Lucene search
K

184 matches found

EUVD
EUVD
added last week6 views

EUVD-2026-38386

MessagePack-CSharp: LZ4 decompression allocates from unbounded declared output lengths...

7.5CVSS5.8AI score0.00236EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/19 5:16 p.m.20 views

CVE-2026-49271 libheif: Wrapped icef compressed-unit range check causes out-of-bounds read in uncompressed HEIF decoder

libheif is a HEIF and AVIF file format decoder and encoder. Prior to version 1.22.1, the uncompressed HEIF decoder validates explicit icef compressed-unit offsets using unitoffset + unitsize. Because the addition can wrap, a crafted HEIF file can pass the range check and then construct a vector...

6.5CVSS0.00199EPSS
Exploits0References1
CVE
CVE
added 2026/06/19 5:16 p.m.24 views

CVE-2026-49271

CVE-2026-49271 affects libheif prior to 1.22.1. The uncompressed HEIF decoder validates icef compressed-unit offsets with unit_offset + unit_size, which can wrap and allow constructing iterators outside the compressed item buffer, causing an out-of-bounds heap read and crash. This vulnerability i...

6.5CVSS5.8AI score0.00199EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/19 5:16 p.m.4 views

CVE-2026-49271

libheif is a HEIF and AVIF file format decoder and encoder. Prior to version 1.22.1, the uncompressed HEIF decoder validates explicit icef compressed-unit offsets using unitoffset + unitsize. Because the addition can wrap, a crafted HEIF file can pass the range check and then construct a vector...

6.5CVSS5.8AI score0.00199EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.6 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Net::CIDR::Lite vulnerabilities (USN-8406-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8406-1 advisory. Dave Rolsky discovered that Net::CIDR::Lite did not properly handle extraneous zero...

7.5CVSS5.7AI score0.00493EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/05/19 9:53 p.m.18 views

LibRaw: LibRaw: Arbitrary code execution via a specially crafted malicious file

A flaw was found in LibRaw. A remote attacker could exploit an integer overflow vulnerability by providing a specially crafted malicious file. This flaw, located in the uncompressedfpdngloadraw functionality, leads to a heap buffer overflow. Successful exploitation may result in arbitrary code...

9.8CVSS6.7AI score0.00454EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/05/05 7:56 p.m.7 views

LibRaw: LibRaw: Arbitrary code execution via a specially crafted malicious file

A flaw was found in LibRaw. A remote attacker could exploit an integer overflow vulnerability by providing a specially crafted malicious file. This flaw, located in the uncompressedfpdngloadraw functionality, leads to a heap buffer overflow. Successful exploitation may result in arbitrary code...

9.8CVSS6.7AI score0.00454EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.3 views

Amazon Linux 2023 : perl-Net-CIDR-Lite (ALAS2023-2026-1624)

"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1624 advisory. Net::CIDR::Lite versions before 0.23 for Perl does not validate IPv6 group count, which may allow IP ACL bypass. packipv6 does not check that uncompressed IPv6 addresses without :: have exact...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/28 1:55 p.m.9 views

LibRaw: LibRaw: Arbitrary code execution via a specially crafted malicious file

A flaw was found in LibRaw. A remote attacker could exploit an integer overflow vulnerability by providing a specially crafted malicious file. This flaw, located in the uncompressedfpdngloadraw functionality, leads to a heap buffer overflow. Successful exploitation may result in arbitrary code...

9.8CVSS6.5AI score0.00454EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/04/25 12:0 a.m.8 views

Fedora 44 : perl-Net-CIDR-Lite (2026-fe487aa625)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-fe487aa625 advisory. This update addresses two security issues regarding incorrect handling of malformed IPv6 addresses: Fix IPv4 mapped IPv6 packed length CVE-2026-4019...

7.5CVSS5.5AI score0.00309EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.5 views

Fedora 42 : perl-Net-CIDR-Lite (2026-4b112416d8)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-4b112416d8 advisory. This update addresses two security issues regarding incorrect handling of malformed IPv6 addresses: Fix IPv4 mapped IPv6 packed length CVE-2026-4019...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.5 views

openSUSE 16 Security Update : libraw (openSUSE-SU-2026:20574-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20574-1 advisory. - CVE-2026-5342: crafted TIFF/NEF file can cause an out-of-bounds read bsc1261499. - CVE-2026-20884: integer overflow vulnerability in the...

9.8CVSS6.3AI score0.00746EPSS
Exploits7References21
OSV
OSV
added 2026/04/20 3:30 p.m.4 views

OPENSUSE-SU-2026:20574-1 Security update for libraw

This update for libraw fixes the following issues: - CVE-2026-5342: crafted TIFF/NEF file can cause an out-of-bounds read bsc1261499. - CVE-2026-20884: integer overflow vulnerability in the deflatedngloadraw bsc1261671. - CVE-2026-20889: heap-based buffer overflow vulnerability in the...

9.8CVSS6.1AI score0.00746EPSS
Exploits7References14
SUSE CVE
SUSE CVE
added 2026/04/14 11:25 p.m.5 views

SUSE CVE-2026-40198

Net::CIDR::Lite versions before 0.23 for Perl does not validate IPv6 group count, which may allow IP ACL bypass. packipv6 does not check that uncompressed IPv6 addresses without :: have exactly 8 hex groups. Inputs like "abcd", "1:2:3", or "1:2:3:4:5:6:7" are accepted and produce packed values of...

6.5CVSS5.8AI score0.00309EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/14 7:23 p.m.6 views

CVE-2026-5439

A memory exhaustion vulnerability exists in ZIP archive processing. Orthanc automatically extracts ZIP archives uploaded to certain endpoints and trusts metadata fields describing the uncompressed size of archived files. An attacker can craft a small ZIP archive containing a forged size value,...

7.5CVSS5.8AI score0.00426EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/13 7:25 p.m.5 views

CVE-2026-40198

Net::CIDR::Lite versions before 0.23 for Perl does not validate IPv6 group count, which may allow IP ACL bypass. packipv6 does not check that uncompressed IPv6 addresses without :: have exactly 8 hex groups. Inputs like "abcd", "1:2:3", or "1:2:3:4:5:6:7" are accepted and produce packed values of...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/11 12:31 a.m.3 views

EUVD-2026-21609

Net::CIDR::Lite versions before 0.23 for Perl does not validate IPv6 group count, which may allow IP ACL bypass. packipv6 does not check that uncompressed IPv6 addresses without :: have exactly 8 hex groups. Inputs like "abcd", "1:2:3", or "1:2:3:4:5:6:7" are accepted and produce packed values of...

6.3CVSS6.6AI score0.00493EPSS
Exploits0References4
NVD
NVD
added 2026/04/10 10:16 p.m.4 views

CVE-2026-40198

Net::CIDR::Lite versions before 0.23 for Perl does not validate IPv6 group count, which may allow IP ACL bypass. packipv6 does not check that uncompressed IPv6 addresses without :: have exactly 8 hex groups. Inputs like "abcd", "1:2:3", or "1:2:3:4:5:6:7" are accepted and produce packed values of...

7.5CVSS0.00309EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/04/10 10:16 p.m.3 views

CVE-2026-40198

Net::CIDR::Lite versions before 0.23 for Perl does not validate IPv6 group count, which may allow IP ACL bypass. packipv6 does not check that uncompressed IPv6 addresses without :: have exactly 8 hex groups. Inputs like "abcd", "1:2:3", or "1:2:3:4:5:6:7" are accepted and produce packed values of...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/04/10 9:42 p.m.0 views

CVE-2026-40198

Net::CIDR::Lite versions before 0.23 for Perl does not validate IPv6 group count, which may allow IP ACL bypass. packipv6 does not check that uncompressed IPv6 addresses without :: have exactly 8 hex groups. Inputs like "abcd", "1:2:3", or "1:2:3:4:5:6:7" are accepted and produce packed values of...

7.5CVSS6.6AI score0.00309EPSS
Exploits0References3
Rows per page
Query Builder