Lucene search
K

936 matches found

NVD
NVD
added 2 days ago4 views

CVE-2026-20244

A vulnerability in the DMG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in DMG...

7.5CVSS0.00389EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2 days ago4 views

CVE-2026-20244

A vulnerability in the DMG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in DMG...

7.5CVSS5.9AI score0.00389EPSS
Exploits0References2Affected Software1
OSV
OSV
added 5 days ago3 views

DEBIAN-CVE-2026-58050

libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response and uses it in the allocation numattrs sizeoflibssh2publickeyattribute without bounds checking, so on 32-bit platforms the multiplication overflows to an undersized buffer. A malicious S...

7.5CVSS6AI score0.00333EPSS
Exploits0References1
NVD
NVD
added 5 days ago12 views

CVE-2026-58050

libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response and uses it in the allocation numattrs sizeoflibssh2publickeyattribute without bounds checking, so on 32-bit platforms the multiplication overflows to an undersized buffer. A malicious S...

8.3CVSS0.00333EPSS
Exploits0References3
Debian CVE
Debian CVE
added 5 days ago5 views

CVE-2026-58050

libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response and uses it in the allocation numattrs sizeoflibssh2publickeyattribute without bounds checking, so on 32-bit platforms the multiplication overflows to an undersized buffer. A malicious S...

8.3CVSS6AI score0.00333EPSS
Exploits0
Cvelist
Cvelist
added 5 days ago32 views

CVE-2026-58050 libssh2 - Integer Overflow in publickey Subsystem Attribute Allocation

libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response and uses it in the allocation numattrs sizeoflibssh2publickeyattribute without bounds checking, so on 32-bit platforms the multiplication overflows to an undersized buffer. A malicious S...

8.3CVSS0.00333EPSS
Exploits0References3
CVE
CVE
added 5 days ago44 views

CVE-2026-58050

CVE-2026-58050 affects libssh2 up to 1.11.1. The publickey subsystem reads an attacker-controlled 32-bit attribute count and uses it in the allocation num_attrs * sizeof(libssh2_publickey_attribute) without bounds checking. On 32-bit platforms, this multiplication can overflow, producing an under...

8.3CVSS6AI score0.00333EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 5 days ago11 views

PT-2026-53082

Name of the Vulnerable Software and Affected Versions libssh2 versions prior to 1.11.2 Description An integer overflow occurs when the software reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response. This value is used in the allocation num attrs sizeoflibssh2...

8.3CVSS6AI score0.00333EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/06/26 1:31 a.m.11 views

CVE-2026-53199

A flaw was found in the Linux kernel's Hyper-V network virtual service client hvnetvsc component. This vulnerability occurs in the netvsccopytosendbuf function, where incorrect memory mapping of page buffer entries can lead to a system fault. Specifically, on 32-bit x86 systems with high memory...

7.5CVSS6AI score0.0053EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 6:18 p.m.7 views

CVE-2026-53015

A flaw was found in the Linux kernel's erofs filesystem. On 32-bit platforms, the lcn variable, used for logical cluster numbers, was defined as a 32-bit integer. This could lead to truncation when calculating offsets larger than 4 Gigabytes GiB, potentially causing incorrect data handling within...

5.5CVSS5.8AI score0.00168EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 6:17 p.m.5 views

CVE-2026-53047

A flaw was found in the Linux kernel's EFI Extensible Firmware Interface capsule loader. An incorrect size calculation during memory reallocation for physical addresses can lead to an undersized buffer. This issue, specifically on 32-bit systems with Physical Address Extension PAE, may result in ...

5.5CVSS6.3AI score0.00195EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 6:16 p.m.9 views

CVE-2026-54679

jq is a command-line JSON processor. Prior to 1.8.2, on 32bit system, jvpstringappend has a chance of integer/multiple overflowing and then causing a massive buffer overrun. This vulnerability is fixed in 1.8.2...

6.9CVSS0.00103EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/25 5:16 p.m.5 views

CVE-2026-54679

jq is a command-line JSON processor. Prior to 1.8.2, on 32bit system, jvpstringappend has a chance of integer/multiple overflowing and then causing a massive buffer overrun. This vulnerability is fixed in 1.8.2...

6.9CVSS6AI score0.00103EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.8 views

PT-2026-52519

Name of the Vulnerable Software and Affected Versions jq versions prior to 1.8.2 Description On 32-bit systems, the jvp string append function is susceptible to integer or multiplication overflow, which can lead to a significant buffer overrun. A buffer overrun occurs when a program writes more...

6.9CVSS5.9AI score0.00103EPSS
Exploits0References7
NVD
NVD
added 2026/06/24 5:17 p.m.9 views

CVE-2026-52967

In the Linux kernel, the following vulnerability has been resolved: smb/client: fix possible infinite loop and oob read in symlinkdata On 32-bit architectures, the infinite loop is as follows: len = p-ErrorDataLength == 0xfffffff8 u8 next = p-ErrorContextData + len next == p On 32-bit...

8.1CVSS0.00398EPSS
Exploits0References6
CVE
CVE
added 2026/06/24 4:29 p.m.7 views

CVE-2026-53015

In the Linux kernel’s EROFS code, the lcn field was typed as unsigned long (or unsigned int), which is 32-bit on 32-bit platforms, causing (lcn <

5.7AI score0.00168EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 7:14 a.m.10 views

EUVD-2026-38730

In the Linux kernel, the following vulnerability has been resolved: netfilter: ebtables: fix OOB read in compatmtwfromuser Luxiao Xu says: The function compatmtwfromuser converts ebtables extensions from 32-bit user structures to kernel native structures. However, it lacks proper validation of th...

5.8AI score0.0012EPSS
Exploits0References8
CVE
CVE
added 2026/06/21 1:26 p.m.67 views

CVE-2026-56367

ImageMagick before 7.1.2-15 and 6.9.x before 6.9.13-40 contain an integer overflow in the PSB (PSD v2) RLE decoding path (ReadPSDChannelRLE in coders/psd.c) that causes a heap out-of-bounds read on 32-bit builds. Processing a crafted PSB file can lead to information disclosure or a crash. Affecte...

9.1CVSS5.9AI score0.00236EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/21 1:26 p.m.7 views

CVE-2026-56367 ImageMagick - Heap Out-of-Bounds Read in PSB RLE Decoding

ImageMagick before 7.1.2-15 and 6.9.x before 6.9.13-40 contains an integer overflow in the PSB PSD v2 RLE decoding path ReadPSDChannelRLE in coders/psd.c that causes a heap out-of-bounds read on 32-bit builds. Processing a crafted PSB file can lead to information disclosure or a crash...

6.3CVSS5.9AI score0.00236EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in gdk-pixbuf

GNOME GdkPixbuf also known as GDK-PixBuf prior to version 2.42.8 allowed a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated in the io-gif-animation.c file’s compositeframe function. This overflow was controllable and could be exploited for code executio...

7.8CVSS7.7AI score0.00748EPSS
Exploits1References2
Rows per page
Query Builder