Total
8860 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-71001 | 1 Oneflow | 1 Oneflow | 2026-02-03 | 6.5 Medium |
| A segmentation violation in the flow.column_stack component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||||
| CVE-2025-71004 | 1 Oneflow | 1 Oneflow | 2026-02-03 | 6.5 Medium |
| A segmentation violation in the oneflow.logical_or component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||||
| CVE-2026-24852 | 2 Color, Internationalcolorconsortium | 2 Iccdev, Iccdev | 2026-02-03 | 6.1 Medium |
| iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, a heap buffer over-read when the strlen() function attempts to read a non-null-terminated buffer potentially leaking heap memory contents and causing application termination. This vulnerability affects users of the iccDEV library who process ICC color profiles. ICC Profile Injection vulnerabilities arise when user-controllable input is incorporated into ICC profile data or other structured binary blobs in an unsafe manner. Version 2.3.1.2 contains a fix for the issue. No known workarounds are available. | ||||
| CVE-2026-20973 | 1 Samsung | 2 Android, Mobile Devices | 2026-02-02 | 5.3 Medium |
| Out-of-bounds read in libimagecodec.quram.so prior to SMR Jan-2026 Release 1 allows remote attacker to access out-of-bounds memory. | ||||
| CVE-2026-1765 | 2026-02-02 | 5.6 Medium | ||
| A flaw was found in the `tracker-extract-mp3` component of GNOME localsearch. This vulnerability, a heap buffer overflow, occurs when processing specially crafted MP3 files. A remote attacker could exploit this by providing a malicious MP3 file, leading to a Denial of Service (DoS) where the application crashes. It may also potentially expose sensitive information from the system's memory. | ||||
| CVE-2026-1764 | 2026-02-02 | 5.6 Medium | ||
| A flaw was found in GNOME localsearch MP3 Extractor. When processing specially crafted MP3 files containing ID3v2.4 tags, a missing bounds check in the `extract_performers_tags` function can lead to a heap buffer overflow. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by triggering a read of unmapped memory. In some cases, it could also lead to information disclosure by reading visible heap data. | ||||
| CVE-2025-46316 | 1 Apple | 6 Ios, Ipados, Iphone Os and 3 more | 2026-01-30 | 4.3 Medium |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 26.1 and iPadOS 26.1, Pages 15.1, macOS Tahoe 26.1. Processing a maliciously crafted Pages document may result in unexpected termination or disclosure of process memory. | ||||
| CVE-2025-46306 | 1 Apple | 7 Ios, Ipad Os, Ipados and 4 more | 2026-01-30 | 5.5 Medium |
| The issue was addressed with improved bounds checks. This issue is fixed in macOS Tahoe 26, Keynote 15.1, iOS 26 and iPadOS 26. Processing a maliciously crafted Keynote file may disclose memory contents. | ||||
| CVE-2025-32460 | 1 Graphicsmagick | 1 Graphicsmagick | 2026-01-29 | 4 Medium |
| GraphicsMagick before 8e56520 has a heap-based buffer over-read in ReadJXLImage in coders/jxl.c, related to an ImportViewPixelArea call. | ||||
| CVE-2026-24826 | 1 Cadaver | 1 Turso3d | 2026-01-29 | N/A |
| Out-of-bounds Write, Divide By Zero, NULL Pointer Dereference, Use of Uninitialized Resource, Out-of-bounds Read, Reachable Assertion vulnerability in cadaver turso3d.This issue affects . | ||||
| CVE-2026-24873 | 1 Rinnegatamante | 1 Lpp-vita | 2026-01-29 | 7.8 High |
| Out-of-bounds Read vulnerability in Rinnegatamante lpp-vita.This issue affects lpp-vita: before lpp-vita r6. | ||||
| CVE-2026-24796 | 1 Cloverhackycolor | 1 Cloverbootloader | 2026-01-27 | N/A |
| Out-of-bounds Read vulnerability in CloverHackyColor CloverBootloader (MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma modules). This vulnerability is associated with program files regparse.C. This issue affects CloverBootloader: before 5162. | ||||
| CVE-2026-24818 | 1 Praydog | 1 Uevr | 2026-01-27 | N/A |
| Out-of-bounds Read vulnerability in praydog UEVR (dependencies/lua/src modules). This vulnerability is associated with program files lparser.C. This issue affects UEVR: before 1.05. | ||||
| CVE-2026-24820 | 1 Turanszkij | 1 Wickedengine | 2026-01-27 | N/A |
| Out-of-bounds Read vulnerability in turanszkij WickedEngine (WickedEngine/LUA modules). This vulnerability is associated with program files ldebug.C. This issue affects WickedEngine: before 0.71.705. | ||||
| CVE-2026-24821 | 1 Turanszkij | 1 Wickedengine | 2026-01-27 | N/A |
| Out-of-bounds Read vulnerability in turanszkij WickedEngine (WickedEngine/LUA modules). This vulnerability is associated with program files lparser.C. This issue affects WickedEngine: through 0.71.727. | ||||
| CVE-2025-41728 | 1 Beckhoff | 4 Beckhoff.device.manager.xar, Mdp Package, Twincat and 1 more | 2026-01-27 | 5.3 Medium |
| A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that cause an out-of-bounds read operation under certain circumstances due to ASLR and thereby potentially copy confidential information into a response. | ||||
| CVE-2025-39943 | 1 Linux | 1 Linux Kernel | 2026-01-27 | 7.1 High |
| In the Linux kernel, the following vulnerability has been resolved: ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_transfer If data_offset and data_length of smb_direct_data_transfer struct are invalid, out of bounds issue could happen. This patch validate data_offset and data_length field in recv_done. | ||||
| CVE-2025-46819 | 1 Redis | 1 Redis | 2026-01-27 | 6.3 Medium |
| Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted LUA script to read out-of-bound data or crash the server and subsequent denial of service. The problem exists in all versions of Redis with Lua scripting. This issue is fixed in version 8.2.2. To workaround this issue without patching the redis-server executable is to prevent users from executing Lua scripts. This can be done using ACL to block a script by restricting both the EVAL and FUNCTION command families. | ||||
| CVE-2022-50490 | 1 Linux | 1 Linux Kernel | 2026-01-27 | 7.1 High |
| In the Linux kernel, the following vulnerability has been resolved: bpf: Propagate error from htab_lock_bucket() to userspace In __htab_map_lookup_and_delete_batch() if htab_lock_bucket() returns -EBUSY, it will go to next bucket. Going to next bucket may not only skip the elements in current bucket silently, but also incur out-of-bound memory access or expose kernel memory to userspace if current bucket_cnt is greater than bucket_size or zero. Fixing it by stopping batch operation and returning -EBUSY when htab_lock_bucket() fails, and the application can retry or skip the busy batch as needed. | ||||
| CVE-2025-38715 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2026-01-27 | 7.1 High |
| In the Linux kernel, the following vulnerability has been resolved: hfs: fix slab-out-of-bounds in hfs_bnode_read() This patch introduces is_bnode_offset_valid() method that checks the requested offset value. Also, it introduces check_and_correct_requested_length() method that checks and correct the requested length (if it is necessary). These methods are used in hfs_bnode_read(), hfs_bnode_write(), hfs_bnode_clear(), hfs_bnode_copy(), and hfs_bnode_move() with the goal to prevent the access out of allocated memory and triggering the crash. | ||||