Lucene search
K

407 matches found

Cvelist
Cvelist
added 2026/06/25 7:47 p.m.24 views

CVE-2026-46601 Panic on VP8 alpha channel size mismatch in x/image/webp in golang.org/x/image

The webp decoder can panic when processing a VP8 chunk with dimensions that do not match the canvas size...

0.00339EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/15 9:30 p.m.6 views

EUVD-2025-210150

A heap buffer overflow in the gfisomvpconfignew function isomedia/avcext.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5CVSS5.5AI score0.00202EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/06/15 12:0 a.m.8 views

CVE-2025-55652

A heap buffer overflow in the gfisomvpconfignew function isomedia/avcext.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5AI score0.00202EPSS
Exploits1References1
CVE
CVE
added 2026/06/15 12:0 a.m.15 views

CVE-2025-55652

GPAC MP4Box v2.4 is affected by a heap buffer overflow in gf_isom_vp_config_new (isomedia/avc_ext.c), enabling DoS via a crafted MP4 file. This is documented across multiple sources (CVE-2025-55652, EUVD-2025-210150, NVD, CVELIST, etc.). The vulnerability details specify the vulnerable function a...

5.5CVSS5.6AI score0.00202EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011281)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011281 advisory. In the Linux kernel, the following vulnerability has been resolved: vdpa/vpvdpa: fix kfree a wrong pointer in vpvdparemove In vpvdparemove, the code...

5.7AI score0.00166EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.6 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010733)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010733 advisory. In the Linux kernel, the following vulnerability has been resolved: vdpa: fix use-after-free on vpvdparemove When vpvdpa driver is unbind, vpvdpa is freed in...

5.5CVSS5.7AI score0.00201EPSS
Exploits0References4
OSV
OSV
added 2026/04/16 1:2 a.m.8 views

GHSA-33R3-4WHC-44C2 Path traversal in vite-plus/binding downloadPackageManager() writes outside VP_HOME

Summary downloadPackageManager in vite-plus/binding accepts an untrusted version string and uses it directly in filesystem paths. A caller can supply ../ segments to escape the VPHOME/packagemanager// cache root and cause Vite+ to delete, replace, and populate directories outside the intended cac...

10CVSS5.8AI score0.00311EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/04/16 1:2 a.m.8 views

Path traversal in vite-plus/binding downloadPackageManager() writes outside VP_HOME

Summary downloadPackageManager in vite-plus/binding accepts an untrusted version string and uses it directly in filesystem paths. A caller can supply ../ segments to escape the VPHOME/packagemanager// cache root and cause Vite+ to delete, replace, and populate directories outside the intended cac...

10CVSS5.8AI score0.00311EPSS
Exploits1References3Affected Software1
ICS
ICS
added 2026/04/02 6:0 a.m.9 views

Yokogawa CENTUM VP

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to login as the PROG user and modify permissions. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for...

2.1CVSS5.8AI score0.00165EPSS
Exploits0References13
CNNVD
CNNVD
added 2026/03/30 12:0 a.m.11 views

Yokogawa CENTUM VP 安全漏洞

Yokogawa CENTUM VP is a distributed control system platform developed by Yokogawa Electric Corporation in Japan. There are security vulnerabilities in Yokogawa CENTUM VP, which stem from hardcoded passwords. This could allow attackers to log in as PROG users under certain conditions...

2.1CVSS5.8AI score0.00165EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/24 7:30 p.m.9 views

Malicious code in open-vp-cal (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ab8c06b5d7e9b98d62708ab7377d9e18a214e884c69b0c7217979121aed06917 When executing the module, the code installs a package from a remote location. The remote package contains malicious code exfiltrating selected env variables a...

5.9AI score
Exploits0References1
OSV
OSV
added 2026/03/24 7:30 p.m.7 views

MAL-2026-2138 Malicious code in open-vp-cal (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ab8c06b5d7e9b98d62708ab7377d9e18a214e884c69b0c7217979121aed06917 When executing the module, the code installs a package from a remote location. The remote package contains malicious code exfiltrating selected env variables a...

5.9AI score
Exploits0References1
Packet Storm
Packet Storm
added 2026/03/23 12:0 a.m.196 views

📄 Digital Watchdog DVR VMAX / DW-VP / DW-VA Credential Disclosure / Code Execution

Digital Watchdog DVR versions VMAX, DW-VP, and DW-VA suffer from unauthenticated credential disclosure and post-authentication remote code execution vulnerabilities. Exploit Title: Digital Watchdog DVR VMAX/DW-VP/DW-VA unauth credential disclosure and post-auth RCE Date: 2026-01-06 Exploit Author...

6.5AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/02/14 7:23 a.m.3 views

CVE-2025-48019

A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and versions are as follows: Vnet/IP Interface Package for CENTU...

6.5CVSS5.2AI score0.00212EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/14 7:23 a.m.20 views

CVE-2025-48022

A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and versions are as follows: Vnet/IP Interface Package for CENTU...

6.5CVSS5.2AI score0.00171EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/14 7:23 a.m.28 views

CVE-2025-48020

A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and versions are as follows: Vnet/IP Interface Package for CENTU...

6.5CVSS5.2AI score0.00229EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/14 7:23 a.m.7 views

CVE-2025-1924

A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receive maliciously crafted packets, a DoS attack may cause Vnet/IP communication functions to stop or arbitrary programs to be executed. The affected products and versions a...

8.2CVSS5.5AI score0.00191EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/14 7:23 a.m.4 views

CVE-2025-48021

A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and versions are as follows: Vnet/IP Interface Package for CENTU...

6.5CVSS5.2AI score0.00171EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/14 7:23 a.m.5 views

CVE-2025-48023

A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and versions are as follows: Vnet/IP Interface Package for CENTU...

6.5CVSS5.2AI score0.00171EPSS
Exploits0References1
OSV
OSV
added 2026/02/13 6:16 a.m.5 views

CVE-2025-48022

A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and versions are as follows: Vnet/IP Interface Package for CENTU...

6.5CVSS5.6AI score0.00171EPSS
Exploits0References1
Rows per page
Query Builder