Lucene search
+L

2594 matches found

OSV
OSV
added 2026/06/26 8:9 a.m.2 views

SUSE-SU-2026:22373-1 Security update for python-tornado6

This update for python-tornado6 fixes the following issues - CVE-2026-49853: authorization header forwarded across cross-origin redirects in SimpleAsyncHTTPClient bsc1268395. - CVE-2026-49854: out-of-bounds memory access via C extension bsc1268396. - CVE-2026-49855: AsyncHTTPClient accumulates...

7.7CVSS5.8AI score0.00691EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/06/25 6:2 p.m.8 views

CVE-2026-53066

A flaw was found in the Linux kernel's drm/sun4i backend component. This vulnerability occurs because the drmatomicgetplanestate function can return an error pointer, which is not properly checked before being dereferenced. An attacker could potentially trigger this unchecked dereference, leading...

5.8AI score0.00161EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/25 3:28 p.m.41 views

CVE-2026-57451 Vim: Out-of-bounds Read in Text Property Count

Vim is an open source, command line text editor. Prior to 9.2.0670, gettextprops in src/textprop.c reads a uint16 property count stored inline after a line's text and returns it as the number of 32-byte textpropT entries that follow. The only check is a floor that guarantees room for a single...

5.3CVSS0.00113EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 11:51 a.m.3 views

OPENSUSE-SU-2026:21057-1 Security update for libssh2_org

This update for libssh2org fixes the following issues - CVE-2026-55199: pre-Authentication DoS via SSHMSGEXTINFO Handler bsc1268530. - CVE-2026-55200: out-of-Bounds write via Unchecked packetlength in transport.c bsc1268531...

9.2CVSS7.4AI score0.00732EPSS
Exploits11References4
OSV
OSV
added 2026/06/25 11:50 a.m.2 views

SUSE-SU-2026:22284-1 Security update for libssh2_org

This update for libssh2org fixes the following issues - CVE-2026-55199: pre-Authentication DoS via SSHMSGEXTINFO Handler bsc1268530. - CVE-2026-55200: out-of-Bounds write via Unchecked packetlength in transport.c bsc1268531...

9.2CVSS7.4AI score0.00732EPSS
Exploits11References5
OSV
OSV
added 2026/06/25 11:50 a.m.3 views

SUSE-SU-2026:22364-1 Security update for libssh2_org

This update for libssh2org fixes the following issues - CVE-2026-55199: pre-Authentication DoS via SSHMSGEXTINFO Handler bsc1268530. - CVE-2026-55200: out-of-Bounds write via Unchecked packetlength in transport.c bsc1268531...

9.2CVSS7.4AI score0.00732EPSS
Exploits11References5
RedHat Linux
RedHat Linux
added 2026/06/23 8:1 p.m.11 views

libsolv: Heap buffer overflow in libsolv repopagestore via unchecked decompression of malicious .solv page data

A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker-controlled compressed data within .solv files due to insufficient input validation. An attacker can provide a specially crafted .solv file, which, when processed by a vulnerable application, can lea...

7.8CVSS6.1AI score0.00205EPSS
Exploits1References4
AstraLinux
AstraLinux
added 2026/06/23 11:48 a.m.4 views

Astra Linux – Vulnerability in inetutils

In GNU inetutils’ telnetd module, as of version 2.7, there is a vulnerability where an out-of-bounds write can occur in the LINEMODE SLC Set Local Characters suboption handler. This occurs because the addslc function does not check whether the buffer is full before writing data...

9.8CVSS7.7AI score0.23674EPSS
Exploits8References3
RedHat Linux
RedHat Linux
added 2026/06/22 3:56 a.m.6 views

poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

7.8CVSS6.1AI score0.00252EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/22 3:12 a.m.7 views

poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

7.8CVSS6.1AI score0.00252EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/22 3:12 a.m.9 views

poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

7.8CVSS6.1AI score0.00252EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/22 3:0 a.m.7 views

poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

7.8CVSS6.1AI score0.00252EPSS
Exploits0References5
OSV
OSV
added 2026/06/19 9:16 p.m.10 views

GHSA-GJRG-MPP7-G774 py7zr: Decompression bomb (zip bomb) denial of service via unchecked extraction size

py7zr's Worker.decompress extracts archive entries without tracking total decompressed size. A crafted .7z file can exhaust disk or memory before the extraction completes. Measured: 15.6 KB archive → 100 MB output 6,556:1 ratio. Proof of concept: python import py7zr, tempfile, os create bomb:...

6.9CVSS5.9AI score0.00321EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/19 9:16 p.m.11 views

py7zr: Decompression bomb (zip bomb) denial of service via unchecked extraction size

py7zr's Worker.decompress extracts archive entries without tracking total decompressed size. A crafted .7z file can exhaust disk or memory before the extraction completes. Measured: 15.6 KB archive → 100 MB output 6,556:1 ratio. Proof of concept: python import py7zr, tempfile, os create bomb:...

8.7CVSS5.9AI score0.00321EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/06/19 4:23 p.m.2 views

CVE-2026-3195 Qemu-kvm: virtio-snd: heap buffer overflow in virtio_snd_pcm_in_cb (incomplete fix for cve-2024-7730)

A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the virtiosndpcmincb function did not check whether the iov could fit the data buffer, potentially leading to a heap out-of-bounds write. This issue exists due to an incomplete fix for CVE-2024-7730...

7.4CVSS7AI score0.00126EPSS
Exploits0References7
NVD
NVD
added 2026/06/19 2:16 p.m.18 views

CVE-2026-48140

There is an unchecked enum cast vulnerability in NI grpc-device BeginSidebandStream that may allow an attacker to trigger invalid enum states and undefined behavior, potentially resulting in a denial of service. Successful exploitation requires an attacker to supply a specially crafted message...

7.1CVSS0.00254EPSS
Exploits0References2
OSV
OSV
added 2026/06/19 2:16 p.m.3 views

CVE-2026-48140

There is an unchecked enum cast vulnerability in NI grpc-device BeginSidebandStream that may allow an attacker to trigger invalid enum states and undefined behavior, potentially resulting in a denial of service. Successful exploitation requires an attacker to supply a specially crafted message...

7.1CVSS5.9AI score
Exploits0References2
Cvelist
Cvelist
added 2026/06/19 1:32 p.m.35 views

CVE-2026-48140 Unchecked enum cast vulnerability in NI grpc-device in BeginSidebandStream

There is an unchecked enum cast vulnerability in NI grpc-device BeginSidebandStream that may allow an attacker to trigger invalid enum states and undefined behavior, potentially resulting in a denial of service. Successful exploitation requires an attacker to supply a specially crafted message...

7.1CVSS0.00254EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/19 12:0 a.m.11 views

CVE-2025-62821

Microsoft HEIF Image Extensions 1.2.22.0 has an out-of-bounds read because CHEIFItemInfoEntryGetDataSize can return success while leaving the reported data size as 0. This causes a caller to make a 1-byte allocation. Later, CopyPixels computes copysize = stride absroiheight but does not check the...

6AI score0.00823EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.70 views

PT-2026-50891

Name of the Vulnerable Software and Affected Versions NI grpc-device versions prior to 2.17.0 Description An unchecked enum cast issue exists in the BeginSidebandStream function. An attacker can trigger invalid enum states and undefined behavior by supplying a specially crafted message containing...

7.1CVSS5.9AI score0.00254EPSS
Exploits0References6
Rows per page
Query Builder