Lucene search
K

4 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/30 4:20 p.m.5 views

CVE-2026-10653

The Zephyr netbuf library lib/netbuf/buf.c manipulated both of its reference counts -- the per-header buf-ref and the per-data-block refcount at the start of each variable/heap data allocation -- with plain non-atomic C operators buf-ref++, if --buf-ref 0, if --refcount. The API is documented as...

8.1CVSS6AI score0.00237EPSS
Exploits1References3Affected Software1
ossfuzz
ossfuzz
added 2018/09/25 12:24 p.m.23 views

strongswan/fuzz_certs: Heap-buffer-overflow in gmp_emsa_pkcs1_signature_data

Detailed report: https://oss-fuzz.com/testcase?key=5761587219005440 Project: strongswan Fuzzer: aflstrongswanfuzzcerts Fuzz target binary: fuzzcerts Job Type: aflasanstrongswan Platform Id: linux Crash Type: Heap-buffer-overflow WRITE 1 Crash Address: 0x6030000019a1 Crash State:...

6.4AI score
Exploits0Affected Software1
ossfuzz
ossfuzz
added 2018/01/25 10:50 a.m.15 views

imagemagick/encoder_miff_fuzzer: Use-of-uninitialized-value in PerceptibleReciprocal

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5646359521656832 Project: imagemagick Fuzzer: libFuzzerimagemagickencodermifffuzzer Fuzz target binary: encodermifffuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type:...

6.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2011/09/05 3:18 p.m.21 views

Inline attachment downloads vulnerable to XSS by setting tweaked HTML content type

Please see CONFDEV-9069 https://jira.atlassian.com/browse/CONFDEV-9069 for the current issue addressed at fixing attachment XSS vulnerabilities. --- TLDR: white-list mime-types which can be served "inline" and don't let the user set arbitrary mime-types. I have been having a good laugh sorry...

6.5AI score
Exploits0Affected Software1
Rows per page
Query Builder