Lucene search
K

74117 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/09 9:50 p.m.2 views

CVE-2026-5772

A 1-byte stack buffer over-read was identified in the MatchDomainName function src/internal.c during wildcard hostname validation when the LEFTMOSTWILDCARDONLY flag is active. If a wildcard exhausts the entire hostname string, the function reads one byte past the buffer without a bounds check,...

2.1CVSS6AI score0.00228EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/04/09 9:50 p.m.3 views

CVE-2026-5772

A 1-byte stack buffer over-read was identified in the MatchDomainName function src/internal.c during wildcard hostname validation when the LEFTMOSTWILDCARDONLY flag is active. If a wildcard exhausts the entire hostname string, the function reads one byte past the buffer without a bounds check,...

5.3CVSS5.4AI score0.00228EPSS
Exploits0
EUVD
EUVD
added 2026/04/09 8:23 p.m.7 views

EUVD-2026-21024

Wasmtime has host data leakage with 64-bit tables and Winch...

2.3CVSS5.9AI score0.00324EPSS
Exploits0References1
OSV
OSV
added 2026/04/09 8:23 p.m.3 views

GHSA-M9W2-8782-2946 Wasmtime has host data leakage with 64-bit tables and Winch

Impact Wasmtime's Winch compiler contains a bug where a 64-bit table, part of the memory64 proposal of WebAssembly, incorrectly translated the table.size instruction. This bug could lead to disclosing data on the host's stack to WebAssembly guests. The host's stack can possibly contain sensitive...

6.5CVSS5.8AI score0.00324EPSS
Exploits0References4
NVD
NVD
added 2026/04/09 7:16 p.m.6 views

CVE-2026-34945

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler contains a bug where a 64-bit table, part of the memory64 proposal of WebAssembly, incorrectly translated the table.size instruction. This bug could lead to disclosing data on the...

6.5CVSS0.00324EPSS
Exploits0References1
OSV
OSV
added 2026/04/09 7:16 p.m.2 views

DEBIAN-CVE-2026-34945

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler contains a bug where a 64-bit table, part of the memory64 proposal of WebAssembly, incorrectly translated the table.size instruction. This bug could lead to disclosing data on the...

6.5CVSS5.5AI score0.00324EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/04/09 7:16 p.m.6 views

CVE-2026-34945

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler contains a bug where a 64-bit table, part of the memory64 proposal of WebAssembly, incorrectly translated the table.size instruction. This bug could lead to disclosing data on the...

6.5CVSS5.8AI score0.00324EPSS
Exploits0References2
OSV
OSV
added 2026/04/09 7:16 p.m.3 views

UBUNTU-CVE-2026-34945

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler contains a bug where a 64-bit table, part of the memory64 proposal of WebAssembly, incorrectly translated the table.size instruction. This bug could lead to disclosing data on the...

6.5CVSS5.8AI score0.00324EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/09 6:40 p.m.6 views

CVE-2026-34945

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler contains a bug where a 64-bit table, part of the memory64 proposal of WebAssembly, incorrectly translated the table.size instruction. This bug could lead to disclosing data on the...

2.3CVSS5.9AI score0.00324EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/04/09 6:40 p.m.18 views

CVE-2026-34945 Wasmtime leaks host data with 64-bit tables and Winch

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler contains a bug where a 64-bit table, part of the memory64 proposal of WebAssembly, incorrectly translated the table.size instruction. This bug could lead to disclosing data on the...

2.3CVSS0.00324EPSS
Exploits0References1
OSV
OSV
added 2026/04/09 4:16 p.m.0 views

DEBIAN-CVE-2026-39853

osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.12, A stack buffer overflow vulnerability exists in osslsigncode in several signature verification paths. During verification of a PKCS7 signature, the code copies the digest value from a parsed...

7.8CVSS5.9AI score0.00163EPSS
Exploits0References1
NVD
NVD
added 2026/04/09 4:16 p.m.3 views

CVE-2026-39853

osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.12, A stack buffer overflow vulnerability exists in osslsigncode in several signature verification paths. During verification of a PKCS7 signature, the code copies the digest value from a parsed...

7.8CVSS0.00163EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/04/09 4:16 p.m.3 views

CVE-2026-39853

osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.12, A stack buffer overflow vulnerability exists in osslsigncode in several signature verification paths. During verification of a PKCS7 signature, the code copies the digest value from a parsed...

7.8CVSS6.1AI score0.00163EPSS
Exploits0References4
OSV
OSV
added 2026/04/09 4:16 p.m.6 views

UBUNTU-CVE-2026-39853

osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.12, A stack buffer overflow vulnerability exists in osslsigncode in several signature verification paths. During verification of a PKCS7 signature, the code copies the digest value from a parsed...

7.8CVSS6.1AI score0.00163EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/09 3:50 p.m.3 views

CVE-2026-39853 osslsigncode has a Stack Buffer Overflow via Unbounded Digest Copy During Signature Verification

osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.12, A stack buffer overflow vulnerability exists in osslsigncode in several signature verification paths. During verification of a PKCS7 signature, the code copies the digest value from a parsed...

7.8CVSS6.2AI score0.00163EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/09 3:50 p.m.3 views

CVE-2026-39853

osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.12, A stack buffer overflow vulnerability exists in osslsigncode in several signature verification paths. During verification of a PKCS7 signature, the code copies the digest value from a parsed...

7.8CVSS6.2AI score0.00163EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/04/09 3:50 p.m.18 views

CVE-2026-39853 osslsigncode has a Stack Buffer Overflow via Unbounded Digest Copy During Signature Verification

osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.12, A stack buffer overflow vulnerability exists in osslsigncode in several signature verification paths. During verification of a PKCS7 signature, the code copies the digest value from a parsed...

7.8CVSS0.00163EPSS
Exploits0References3
CVE
CVE
added 2026/04/09 3:50 p.m.13 views

CVE-2026-39853

osslsigncode contains a stack buffer overflow in its signature verification paths (PE, MSI, CAB, script) when verifying PKCS#7 signatures. During digest copy from SpcIndirectDataContent into a fixed-size stack buffer (mdbuf[EVP_MAX_MD_SIZE], 64 bytes), the code does not validate the source length...

7.8CVSS6.2AI score0.00163EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/04/09 3:50 p.m.2 views

EUVD-2026-20942

osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.12, A stack buffer overflow vulnerability exists in osslsigncode in several signature verification paths. During verification of a PKCS7 signature, the code copies the digest value from a parsed...

7.8CVSS6.2AI score0.00163EPSS
Exploits0References3
OSV
OSV
added 2026/04/09 3:46 p.m.11 views

CLSA-2026-1775749572 ImageMagick: Fix of 4 CVEs

CVE-2026-25968: stack buffer overflow in MSL image-processing language via WriteMSLImage recursion - CVE-2026-25897: out-of-bounds heap write in SUN decoder on 32-bit systems via integer overflow in pixel buffer allocation - CVE-2025-53014: out-of-bounds read in InterpretImageFilename when...

9.8CVSS6.9AI score0.00792EPSS
Exploits2References1
Rows per page
Query Builder