Lucene search
K

410 matches found

Rockylinux
Rockylinux
added 4 days ago6 views

gstreamer1-plugins-bad-free security update

An update is available for gstreamer1-plugins-bad-free. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GStreamer is a streaming media framework based on graphs ...

8.8CVSS6.2AI score0.0053EPSS
Exploits0
RedHat Linux
RedHat Linux
added 6 days ago6 views

gstreamer1-plugins-bad-free: GStreamer: Signed integer overflow in VMnc decoder cursor payload handling

A signed integer overflow vulnerability was found in GStreamer's VMnc decoder. A crafted VMnc stream with large cursor dimensions can overflow signed integer payload-size arithmetic, bypassing a length check and leading to out-of-bounds reads. A remote attacker could trick a user into opening a...

7.1CVSS6AI score0.0031EPSS
Exploits0References5
OSV
OSV
added last week4 views

DEBIAN-CVE-2026-58472

GNU Wget through 1.25.0, fixed in commit dd692d9, contains a heap buffer overflow vulnerability in the htmlquotestring function in src/convert.c that allows a remote attacker to trigger memory corruption by supplying a crafted HTML attribute with a large number of characters requiring entity...

7.1CVSS6.3AI score0.00221EPSS
Exploits0References1
NVD
NVD
added last week9 views

CVE-2026-58470

GNU Wget through 1.25.0, fixed in commit 43d3ba9, contains an integer overflow vulnerability in the parsecontentrange function within src/http.c that allows server-controlled values to cause signed integer arithmetic to overflow. Attackers can supply malicious Content-Range header values to trigg...

6.9CVSS0.00247EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/07/01 5:14 p.m.3 views

php: signed integer overflow in metaphone()

A flaw was found in PHP. The metaphone function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. When an input string is longer than 2,147,483,647 bytes, a signed integer overflow can occur, leading to undefined behavior and an...

7.5CVSS5.8AI score0.00455EPSS
Exploits0References5
OSV
OSV
added 2026/06/30 12:0 a.m.5 views

ALSA-2026:33449 Important: php security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: php-soap: php-src: PHP SOAP extension: Remote Code Execution via use-after-free vulnerability CVE-2026-6722 PHP: PHP: Denial of Service via improper handling of signed characters in ctype...

9.8CVSS7.1AI score0.0078EPSS
Exploits1References16
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.7 views

EulerOS 2.0 SP15 : libtiff (EulerOS-SA-2026-2450)

According to the versions of the libtiff packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile...

7.8CVSS7.1AI score0.00553EPSS
Exploits0References2
NVD
NVD
added 2026/06/24 5:17 p.m.5 views

CVE-2026-53036

In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Fix off-by-one in checkimm signed range check checkimmbits, imm is used in the arm64 BPF JIT to verify that a branch displacement in arm64 instruction units fits into the signed N-bit immediate field of a B, B.cond or...

7.8CVSS0.00138EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/19 8:12 p.m.24 views

CVE-2026-49346 libde265 has a heap buffer overflow in de265_image_get_buffer via SPS dimension integer overflow

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.1.0, a crafted H.265 bitstream with large SPS dimensions and 16-bit bit depth causes a signed integer overflow in de265imagegetbuffer libde265/image.cc:128. The overflow wraps the plane allocation size to a sma...

7.1CVSS0.00227EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/15 7:15 p.m.37 views

CVE-2026-52722 Gstreamer1-plugins-bad-free: gstreamer: signed integer overflow in vmnc decoder cursor payload handling

A signed integer overflow vulnerability was found in GStreamer's VMnc decoder. A crafted VMnc stream with large cursor dimensions can overflow signed integer payload-size arithmetic, bypassing a length check and leading to out-of-bounds reads. A remote attacker could trick a user into opening a...

7.1CVSS0.0031EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/15 2:5 a.m.12 views

Important: Red Hat Security Advisory: libtiff security update

An update for libtiff is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

7.8CVSS6.1AI score0.00553EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/15 12:0 a.m.8 views

RHEL 7 : libtiff (RHSA-2026:25910)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:25910 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: libtiff: Arbitrar...

7.8CVSS6AI score0.00553EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.13 views

EulerOS Virtualization 2.13.0 : libtiff (EulerOS-SA-2026-2406)

According to the versions of the libtiff packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the...

7.8CVSS5.7AI score0.00553EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 5:17 p.m.24 views

CVE-2026-7383

Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1mbstringncopy can lead to a heap buffer overflow. Impact summary: A heap buffer overflow may lead to a crash or possibly attacker controlled code execution or other undefined behaviour. In...

8.1CVSS0.00358EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/09 4:3 p.m.48 views

CVE-2026-7383 Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion

Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1mbstringncopy can lead to a heap buffer overflow. Impact summary: A heap buffer overflow may lead to a crash or possibly attacker controlled code execution or other undefined behaviour. In...

0.00358EPSS
Exploits0References6
CVE
CVE
added 2026/06/09 4:3 p.m.78 views

CVE-2026-7383

The CVE concerns OpenSSL’s ASN1 mbstring handling (functions ASN1_mbstring_copy() and ASN1_mbstring_ncopy()). A signed integer overflow in sizing the destination buffer for Unicode output can cause a heap buffer overflow, potentially crashing a process or enabling attacker-controlled code executi...

8.1CVSS6.3AI score0.00358EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/09 4:3 p.m.13 views

CVE-2026-7383 Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion

Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1mbstringncopy can lead to a heap buffer overflow. Impact summary: A heap buffer overflow may lead to a crash or possibly attacker controlled code execution or other undefined behaviour. In...

6.3AI score0.00358EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.17 views

RHEL 9 : php:8.2 (RHSA-2026:22143)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22143 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: PHP: PHP: Denial of Service via...

8.8CVSS5.6AI score0.0078EPSS
Exploits1References10
Rockylinux
Rockylinux
added 2026/06/05 12:4 p.m.14 views

php8.4 security update

An update is available for php8.4. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list PHP is an HTML-embedded scripting language. PHP attempts to make it easy for...

9.1CVSS5.7AI score0.0078EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.9 views

RockyLinux 10 : libtiff (RLSA-2026:19150)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:19150 advisory. libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing CVE-2026-4775 Tenable has extracted the...

7.8CVSS6.1AI score0.00553EPSS
Exploits0References3
Rows per page
Query Builder