Lucene search
K

13 matches found

OSV
OSV
added 2026/06/19 9:17 p.m.11 views

DEBIAN-CVE-2026-49337

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.20, a crafted sequence of H.265 NAL units causes decodercontext::readsliceNAL libde265/decctx.cc:481 to attach slice headers to a finished picture object that has no active image unit, resulting in...

4.3CVSS5.8AI score0.00194EPSS
Exploits0References1
NVD
NVD
added 2026/06/19 9:17 p.m.10 views

CVE-2026-49337

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.20, a crafted sequence of H.265 NAL units causes decodercontext::readsliceNAL libde265/decctx.cc:481 to attach slice headers to a finished picture object that has no active image unit, resulting in...

4.3CVSS0.00194EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/19 7:53 p.m.8 views

CVE-2026-49337

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.20, a crafted sequence of H.265 NAL units causes decodercontext::readsliceNAL libde265/decctx.cc:481 to attach slice headers to a finished picture object that has no active image unit, resulting in...

4.3CVSS5.8AI score0.00194EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/06/19 7:53 p.m.6 views

CVE-2026-49337

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.20, a crafted sequence of H.265 NAL units causes decodercontext::readsliceNAL libde265/decctx.cc:481 to attach slice headers to a finished picture object that has no active image unit, resulting in...

4.3CVSS5.8AI score0.00194EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.10 views

Libheif 1.19.x < 1.23.0 DoS (macOS)

According to its self-reported version, libheif on the remote host is affected by a denial of service vulnerability. A crafted HEIF sequence file can cause libheif to perform unbounded heap allocation due to a missing bound check in the stsz fixed-size mode of the HEIF sequence parser, leading to...

5.9AI score0.00089EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 p.m.10 views

CVE-2026-41726

A flaw was found in spring-kafka. When an application uses the DelegatingDeserializer, a malicious producer can exploit this vulnerability by sending records with unique, random spring.kafka.serialization.selector header values. This can cause the consumer's memory heap to grow without limits,...

6.5CVSS5.1AI score0.00289EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.11 views

OpenTelemetry 安全漏洞

OpenTelemetry is an open-source, vendor-neutral, open-source observability framework developed by OpenTelemetry. Versions of OpenTelemetry 1.15.0-beta.1 and earlier contain security vulnerabilities. These vulnerabilities stem from the AzureVmMetaDataRequestor class, which reads response bodies...

5.9CVSS5.8AI score0.00323EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.8 views

OpenTelemetry .NET Contrib 安全漏洞

OpenTelemetry .NET Contrib is an open-source telemetry data collection and processing library developed by OpenTelemetry - CNCF. Versions of OpenTelemetry .NET Contrib prior to 1.15.0 contain security vulnerabilities. These vulnerabilities stem from the HttpJsonPostTransport class, which allows...

5.9CVSS5.8AI score0.00338EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/20 4:43 a.m.3 views

CVE-2026-33012

Micronaut Framework is a JVM-based full stack Java framework designed for building modular, easily testable JVM applications. Versions 4.7.0 through 4.10.16 used an unbounded ConcurrentHashMap cache with no eviction policy in its DefaultHtmlErrorResponseBodyProvider. If the application throws an...

7.5CVSS5.8AI score0.00561EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/21 12:30 a.m.13 views

CVE-2025-56353

In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 2024-02-18, a memory leak occurs due to the broker's failure to validate or reject malformed UTF-8 strings in topic filters. An attacker can exploit this by sending repeated subscription requests with arbitrarily large or invalid filter...

7.5CVSS5.5AI score0.00287EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/01/20 12:0 a.m.3 views

CVE-2025-56353

In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 2024-02-18, a memory leak occurs due to the broker's failure to validate or reject malformed UTF-8 strings in topic filters. An attacker can exploit this by sending repeated subscription requests with arbitrarily large or invalid filter...

5.5AI score0.00287EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2026/01/05 2:59 p.m.11 views

MessagePack for Java Vulnerable to Remote DoS via Malicious EXT Payload Allocation

Summary Affected Components: org.msgpack.core.MessageUnpacker.readPayload org.msgpack.core.MessageUnpacker.unpackValue org.msgpack.value.ExtensionValue.getData A denial-of-service vulnerability exists in MessagePack for Java when deserializing .msgpack files containing EXT32 objects with...

7.5CVSS6.6AI score0.0055EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2024/06/13 9:27 a.m.5 views

CLSA-2024-1718270850 Fix CVE(s): CVE-2023-4016

SECURITY UPDATE: Ability to write almost unlimited amounts of unfiltered data into the process heap - debian/patches/CVE-2023-4016-2.patch: ps: extended fix of the CVE-2023-4016 - fix possible buffer overflow in -C option. - CVE-2023-4016...

3.3CVSS6.6AI score0.00239EPSS
Exploits0References1
Rows per page
Query Builder