CVE-2022-50502 | Linux Kernel up to 5.4.220 mm /proc/pid/smaps_rollup null pointer dereference (WID-SEC-2025-2194)
This issue appears to be a false-positive. Please verify the sources mentioned and consider not using this entry at all.
Aggregator
CVE-2022-50501 | Linux Kernel up to 6.1.1 media dcoda_iram_alloc return value (EUVD-2025-32349 / WID-SEC-2025-2194)
1 month 1 week ago
A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.1.1. The affected element is the function dcoda_iram_alloc of the component media. Such manipulation leads to unchecked return value.
This vulnerability is documented as CVE-2022-50501. The attack requires being on the local network. There is not any exploit available.
It is advisable to upgrade the affected component.
vuldb.com
INC
1 month 1 week ago
You must login to view this content
cohenido
INC
1 month 1 week ago
You must login to view this content
cohenido
INC
1 month 1 week ago
You must login to view this content
cohenido
CVE-2026-3391 | FascinatedBox lily up to 2.3 src/lily_emitter.c clear_storages out-of-bounds (Issue 383 / EUVD-2026-9126)
1 month 1 week ago
A vulnerability described as problematic has been identified in FascinatedBox lily up to 2.3. Impacted is the function clear_storages of the file src/lily_emitter.c. The manipulation results in out-of-bounds read.
This vulnerability is identified as CVE-2026-3391. The attack is only possible with local access. Additionally, an exploit exists.
The project was informed of the problem early through an issue report but has not responded yet.
vuldb.com
CVE-2026-3393 | jarikomppa soloud up to 20200207 Audio File soloud_wav.cpp SoLoud::Wav::loadflac heap-based overflow (Issue 401 / EUVD-2026-9128)
1 month 1 week ago
A vulnerability classified as problematic was found in jarikomppa soloud up to 20200207. The impacted element is the function SoLoud::Wav::loadflac of the file src/audiosource/wav/soloud_wav.cpp of the component Audio File Handler. Such manipulation leads to heap-based buffer overflow.
This vulnerability is listed as CVE-2026-3393. The attack must be carried out locally. In addition, an exploit is available.
The project was informed of the problem early through an issue report but has not responded yet.
vuldb.com
Qilin
1 month 1 week ago
You must login to view this content
cohenido
Qilin
1 month 1 week ago
You must login to view this content
cohenido
Qilin
1 month 1 week ago
You must login to view this content
cohenido
Exposing a Fraudulent DPRK Candidate
1 month 1 week ago
Nisos
Exposing a Fraudulent DPRK Candidate
With DPRK IT worker schemes on the rise, Nisos exposed a fraudulent DPRK candidate posing as a U.S. AI architect, revealing stolen PII...
The post Exposing a Fraudulent DPRK Candidate appeared first on Nisos by Nisos
The post Exposing a Fraudulent DPRK Candidate appeared first on Security Boulevard.
Nisos
CVE-2025-3525 | GitLab Community Edition/Enterprise Edition up to 18.7.4/18.8.4/18.9.0 CI allocation of resources (Issue 535662 / Nessus ID 300112)
1 month 1 week ago
A vulnerability, which was classified as problematic, has been found in GitLab Community Edition and Enterprise Edition up to 18.7.4/18.8.4/18.9.0. Affected by this issue is some unknown functionality of the component CI. This manipulation causes allocation of resources.
This vulnerability is tracked as CVE-2025-3525. The attack is possible to be carried out remotely. No exploit exists.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2026-2845 | GitLab Community Edition/Enterprise Edition up to 18.7.4/18.8.4/18.9.0 allocation of resources (Nessus ID 300128)
1 month 1 week ago
A vulnerability classified as problematic was found in GitLab Community Edition and Enterprise Edition up to 18.7.4/18.8.4/18.9.0. The affected element is an unknown function. Executing a manipulation can lead to allocation of resources.
The identification of this vulnerability is CVE-2026-2845. The attack may be launched remotely. There is no exploit available.
Upgrading the affected component is advised.
vuldb.com
CVE-2026-1662 | GitLab Community Edition/Enterprise Edition up to 18.7.4/18.8.4/18.9.0 Jira Events Endpoint allocation of resources (Issue 588206 / Nessus ID 300129)
1 month 1 week ago
A vulnerability marked as problematic has been reported in GitLab Community Edition and Enterprise Edition up to 18.7.4/18.8.4/18.9.0. This affects an unknown function of the component Jira Events Endpoint. Performing a manipulation results in allocation of resources.
This vulnerability was named CVE-2026-1662. The attack may be initiated remotely. There is no available exploit.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2022-28042 | stb 2.27 stb_image.h stbi__jpeg_huff_decode use after free (Issue 1289 / Nessus ID 300133)
1 month 1 week ago
A vulnerability was found in stb 2.27. It has been classified as critical. This vulnerability affects the function stbi__jpeg_huff_decode of the file stb_image.h. Performing a manipulation results in use after free.
This vulnerability is known as CVE-2022-28042. Access to the local network is required for this attack. No exploit is available.
To fix this issue, it is recommended to deploy a patch.
vuldb.com
CVE-2026-27798 | ImageMagick up to 6.9.13-39/7.1.2-14 Image Parser out-of-bounds (Nessus ID 300130)
1 month 1 week ago
A vulnerability was found in ImageMagick up to 6.9.13-39/7.1.2-14. It has been classified as problematic. The impacted element is an unknown function of the component Image Parser. The manipulation leads to out-of-bounds read.
This vulnerability is traded as CVE-2026-27798. It is possible to initiate the attack remotely. There is no exploit available.
Upgrading the affected component is recommended.
vuldb.com
CVE-2026-1388 | GitLab Community Edition/Enterprise Edition up to 18.7.4/18.8.4/18.9.0 redos (Issue 587560 / Nessus ID 300132)
1 month 1 week ago
A vulnerability identified as problematic has been detected in GitLab Community Edition and Enterprise Edition up to 18.7.4/18.8.4/18.9.0. The affected element is an unknown function. This manipulation causes inefficient regular expression complexity.
This vulnerability is handled as CVE-2026-1388. The attack can be initiated remotely. There is not any exploit available.
You should upgrade the affected component.
vuldb.com
CVE-2021-42715 | stb up to 2.27 HDR Loader stb_image.h denial of service (Issue 1224 / Nessus ID 300133)
1 month 1 week ago
A vulnerability was found in stb up to 2.27. It has been classified as problematic. This issue affects some unknown processing of the file stb_image.h of the component HDR Loader. Performing a manipulation results in denial of service.
This vulnerability is identified as CVE-2021-42715. The attack can only be performed from the local network. There is not any exploit available.
To fix this issue, it is recommended to deploy a patch.
vuldb.com
CVE-2022-28041 | stb 2.27 stb_image.h stbi__jpeg_decode_block_prog_dc denial of service (Issue 1292 / Nessus ID 300133)
1 month 1 week ago
A vulnerability was found in stb 2.27 and classified as problematic. This affects the function stbi__jpeg_decode_block_prog_dc of the file stb_image.h. Such manipulation leads to denial of service.
This vulnerability is traded as CVE-2022-28041. Access to the local network is required for this attack to succeed. There is no exploit available.
A patch should be applied to remediate this issue.
vuldb.com
CVE-2021-37789 | stb 2.27 stb_image.h stbi__jpeg_load heap-based overflow (Issue 1178 / Nessus ID 300133)
1 month 1 week ago
A vulnerability marked as critical has been reported in stb 2.27. Impacted is the function stbi__jpeg_load of the file stb_image.h. Performing a manipulation results in heap-based buffer overflow.
This vulnerability is identified as CVE-2021-37789. The attack can only be performed from the local network. There is not any exploit available.
vuldb.com