|
1
|
5.3
-
|
MEDIUM
Network
|
In PHP versions 8.2.* before 8.2.32, 8.3.* before 8.3.32, 8.4.* before 8.4.23, 8.5.* before 8.5.8, the AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw. Th…
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-14355
|
cpe:2.3:o:debian:debian_linux:12.0:*
|
|
|
|
|
2026-07-9 05:11
2026-07-4
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2
|
5.3
-
|
MEDIUM
Network
|
GNU SASL before 2.2.4 lacks sanitization of a short challenge in _gsasl_ntlm_client_step in the NTLM client, which could result in memory disclosure via a crafted server.
|
CWE-839 CWE-908
Numeric Range Comparison Without Minimum Check Use of Uninitialized Resource
|
CVE-2026-56968
|
cpe:2.3:o:debian:debian_linux:13.0:*
|
|
|
|
|
2026-06-30 08:00
2026-06-24
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3
|
7.5
-
|
HIGH
Network
|
Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's mod_http leads to denial of service via malicious HTTP requests.
This issue affects Apache HTTP Server: from 2.4.17 …
|
CWE-789
Memory Allocation with Excessive Size Value
|
CVE-2026-49975
|
cpe:2.3:o:debian:debian_linux:11.0:*
|
|
|
|
|
2026-06-11 04:36
2026-06-9
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4
|
7.8
-
|
HIGH
Local
|
A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. T…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-4775
|
cpe:2.3:o:debian:debian_linux:11.0:*
|
|
|
|
|
2026-04-22 01:34
2026-03-25
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5
|
7.8
-
|
HIGH
Local
|
AWStats 8.0 is vulnerable to Command Injection via the open function
|
CWE-78
OS Command
|
CVE-2025-63261
|
cpe:2.3:o:debian:debian_linux:11.0:*
|
|
|
|
|
2026-04-8 01:08
2026-03-21
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
6
|
7.5
-
|
HIGH
Network
|
eprosima Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to 2.6.11, 2.14.6, 3.2.4, 3.3.1, and 3.4.1, when the security mod…
|
CWE-190 CWE-789
Integer Overflow or Wraparound Memory Allocation with Excessive Size Value
|
CVE-2025-62600
|
cpe:2.3:o:debian:debian_linux:13.0:* cpe:2.3:o:debian:debian_linux:12.0:* cpe:2.3:o:debian:debian_linux:11.0:*
|
|
|
|
|
2026-04-15 01:16
2026-02-4
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
7
|
7.5
-
|
HIGH
Network
|
eprosima Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to 2.6.11, 2.14.6, 3.2.4, 3.3.1, and 3.4.1, when the security mod…
|
CWE-190 CWE-789
Integer Overflow or Wraparound Memory Allocation with Excessive Size Value
|
CVE-2025-62599
|
cpe:2.3:o:debian:debian_linux:13.0:* cpe:2.3:o:debian:debian_linux:12.0:* cpe:2.3:o:debian:debian_linux:11.0:*
|
|
|
|
|
2026-04-10 03:16
2026-02-4
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
8
|
8.1
-
|
HIGH
Network
|
An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variab…
|
CWE-787
Out-of-bounds Write
|
CVE-2025-27363
|
cpe:2.3:o:debian:debian_linux:11.0:*
|
|
|
|
|
2026-04-20 22:15
2025-03-11
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
9
|
6.8
-
|
MEDIUM
Network
|
A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occur…
|
-
|
CVE-2025-26465
|
cpe:2.3:o:debian:debian_linux:12.0:* cpe:2.3:o:debian:debian_linux:11.0:*
|
|
|
|
|
2025-03-6 03:54
2025-02-19
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
10
|
9.8
-
|
CRITICAL
Network
|
GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemux_parse_theora_extension within qtdemux.c. The vulnerability …
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2024-47606
|
cpe:2.3:o:debian:debian_linux:11.0:*
|
|
|
|
|
2024-12-19 06:35
2024-12-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|