Lucene search
K

1463 matches found

CVE
CVE
added yesterday24 views

CVE-2026-44761

SAP Commerce Cloud is affected by CVE-2026-44761, where a sample OAuth2 client may retain publicly documented sample credentials from SAP Help Portal configuration. If left unchanged, an unauthenticated attacker could obtain a valid access token and invoke certain APIs to read and modify data, re...

9.1CVSS6.1AI score0.00352EPSS
Exploits0References2
Cvelist
Cvelist
added yesterday14 views

CVE-2026-44761 Insecure Sample Credentials in SAP Commerce Cloud

SAP Commerce Cloud could retain a sample OAuth2 client with publicly documented sample credentials originating from sample configuration provided in SAP Help Portal documentation. If left unchanged, an unauthenticated attacker could use these well-known credentials to obtain a valid access token...

9.1CVSS0.00352EPSS
Exploits0References2
NVD
NVD
added 6 days ago6 views

CVE-2026-45780

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, EventSerializer could expose invited group names, sample invitees, and attendance statistics to users who could view the topic but were not entitled to view the private event invitee list. This...

5.3CVSS0.00399EPSS
Exploits0References9
CVE
CVE
added 6 days ago13 views

CVE-2026-45780

CVE-2026-45780 affects Discourse prior to versions 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5. The issue arises in EventSerializer, which could expose invited group names, sample invitees, and attendance statistics to users who could view the topic but were not entitled to view the private event ...

5.3CVSS5.9AI score0.00399EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2026/07/07 2:34 p.m.5 views

PYSEC-2026-1306 Reverb use after free vulnerability

There exists a use after free vulnerability in Reverb. Reverb supports the VARIANT datatype, which is supposed to represent an arbitrary object in C++. When a tensor proto of type VARIANT is unpacked, memory is first allocated to store the entire tensor, and a ctor is called on each instance...

6.1CVSS6.1AI score0.00123EPSS
Exploits0References6
OSV
OSV
added 2026/07/07 10:17 a.m.2 views

PYSEC-2026-998 TensorFlow vulnerable to `CHECK` fail in `AudioSummaryV2`

Impact When AudioSummaryV2 receives an input samplerate with more than one element, it gives a CHECK fails that can be used to trigger a denial of service attack. python import tensorflow as tf arg0='' arg1=tf.random.uniformshape=1,1, dtype=tf.float32, maxval=None arg2=tf.random.uniformshape=2,1,...

5.9CVSS7AI score0.00396EPSS
Exploits0References7
NVD
NVD
added 2026/07/06 12:16 p.m.9 views

CVE-2025-15667

A vulnerability was determined in GPAC up to 2.5-DEV. This vulnerability affects the function gfisomnalusamplerewrite of the file src/isomedia/avcext.c of the component MP4Box. This manipulation of the argument naluoutbs causes double free. It is possible to launch the attack on the local host. T...

4.8CVSS0.00112EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/07/06 11:15 a.m.38 views

CVE-2025-15667 GPAC MP4Box avc_ext.c gf_isom_nalu_sample_rewrite double free

A vulnerability was determined in GPAC up to 2.5-DEV. This vulnerability affects the function gfisomnalusamplerewrite of the file src/isomedia/avcext.c of the component MP4Box. This manipulation of the argument naluoutbs causes double free. It is possible to launch the attack on the local host. T...

4.8CVSS0.00112EPSS
Exploits0References8
OSV
OSV
added 2026/07/06 11:15 a.m.5 views

CVE-2025-15667 GPAC MP4Box avc_ext.c gf_isom_nalu_sample_rewrite double free

A vulnerability was determined in GPAC up to 2.5-DEV. This vulnerability affects the function gfisomnalusamplerewrite of the file src/isomedia/avcext.c of the component MP4Box. This manipulation of the argument naluoutbs causes double free. It is possible to launch the attack on the local host. T...

4.8CVSS5.4AI score0.00112EPSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2026/07/06 11:15 a.m.6 views

CVE-2025-15667

A vulnerability was determined in GPAC up to 2.5-DEV. This vulnerability affects the function gfisomnalusamplerewrite of the file src/isomedia/avcext.c of the component MP4Box. This manipulation of the argument naluoutbs causes double free. It is possible to launch the attack on the local host. T...

4.8CVSS5.4AI score0.00112EPSS
Exploits0References8
EUVD
EUVD
added 2026/07/06 11:15 a.m.6 views

EUVD-2025-210429

A vulnerability was determined in GPAC up to 2.5-DEV. This vulnerability affects the function gfisomnalusamplerewrite of the file src/isomedia/avcext.c of the component MP4Box. This manipulation of the argument naluoutbs causes double free. It is possible to launch the attack on the local host. T...

4.8CVSS5.4AI score0.00112EPSS
Exploits0References8
EUVD
EUVD
added 2026/07/02 12:31 a.m.8 views

EUVD-2026-41219

A NULL pointer dereference in the AP4AtomSampleTable::GetSample function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

7.5CVSS5.8AI score0.00343EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 10:16 p.m.4 views

CVE-2026-36912

A NULL pointer dereference in the AP4AtomSampleTable::GetSample function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

7.5CVSS0.00343EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/01 12:0 a.m.38 views

CVE-2026-36912

A NULL pointer dereference in the AP4AtomSampleTable::GetSample function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

0.00343EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.11 views

PT-2026-54757

Name of the Vulnerable Software and Affected Versions Aleksoid1978 MPC-BE versions prior to commit 4341cb3 Description A NULL pointer dereference occurs in the AP4 AtomSampleTable::GetSample function. This issue allows an attacker to trigger a Denial of Service DoS by providing a specially crafte...

7.5CVSS5.9AI score0.00343EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.7 views

SUSE SLED15: gdk-pixbuf-loader-libheif / libheif-aom / libheif-dav1d / etc (SUSE-SU-2026:2622-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2622-1 advisory. This update for libheif fixes the following issues Update to 1.23.0: - CVE-2025-68431: heap buffer over-read i...

8.8CVSS6.4AI score0.00514EPSS
Exploits6References65
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in libheif

libheif is a decoder and encoder for HEIF and AVIF file formats. In versions 1.21.2 and earlier, a malformed HEIF sequence file could trigger an out-of-bounds read during core sequence parsing, leading to DoS Denial of Service. A malformed file may have stcoentrycount == 0 meaning no chunks are...

6.5CVSS6AI score0.00253EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ALSA: wavefront: Fixed integer overflow in sample size validation The wavefrontsendsample function has a problem with integer overflow when validating the sample size. The header-size field is of type u32, but it is cast to int f...

6.6AI score0.00177EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/15 9:30 p.m.11 views

EUVD-2025-210145

A heap buffer overflow in the gfcencsetpssh function isomedia/drmsample.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5CVSS5.5AI score0.00235EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.13 views

PT-2026-49272

A heap buffer overflow in the gf cenc set pssh function isomedia/drm sample.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.6AI score0.00235EPSS
Exploits1References2
Rows per page
Query Builder