 BIMx Desktop Viewer Resource Parsing Integer Overflow Vulnerability November 6, 2020 CVE Number CVE-2020-6099 SUMMARY An exploitable code execution vulnerability exists in the file format parsing functionality of Graphisoft BIMx Desktop Viewer 2019.2.232...

8.8CVSS8.2AI score0.01072EPSS
Exploits1
OSV
OSV
added 2017/09/05 6:29 p.m.4 views

CVE-2017-2779

An exploitable memory corruption vulnerability exists in the RSRC segment parsing functionality of LabVIEW 2017, LabVIEW 2016, LabVIEW 2015, and LabVIEW 2014. A specially crafted Virtual Instrument VI file can cause an attacker controlled looping condition resulting in an arbitrary null write. An...

7.8CVSS5.9AI score0.02168EPSS
Exploits2References4
Talos
Talos
added 2015/12/08 12:0 a.m.43 views

Microsoft .NET Manifest Resource Information Disclosure Vulnerability

Talos Vulnerability Report TALOS-2015-0130 Microsoft .NET Manifest Resource Information Disclosure Vulnerability December 8, 2015 CVE Number CVE-2015-6114 Summary An exploitable information leak or denial of service vulnerability exists in the manifest resource parsing functionality of the .NET...

4.3CVSS6.5AI score0.19485EPSS
Exploits0
securityvulns
securityvulns
added 2010/03/31 12:0 a.m.67 views

Secunia Research: Sun Java JDK/JRE Soundbank Resource Parsing Buffer Overflow

====================================================================== Secunia Research 31/03/2010 - Sun Java JDK/JRE Soundbank Resource Parsing Buffer Overflow - ====================================================================== Table of Contents Affected...

0.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.26 views

Debian DSA-455-1 : libxml - buffer overflows

libxml2 is a library for manipulating XML files. Yuuichi Teranishi Si Xi Yu ? discovered a flaw in libxml, the GNOME XML library. When fetching a remote resource via FTP or HTTP, the library uses special parsing routines which can overflow a buffer if passed a very long URL. If an attacker is abl...

7.5CVSS5.8AI score0.24232EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/08/30 12:0 a.m.31 views

GLSA-200403-01 : Libxml2 URI Parsing Buffer Overflow Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200403-01 Libxml2 URI Parsing Buffer Overflow Vulnerabilities Yuuichi Teranishi discovered a flaw in libxml2 versions prior to 2.6.6. When the libxml2 library fetches a remote resource via FTP or HTTP, libxml2 uses parsing routine...

7.5CVSS6.3AI score0.24232EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2004/02/26 8:38 p.m.35 views

Moderate: Red Hat Security Advisory: libxml2 security update

Updated libxml2 packages that fix an overflow when parsing remote resources are now available. libxml2 is a library for manipulating XML files. Yuuichi Teranishi discovered a flaw in libxml2 versions prior to 2.6.6. When fetching a remote resource via FTP or HTTP, libxml2 uses special parsing...

7.5CVSS6.4AI score0.24232EPSS
Exploits0References2
Rows per page
Query Builder