Lucene search
K

23 matches found

NVD
NVD
added 2026/06/19 2:16 p.m.19 views

CVE-2025-62821

Microsoft HEIF Image Extensions 1.2.22.0 has an out-of-bounds read because CHEIFItemInfoEntryGetDataSize can return success while leaving the reported data size as 0. This causes a caller to make a 1-byte allocation. Later, CopyPixels computes copysize = stride absroiheight but does not check the...

9.1CVSS0.00445EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fixed an infinite loop triggered by a zero-sized ATTRLIST. We have identified a bug in the ntfs3 file system that can lead to a Denial-of-Service DoS attack. A malformed NTFS image can cause an infinite loop when the...

5.5CVSS5.3AI score0.00118EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/19 12:0 a.m.27 views

CVE-2025-62821

Microsoft HEIF Image Extensions 1.2.22.0 has an out-of-bounds read because CHEIFItemInfoEntryGetDataSize can return success while leaving the reported data size as 0. This causes a caller to make a 1-byte allocation. Later, CopyPixels computes copysize = stride absroiheight but does not check the...

0.00445EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/18 12:31 p.m.2 views

EUVD-2025-208821

In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop triggered by zero-sized ATTRLIST We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service DoS condition. A malformed NTFS image can cause an infinite loop when an...

5.8AI score0.00118EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/02/10 9:17 a.m.4 views

Scrapy: python-scrapy: brotli: Python brotli decompression bomb DoS

Scrapy are vulnerable to a denial of service DoS attack due to a flaw in its brotli decompression implementation. The protection mechanism against decompression bombs fails to mitigate the brotli variant, allowing remote servers to crash clients with less than 80GB of available memory. This occur...

7.5CVSS5.8AI score0.00509EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/21 10:25 p.m.5 views

CVE-2026-21977

Vulnerability in the Oracle Zero Data Loss Recovery Appliance Software product of Oracle Zero Data Loss Recovery Appliance component: Security. Supported versions that are affected are 23.1.0-23.1.202509. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

3.1CVSS5.4AI score0.00164EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/21 12:31 a.m.6 views

EUVD-2026-3535

Vulnerability in the Oracle Zero Data Loss Recovery Appliance Software product of Oracle Zero Data Loss Recovery Appliance component: Security. Supported versions that are affected are 23.1.0-23.1.202509. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

3.1CVSS5.4AI score0.00164EPSS
Exploits0References2
NVD
NVD
added 2026/01/20 10:16 p.m.12 views

CVE-2026-21977

Vulnerability in the Oracle Zero Data Loss Recovery Appliance Software product of Oracle Zero Data Loss Recovery Appliance component: Security. Supported versions that are affected are 23.1.0-23.1.202509. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

3.1CVSS0.00164EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/20 9:56 p.m.2 views

CVE-2026-21977

Vulnerability in the Oracle Zero Data Loss Recovery Appliance Software product of Oracle Zero Data Loss Recovery Appliance component: Security. Supported versions that are affected are 23.1.0-23.1.202509. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

3.1CVSS7.1AI score0.00164EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/20 12:0 a.m.7 views

PT-2026-3724

Vulnerability in the Oracle Zero Data Loss Recovery Appliance Software product of Oracle Zero Data Loss Recovery Appliance component: Security. Supported versions that are affected are 23.1.0-23.1.202509. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

3.1CVSS5.4AI score0.00164EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/20 12:0 a.m.6 views

Oracle Zero Data Loss Recovery Appliance security vulnerabilities

The Oracle Zero Data Loss Recovery Appliance is a backup and management system developed by Oracle Corporation. There are security vulnerabilities in the Oracle Zero Data Loss Recovery Appliance Software version 23.1.0 through 23.1.202509. These vulnerabilities allow unverified attackers to acces...

3.1CVSS7.1AI score0.00164EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/07/02 9:2 a.m.2 views

kernel: tipc: fix kernel warning when sending SYN message

In the Linux kernel, the following vulnerability has been resolved: tipc: fix kernel warning when sending SYN message When sending a SYN message, this kernel stack trace is observed: ... 13.396352 RIP: 0010:copyfromiter+0xb4/0x550 ... 13.398494 Call Trace: 13.398630 13.398630 ? allocskb+0xed/0x1a...

5.5CVSS6.4AI score0.00217EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:30 a.m.3 views

SUSE CVE-2014-1684

The ASFReadObjectfileproperties function in modules/demux/asf/libasf.c in the ASF Demuxer in VideoLAN VLC Media Player before 2.1.3 allows remote attackers to cause a denial of service divide-by-zero error and crash via a zero minimum and maximum data packet size in an ASF file...

4.3CVSS8.7AI score0.05213EPSS
Exploits3References3
OSV
OSV
added 2022/12/23 5:15 p.m.1 views

DEBIAN-CVE-2022-47943

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is an out-of-bounds read and OOPS for SMB2WRITE, when there is a large length in the zero DataOffset case...

8.1CVSS6.7AI score0.03503EPSS
Exploits0References1
OSV
OSV
added 2022/12/23 5:15 p.m.2 views

UBUNTU-CVE-2022-47943

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is an out-of-bounds read and OOPS for SMB2WRITE, when there is a large length in the zero DataOffset case...

8.1CVSS6.7AI score0.03503EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2020/03/23 9:10 a.m.5 views

User Survey 2020 Report Shows Rapid Growth In Apache Pulsar Adoption

For the first time ever, the Apache Pulsar PMC team is publishing a user survey report. The 2020 Apache Pulsar User Survey Report reveals Pulsar's accelerating rate of global adoption, details how organizations are leveraging Pulsar to build real-time streaming applications, and highlights key...

5.8AI score
Exploits0
CNVD
CNVD
added 2017/03/30 12:0 a.m.5 views

Linux kernel security bypass vulnerability (CNVD-2017-05575)

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. The Linux kernel suffers from a security bypass vulnerability in which the program fails to detect the zero value of data. A local attacker can exploit this vulnerability by...

5.5CVSS6.7AI score0.00366EPSS
Exploits0References1
OSV
OSV
added 2016/11/28 3:59 a.m.2 views

DEBIAN-CVE-2016-8646

The hashaccept function in crypto/algifhash.c in the Linux kernel before 4.3.6 allows local users to cause a denial of service OOPS by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero bytes of data...

5.5CVSS6.3AI score0.00426EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2016/09/12 5:33 p.m.115 views

libarchive: Archive Entry with type 1 (hardlink), but has a non-zero data size file overwrite

A flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive's file system sandboxing, this issue could cause an application using libarchive to overwrite arbitrary files with arbitrary data from the archive...

7.5CVSS5.8AI score0.04707EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2016/01/13 12:0 a.m.9 views

PT-2016-7538 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.3.6 Description: The issue allows local users to cause a denial of service by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero bytes of data. This is related to the ha...

10CVSS7.2AI score0.80855EPSS
Exploits102References451
Rows per page
Query Builder