Lucene search
+L

2601 matches found

OSV
OSV
added 2026/06/19 2:16 p.m.5 views

CVE-2026-48140

There is an unchecked enum cast vulnerability in NI grpc-device BeginSidebandStream that may allow an attacker to trigger invalid enum states and undefined behavior, potentially resulting in a denial of service. Successful exploitation requires an attacker to supply a specially crafted message...

7.1CVSS5.9AI score
Exploits0References2
Cvelist
Cvelist
added 2026/06/19 1:32 p.m.35 views

CVE-2026-48140 Unchecked enum cast vulnerability in NI grpc-device in BeginSidebandStream

There is an unchecked enum cast vulnerability in NI grpc-device BeginSidebandStream that may allow an attacker to trigger invalid enum states and undefined behavior, potentially resulting in a denial of service. Successful exploitation requires an attacker to supply a specially crafted message...

7.1CVSS0.00254EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/19 12:0 a.m.11 views

CVE-2025-62821

Microsoft HEIF Image Extensions 1.2.22.0 has an out-of-bounds read because CHEIFItemInfoEntryGetDataSize can return success while leaving the reported data size as 0. This causes a caller to make a 1-byte allocation. Later, CopyPixels computes copysize = stride absroiheight but does not check the...

6AI score0.00823EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.70 views

PT-2026-50891

Name of the Vulnerable Software and Affected Versions NI grpc-device versions prior to 2.17.0 Description An unchecked enum cast issue exists in the BeginSidebandStream function. An attacker can trigger invalid enum states and undefined behavior by supplying a specially crafted message containing...

7.1CVSS5.9AI score0.00254EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/17 7:3 p.m.21 views

CVE-2026-55200 libssh2 - Out-of-Bounds Write via Unchecked packet_length in transport.c

libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in ssh2transportread that fails to enforce upper bounds on packetlength field. Remote attackers can send crafted SSH packets with excessively large packetlength values to corrupt heap memory and achieve...

9.2CVSS5.9AI score0.00732EPSS
Exploits11References3
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.24 views

PT-2026-50527

Name of the Vulnerable Software and Affected Versions libssh2 versions prior to 1.11.1 Description A pre-authentication denial of service issue exists in the SSH MSG EXT INFO handler within src/packet.c. A malicious SSH server can trigger a CPU exhaustion loop on the client by sending a crafted...

9.2CVSS5.9AI score0.00732EPSS
Exploits11References52
RedHat Linux
RedHat Linux
added 2026/06/16 12:18 p.m.4 views

postgresql: PostgreSQL: Denial of Service via uncontrolled recursion in SSL/GSS negotiation

A flaw was found in PostgreSQL. Uncontrolled recursion during SSL Secure Sockets Layer and GSS Generic Security Service negotiation allows an attacker to achieve a sustained denial of service. This can be exploited by an attacker with access to a PostgreSQL AFUNIX socket. If SSL and GSS are both...

7.5CVSS6AI score0.00471EPSS
Exploits0References5
NVD
NVD
added 2026/06/15 8:16 p.m.15 views

CVE-2026-53704

A flaw was found in GStreamer's RealMedia demuxer in the gst-plugins-ugly package. When processing a RealMedia file containing a specially crafted FILEINFO metadata section, the demuxer parses variable-name and variable-value pairs using reskippascalstring without validating that offsets remain...

7.1CVSS0.00221EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/15 7:10 p.m.10 views

CVE-2026-53704

A flaw was found in GStreamer's RealMedia demuxer in the gst-plugins-ugly package. When processing a RealMedia file containing a specially crafted FILEINFO metadata section, the demuxer parses variable-name and variable-value pairs using reskippascalstring without validating that offsets remain...

7.1CVSS4.8AI score0.00221EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/06/14 12:28 a.m.164 views

Exploit for Unchecked Input for Loop Condition in Isc Bind

CVE-2026-5950 - BIND 9 Resolver DoS Research notes and defens...

5.3CVSS5.3AI score0.00551EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2026/06/12 7:32 p.m.22 views

PyO3 has an Out-of-bounds Read in `nth` / `nth_back` for `PyList` and `PyTuple` iterators

PyO3 0.24.0 added optimized implementations of Iterator::nth and DoubleEndedIterator::nthback for the BoundListIterator and BoundTupleIterator types. These implementations computed the target index using unchecked usize addition index + n before bounds-checking against the sequence length, then...

5.6AI score
Exploits0References3Affected Software1
OSV
OSV
added 2026/06/11 12:0 p.m.18 views

RUSTSEC-2026-0176 Out-of-bounds read in `nth` / `nth_back` for `PyList` and `PyTuple` iterators

PyO3 0.24.0 added optimized implementations of Iterator::nth and DoubleEndedIterator::nthback for the BoundListIterator and BoundTupleIterator types. These implementations computed the target index using unchecked usize addition index + n before bounds-checking against the sequence length, then...

5.8AI score
Exploits0References3
OSV
OSV
added 2026/06/10 11:16 p.m.8 views

DEBIAN-CVE-2026-48994

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-24, a missing check of a return value could lead to a heap buffer over-write in the MAT decoder on 32-bit systems. This issue has been patched in versions 6.9.13-48...

5.9CVSS5.6AI score0.00227EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/10 11:12 p.m.10 views

Allocation of Resources Without Limits or Throttling

Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

8.7CVSS5.3AI score0.00346EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/10 11:12 p.m.12 views

Allocation of Resources Without Limits or Throttling

Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.7CVSS5.3AI score0.00346EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/10 9:58 p.m.38 views

CVE-2026-48994 ImageMagick: Heap Buffer Over-Write in MAT decoder on 32-bit systems

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-24, a missing check of a return value could lead to a heap buffer over-write in the MAT decoder on 32-bit systems. This issue has been patched in versions 6.9.13-48...

5.9CVSS0.00227EPSS
Exploits0References1
CVE
CVE
added 2026/06/10 9:58 p.m.41 views

CVE-2026-48994

CVE-2026-48994 affects ImageMagick MAT decoder on 32-bit systems due to a missing check of a return value, leading to a heap buffer over-write. Affected versions prior to patch: 6.9.13-48 and 7.1.2-24; patches are available in those versions. CVSSv3.1 base score: 5.9 (Network, high complexity, no...

5.9CVSS5.6AI score0.00227EPSS
Exploits0References1Affected Software1
Snyk
Snyk
added 2026/06/10 8:22 p.m.8 views

Unchecked Input for Loop Condition

Overview kafka-python is a Pure Python client for Apache Kafka Affected versions of this package are vulnerable to Unchecked Input for Loop Condition in the SCRAM authentication handling. An attacker can cause the client's event loop to freeze by supplying an excessively large iteration count...

8.7CVSS5.5AI score0.00517EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/10 6:32 p.m.8 views

CVE-2026-50639

Metrics::Any::Adapter::SignalFx versions before 0.04 for Perl does not protect against metric injections. The statsd protocol and extensions such as dogstatsd allow mutiple metrics, separated by newlines, to be sent per packet. Metrics::Any::Adapter::SignalFx which extends...

9.1CVSS5.8AI score0.00343EPSS
Exploits0References5
NVD
NVD
added 2026/06/10 2:16 a.m.16 views

CVE-2026-45329

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.4 and 6.0, several ESP-TEE secure-service wrappers in espsecureservices.c and espsecureservicesiram.c validated only some of the caller-supplied pointer arguments, leaving input pointer arguments unchecked...

7.1CVSS0.00117EPSS
Exploits0References4
Rows per page
Query Builder