Lucene search
K

14 matches found

OSV
OSV
added 2026/06/19 7:35 p.m.4 views

GHSA-3V45-F3VH-WG7M Oj: Stack Buffer Overflow in Oj.dump via Large Indent

Summary Oj.dump is vulnerable to a stack-based buffer overflow when a large :indent value is provided by the developer. fillindent in dump.h calls memsetindentstr, ' ', sizetopts-indent without validating the size. When opts-indent is set to INTMAX 2,147,483,647, the sizet cast preserves the larg...

8.7CVSS6.3AI score
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in imagemagick

The function WritePALMImage in /coders/palm.c uses sizet type conversions in several parts of the calculation. This could lead to values that are outside the range of the representable type unsigned long, resulting in undefined behavior when a malicious input file is processed by ImageMagick...

4.3CVSS6.5AI score0.01075EPSS
Exploits0References2
CVE
CVE
added 2026/04/21 1:33 a.m.32 views

CVE-2026-40250

OpenEXR CVE-2026-40250 affects multiple release series (3.4.0–3.4.9, 3.3.0–3.3.9, 3.2.0–3.2.7) where internal_dwa_compressor.h:1040 computes chan->width * chan->bytes_per_element using int32 arithmetic without a size_t cast, enabling an integer overflow in the DWA decoder outBufferEnd point...

8.4CVSS5.8AI score0.0045EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/02/24 3:45 p.m.7 views

ImageMagick: Integer overflow or wraparound and incorrect conversion between numeric types in the internal SVG decoder

A crafted SVG file can cause a denial of service. An off-by-one boundary check instead of = that allows bypass the guard and reach an undefined sizet cast...

7.5CVSS5.4AI score0.00594EPSS
Exploits0References5Affected Software19
UbuntuCve
UbuntuCve
added 2026/02/24 12:0 a.m.5 views

CVE-2026-25989

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted SVG file can cause a denial of service. An off-by-one boundary check instead of = that allows bypass the guard and reach an undefined sizet cast...

7.5CVSS5.9AI score0.00594EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/16 6:30 p.m.6 views

EUVD-2025-34779

An integer overflow vulnerability exists in the QuickJS regular expression engine libregexp due to an inconsistent representation of the bytecode buffer size. The regular expression bytecode is stored in a DynBuf structure, which correctly uses a $\textsize\textt$ an unsigned type, typically...

7.1CVSS7AI score0.00417EPSS
Exploits1References3
NVD
NVD
added 2025/10/16 4:15 p.m.4 views

CVE-2025-62495

An integer overflow vulnerability exists in the QuickJS regular expression engine libregexp due to an inconsistent representation of the bytecode buffer size. The regular expression bytecode is stored in a DynBuf structure, which correctly uses a $\textsize\textt$ an unsigned type, typically...

8.8CVSS0.00417EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-20268

Malware in sbrugna...

4.3CVSS6.4AI score0.01147EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2025/09/16 11:24 p.m.1 views

SUSE CVE-2025-39793

In the Linux kernel, the following vulnerability has been resolved: iouring/memmap: cast nrpages to sizet before shifting If the allocated size exceeds UINTMAX, then it's necessary to cast the mr-nrpages value to sizet to prevent it from overflowing. In practice this isn't much of a concern as th...

7.8CVSS6.5AI score0.00141EPSS
Exploits0References3
OSV
OSV
added 2025/09/12 4:15 p.m.4 views

DEBIAN-CVE-2025-39793

In the Linux kernel, the following vulnerability has been resolved: iouring/memmap: cast nrpages to sizet before shifting If the allocated size exceeds UINTMAX, then it's necessary to cast the mr-nrpages value to sizet to prevent it from overflowing. In practice this isn't much of a concern as th...

7.8CVSS6.2AI score0.00141EPSS
Exploits0References1
CVE
CVE
added 2025/09/12 3:59 p.m.21 views

CVE-2025-39793

Summary (CVE-2025-39793): In the Linux kernel io_uring/memmap path, the vulnerability arises when allocating memory where nr_pages may overflow during a shift if the size exceeds UINT_MAX. The root cause is failure to cast mr->nr_pages to size_t before shifting, which could allow overflow and ...

7.8CVSS6.1AI score0.00141EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2025/09/12 12:0 a.m.3 views

PT-2025-37327

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains an issue in the io uring/memmap component where the nr pages value is not cast to size t before shifting, potentially leading to an overflow if the allocated...

6.4AI score0.00141EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.4 views

Astra Linux – Vulnerability in imagemagick

A vulnerability was discovered in ImageMagick. This security flaw manifests as undefined behaviors when using double to type as sizet in svg, mvg, and other code segments reoccurring bugs of CVE-2022-32546...

5.5CVSS6.5AI score0.01018EPSS
Exploits1References3
OSV
OSV
added 2023/07/13 2:24 p.m.5 views

CLSA-2023-1689258261 Fix CVE(s): CVE-2022-32546, CVE-2023-34151

SECURITY UPDATE: undefined behaviors of casting double to sizet in svg, mvg and other coders recurring bugs of CVE-2022-32546 - debian/patches/CVE-2023-34151.patch: properly cast double to sizet - CVE-2023-34151...

7.8CVSS6.8AI score0.01339EPSS
Exploits1References1
Rows per page
Query Builder