Lucene search
K
AlpinelinuxRecent

13033 matches found

AlpineLinux
AlpineLinux
added 2026/04/13 9:43 p.m.4 views

CVE-2026-40312

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, an off by one error in the MSL decoder could result in a crash when a malicous MSL file is read. This issue has been fixed in version 7.1.2-19...

6.2CVSS5.7AI score0.00177EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/13 9:36 p.m.4 views

CVE-2026-40311

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions below 7.1.2-19 and 6.9.13-44 contain a heap use-after-free vulnerability that can cause a crash when reading and printing values from an invalid XMP profile. This issue has been fixed in versio...

5.5CVSS5.7AI score0.00184EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/13 9:32 p.m.3 views

CVE-2026-40310

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions below both 7.1.2-19 and 6.9.13-44, contain a heap out-of-bounds write in the JP2 encoder with when a user specifies an invalid sampling index. This issue has been fixed in versions 6.9.13-44 an...

5.5CVSS5.7AI score0.00189EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/13 9:28 p.m.12 views

CVE-2026-40183

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, the JXL encoder has an heap write overflow when a user specifies that the image should be encoded as 16 bit floats. This issue has been fixed in version 7.1.2-19...

5.5CVSS5.8AI score0.00187EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/13 9:25 p.m.4 views

CVE-2026-40169

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, a crafted image could result in an out of bounds heap write when writing a yaml or json output, resulting in a crash. This issue has been fixed in version 7.1.2-19...

6.2CVSS5.7AI score0.0018EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/13 9:14 p.m.9 views

CVE-2026-34238

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, an integer overflow in the despeckle operation causes a heap buffer overflow on 32-bit builds that will result in an out of bounds write. This issue has be...

5.5CVSS6AI score0.00148EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/13 9:6 p.m.2 views

CVE-2026-33908

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, Magick frees the memory of the XML tree via the DestroyXMLTree function; however, this process is executed recursively with no depth limit imposed. When...

7.5CVSS5.7AI score0.0051EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/13 9:2 p.m.3 views

CVE-2026-33905

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, the -sample operation has an out of bounds read when an specific offset is set through the sample:offset define that could lead to an out of bounds read...

7.1CVSS5.7AI score0.00194EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/13 8:59 p.m.37 views

CVE-2026-33902

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, a stack overflow vulnerability in ImageMagick's FX expression parser allows an attacker to crash the process by providing a deeply nested expression. This...

5.5CVSS5.8AI score0.00144EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/13 8:56 p.m.2 views

CVE-2026-33901

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, a heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image. This issue has been fixed in...

7.5CVSS6AI score0.00566EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/13 8:50 p.m.4 views

CVE-2026-33900

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, the viff encoder contains an integer truncation/wraparound issue on 32-bit builds that could trigger an out of bounds heap write, potentially causing a...

7.5CVSS5.7AI score0.00434EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/13 8:46 p.m.1 views

CVE-2026-33899

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-189 and 6.9.13-44, when Magick parses an XML file it is possible that a single zero byte is written out of the bounds. This issue has been fixed in versions 6.9.13-44 and 7.1.2-1...

5.3CVSS5.7AI score0.00428EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/13 5:49 p.m.3 views

CVE-2026-32316

jq is a command-line JSON processor. An integer overflow vulnerability exists through version 1.8.1 within the jvpstringappend and jvpstringcopyreplacebad functions, where concatenating strings with a combined length exceeding 2^31 bytes causes a 32-bit unsigned integer overflow in the buffer...

8.2CVSS6AI score0.00484EPSS
Exploits1References2
AlpineLinux
AlpineLinux
added 2026/04/13 4:45 p.m.16 views

CVE-2026-6192

A vulnerability was identified in uclouvain openjpeg up to 2.5.4. This impacts the function opjpiinitialiseencode in the library src/lib/openjp2/pi.c. The manipulation leads to integer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. The...

4.8CVSS5.4AI score0.00112EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/13 12:0 a.m.14 views

CVE-2026-30998

An improper resource deallocation and closure vulnerability in the tools/zmqsend.c component of FFmpeg v8.0.1 allows attackers to cause a Denial of Service DoS via supplying a crafted input file...

7.5CVSS5.3AI score0.004EPSS
Exploits1References3
AlpineLinux
AlpineLinux
added 2026/04/13 12:0 a.m.6 views

CVE-2026-30999

A heap buffer overflow in the avbprintfinalize function of FFmpeg v8.0.1 allows attackers to cause a Denial of Service DoS via a crafted input...

7.5CVSS5.6AI score0.00452EPSS
Exploits1References4
AlpineLinux
AlpineLinux
added 2026/04/13 12:0 a.m.5 views

CVE-2026-33555

An issue was discovered in HAProxy before 3.3.6. The HTTP/3 parser does not check that the received body length matches a previously announced content-length when the stream is closed via a frame with an empty payload. This can cause desynchronization issues with the backend server and could be...

5.8CVSS5.8AI score0.00297EPSS
Exploits1References5
AlpineLinux
AlpineLinux
added 2026/04/13 12:0 a.m.4 views

CVE-2026-30997

An out-of-bounds read in the readglobalparam function libavcodec/av1dec.c of FFmpeg v8.0.1 allows attackers to cause a Denial of Service DoS via a crafted input...

7.5CVSS5.2AI score0.00337EPSS
Exploits1References2
AlpineLinux
AlpineLinux
added 2026/04/12 6:49 p.m.2 views

CVE-2026-40393

In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an untrusted party, and is then used for alloca...

9.8CVSS6.2AI score0.00427EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/04/12 6:19 p.m.3 views

CVE-2026-40386

In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs...

7.1CVSS6.2AI score0.0014EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/12 6:16 p.m.7 views

CVE-2026-40385

In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or information leaks. This only affects 32bit systems...

7.1CVSS6.3AI score0.00094EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/11 12:59 p.m.7 views

CVE-2026-32146

Improper path validation vulnerability in the Gleam compiler's handling of git dependencies allows arbitrary file system modification during dependency download. Dependency names from gleam.toml and manifest.toml are incorporated into filesystem paths without sufficient validation or confinement ...

8.3CVSS6AI score0.00239EPSS
Exploits1References6
AlpineLinux
AlpineLinux
added 2026/04/11 12:29 a.m.7 views

CVE-2026-40354

Flatpak xdg-desktop-portal before 1.20.4 and 1.21.x before 1.21.1 allows any Flatpak app to trash any file in the host context via a symlink attack on gfiletrash...

6.3CVSS5.2AI score0.00128EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2026/04/10 9:49 p.m.2 views

CVE-2026-40199

Net::CIDR::Lite versions before 0.23 for Perl mishandles IPv4 mapped IPv6 addresses, which may allow IP ACL bypass. packipv6 includes the sentinel byte from packipv4 when building the packed representation of IPv4 mapped addresses like ::ffff:192.168.1.1. This produces an 18 byte value instead of...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/04/10 9:42 p.m.1 views

CVE-2026-40198

Net::CIDR::Lite versions before 0.23 for Perl does not validate IPv6 group count, which may allow IP ACL bypass. packipv6 does not check that uncompressed IPv6 addresses without :: have exactly 8 hex groups. Inputs like "abcd", "1:2:3", or "1:2:3:4:5:6:7" are accepted and produce packed values of...

7.5CVSS6.6AI score0.00309EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/04/10 8:24 p.m.4 views

CVE-2026-40194

phpseclib is a PHP secure communications library. Starting in 0.1.1 and prior to 3.0.51, 2.0.53, and 1.0.28, phpseclib\Net\SSH2::getbinarypacket uses PHP's != operator to compare a received SSH packet HMAC against the locally computed HMAC. != on equal-length binary strings in PHP uses memcmp,...

3.7CVSS5.4AI score0.00334EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/10 9:0 a.m.3 views

CVE-2026-6042

A security flaw has been discovered in musl libc up to 1.2.6. Affected is the function iconv of the file src/locale/iconv.c of the component GB18030 4-byte Decoder. Performing a manipulation results in inefficient algorithmic complexity. The attack must be initiated from a local position. To fix...

4.8CVSS5.4AI score0.00227EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2026/04/10 5:6 a.m.5 views

CVE-2026-5477

An integer overflow existed in the wolfCrypt CMAC implementation, that could be exploited to forge CMAC tags. The function wcCmacUpdate used the guard if cmac-totalSz != 0 to skip XOR-chaining on the first block where digest is all-zeros and the XOR is a no-op. However, totalSz is word32 and wrap...

8.2CVSS5.3AI score0.0042EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/10 3:24 a.m.5 views

CVE-2026-5188

An integer underflow issue exists in wolfSSL when parsing the Subject Alternative Name SAN extension of X.509 certificates. A malformed certificate can specify an entry length larger than the enclosing sequence, causing the internal length counter to wrap during parsing. This results in incorrect...

8.1CVSS5.3AI score0.00135EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/10 3:10 a.m.5 views

CVE-2026-5500

wolfSSL's wcPKCS7DecodeAuthEnvelopedData does not properly sanitize the AES-GCM authentication tag length received and has no lower bounds check. A man-in-the-middle can therefore truncate the mac field from 16 bytes to 1 byte, reducing the tag check from 2⁻¹²⁸ to 2⁻⁸...

8.7CVSS5.2AI score0.00355EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/10 3:7 a.m.5 views

CVE-2026-5501

wolfSSLX509verifycert in the OpenSSL compatibility layer accepts a certificate chain in which the leaf's signature is not checked, if the attacker supplies an untrusted intermediate with Basic Constraints CA:FALSE that is legitimately signed by a trusted root. An attacker who obtains any leaf...

8.6CVSS5.5AI score0.00184EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/10 3:0 a.m.4 views

CVE-2026-5466

wolfSSL's ECCSI signature verifier wcVerifyEccsiHash decodes the r and s scalars from the signature blob via mpreadunsignedbin with no check that they lie in 1, q-1. A crafted forged signature could verify against any message for any identity, using only publicly-known constants...

8.1CVSS5.2AI score0.00147EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/10 2:38 a.m.5 views

CVE-2026-5479

In wolfSSL's EVP layer, the ChaCha20-Poly1305 AEAD decryption path in wolfSSLEVPCipherFinal and related EVP cipher finalization functions fails to verify the authentication tag before returning plaintext to the caller. When an application uses the EVP API to perform ChaCha20-Poly1305 decryption,...

8.1CVSS5.3AI score0.00152EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/10 12:0 a.m.2 views

CVE-2026-40200

An issue was discovered in musl libc 0.7.10 through 1.2.6. Stack-based memory corruption can occur during qsort of very large arrays, due to incorrectly implemented double-word primitives. The number of elements must exceed about seven million, i.e., the 32nd Leonardo number on 32-bit platforms o...

8.1CVSS5.8AI score0.00128EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/09 11:29 p.m.9 views

CVE-2026-5460

A heap use-after-free exists in wolfSSL's TLS 1.3 post-quantum cryptography PQC hybrid KeyShare processing. In the error handling path of TLSXKeyShareProcessPqcHybridClient in src/tls.c, the inner function TLSXKeyShareProcessPqcClientex frees a KyberKey object upon encountering an error. The call...

6.5CVSS5.4AI score0.00275EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/09 11:18 p.m.14 views

CVE-2026-5448

X.509 date buffer overflow in wolfSSLX509notAfter / wolfSSLX509notBefore. A buffer overflow may occur when parsing date fields from a crafted X.509 certificate via the compatibility layer API. This is only triggered when calling these two APIs directly from an application, and does not affect TLS...

4.3CVSS5.6AI score0.00122EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/09 11:10 p.m.12 views

CVE-2026-5392

Heap out-of-bounds read in PKCS7 parsing. A crafted PKCS7 message can trigger an OOB read on the heap. The missing bounds check is in the indefinite-length end-of-content verification loop in PKCS7VerifySignedData...

5.4CVSS5.2AI score0.00159EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/09 11:2 p.m.6 views

CVE-2026-5393

Dual-Algorithm CertificateVerify out-of-bounds read. When processing a dual-algorithm CertificateVerify message, an out-of-bounds read can occur on crafted input. This can only occur when --enable-experimental and --enable-dual-alg-certs is used when building wolfSSL...

9.1CVSS5.2AI score0.00194EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/04/09 10:53 p.m.10 views

CVE-2026-5295

A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wcPKCS7DecryptOri function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData message containing an OtherRecipientInfo ORI recipient, the function copies an ASN.1-parsed OID into a fixed 32-byte stack buffer...

8CVSS5.7AI score0.00175EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/09 10:35 p.m.13 views

CVE-2026-5503

In TLSXEchChangeSNI, the ctx-extensions branch set extensions unconditionally even when TLSXFind returned NULL. This caused TLSXUseSNI to attach the attacker-controlled publicName to the shared WOLFSSLCTX when no inner SNI was configured. TLSXEchRestoreSNI then failed to clean it up because its...

9.1CVSS5.2AI score0.00393EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/09 10:33 p.m.6 views

CVE-2026-5504

A padding oracle exists in wolfSSL's PKCS7 CBC decryption that could allow an attacker to recover plaintext through repeated decryption queries with modified ciphertext. In previous versions of wolfSSL the interior padding bytes are not validated...

6.3CVSS5.3AI score0.00111EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/09 10:18 p.m.5 views

CVE-2026-5507

When restoring a session from cache, a pointer from the serialized session data is used in a free operation without validation. An attacker who can poison the session cache could trigger an arbitrary free. Exploitation requires the ability to inject a crafted session into the cache and for the...

4.1CVSS5.5AI score0.00172EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/09 9:50 p.m.4 views

CVE-2026-5772

A 1-byte stack buffer over-read was identified in the MatchDomainName function src/internal.c during wildcard hostname validation when the LEFTMOSTWILDCARDONLY flag is active. If a wildcard exhausts the entire hostname string, the function reads one byte past the buffer without a bounds check,...

5.3CVSS5.4AI score0.00228EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/09 9:45 p.m.11 views

CVE-2026-5778

Integer underflow in wolfSSL packet sniffer = 5.9.0 allows an attacker to cause a program crash in the AEAD decryption path by injecting a TLS record shorter than the explicit IV plus authentication tag into traffic inspected by sslDecodePacket. The underflow wraps a 16-bit length to a large valu...

6.5CVSS5.4AI score0.00225EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/09 9:43 p.m.11 views

CVE-2026-5264

Heap buffer overflow in DTLS 1.3 ACK message processing. A remote attacker can send a crafted DTLS 1.3 ACK message that triggers a heap buffer overflow...

9.8CVSS5.8AI score0.00446EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/09 9:15 p.m.15 views

CVE-2026-5263

URI nameConstraints from constrained intermediate CAs are parsed but not enforced during certificate chain verification in wolfcrypt/src/asn.c. A compromised or malicious sub-CA could issue leaf certificates with URI SAN entries that violate the nameConstraints of the issuing CA, and wolfSSL woul...

7CVSS5.3AI score0.00165EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/09 9:2 p.m.23 views

CVE-2026-5446

In wolfSSL, ARIA-GCM cipher suites used in TLS 1.2 and DTLS 1.2 reuse an identical 12-byte GCM nonce for every application-data record. Because wcAriaEncrypt is stateless and passes the caller-supplied IV verbatim to the MagicCrypto SDK with no internal counter, and because the explicit IV is...

7.1CVSS5.3AI score0.00264EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/09 9:2 p.m.8 views

CVE-2026-35206

Helm is a package manager for Charts for Kubernetes. In Helm versions =3.20.1 and =4.1.3, a specially crafted Chart will cause helm pull --untar chart URL | repo/chartname to write the Chart's contents to the immediate output directory as defaulted to the current working directory; or as given by...

4.8CVSS5.7AI score0.00199EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/04/09 8:13 p.m.5 views

CVE-2026-5447

Heap buffer overflow in CertFromX509 via AuthorityKeyIdentifier size confusion. A heap buffer overflow occurs when converting an X.509 certificate internally due to incorrect size handling of the AuthorityKeyIdentifier extension...

7.5CVSS5.6AI score0.00222EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/09 7:45 p.m.4 views

CVE-2026-5187

Two potential heap out-of-bounds write locations existed in DecodeObjectId in wolfcrypt/src/asn.c. First, a bounds check only validates one available slot before writing two OID arc values out0 and out1, enabling a 2-byte out-of-bounds write when outSz equals 1. Second, multiple callers pass...

9.8CVSS5.7AI score0.00283EPSS
Exploits0
Total number of security vulnerabilities13033