Lucene search
+L

17554 matches found

SUSE CVE
SUSE CVE
added 2026/07/09 3:9 a.m.3 views

SUSE CVE-2026-14380

DBI versions before 1.650 for Perl are vulnerable to code injection via caller-influenced Profile. When a string is assigned to a DBI handle's Profile attribute, DBI splits it into path, package and arguments, and interpolates the package part in a string eval with no validation of the package...

7.3CVSS6.3AI score0.00498EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/07/09 3:9 a.m.8 views

SUSE CVE-2026-14740

DBI versions before 1.650 for Perl read one byte out-of-bounds in preparse when deleting an initial SQL comment. The preparse method normalises SQL and removes comments. When the SQL starts with a comment line, the deletion of that line during normalisation led to an out-of-bounds read by one byt...

6.5CVSS6.1AI score0.00407EPSS
Exploits0References4
Fedora
Fedora
added 2026/07/09 1:8 a.m.8 views

[SECURITY] Fedora 43 Update: perl-CSS-Minifier-XS-0.15-1.fc43

'CSS::Minifier::XS' is a CSS "minifier". It's designed to remove unnecessary white-space and comments from CSS files, while also not breaking the CSS. 'CSS::Minifier::XS' is similar in function to 'CSS::Minifier', but is substantially faster as it's written in XS and not just pure Perl...

6.5CVSS5.9AI score0.00238EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/07/09 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-14454

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Imager versions before 1.033 for Perl treat unsigned EXIF IFD entry counts as signed. Imager mishandled large EXIF IFD entry count values, treating them as...

9.8CVSS6.2AI score0.00394EPSS
Exploits0References3
NVD
NVD
added 2026/07/08 3:16 p.m.7 views

CVE-2026-49146

App::Ack versions before 3.10.0 for Perl allow memory exhaustion via an unbounded context value in a project .ackrc. ack searches up the directory hierarchy from the current directory for a project .ackrc and loads its options. The -B and -C context options accepted any positive integer, and ack...

7.5CVSS0.0038EPSS
Exploits0References3
NVD
NVD
added 2026/07/08 3:16 p.m.7 views

CVE-2026-49147

App::Ack versions through 3.10.0 for Perl print unsanitised terminal escape sequences from filenames in several output modes. When ack prints a filename whose basename contains terminal control bytes such as ANSI escape sequences, those bytes reach the terminal unchanged. Version 3.10.0 added a...

7.5CVSS0.00329EPSS
Exploits0References2
OSV
OSV
added 2026/07/08 3:16 p.m.1 views

UBUNTU-CVE-2026-49145

App::Ack versions through 3.10.0 for Perl read arbitrary files via --files-from in a project .ackrc. ack searches up the directory hierarchy from the current directory for a project .ackrc and loads its options. The project-source option blocklist in App::Ack::ConfigLoader does not include...

7.5CVSS6.2AI score0.00329EPSS
Exploits0References3
OSV
OSV
added 2026/07/08 3:16 p.m.5 views

UBUNTU-CVE-2026-49147

App::Ack versions through 3.10.0 for Perl print unsanitised terminal escape sequences from filenames in several output modes. When ack prints a filename whose basename contains terminal control bytes such as ANSI escape sequences, those bytes reach the terminal unchanged. Version 3.10.0 added a...

7.5CVSS6.1AI score0.00329EPSS
Exploits0References3
OSV
OSV
added 2026/07/08 3:16 p.m.3 views

UBUNTU-CVE-2026-49146

App::Ack versions before 3.10.0 for Perl allow memory exhaustion via an unbounded context value in a project .ackrc. ack searches up the directory hierarchy from the current directory for a project .ackrc and loads its options. The -B and -C context options accepted any positive integer, and ack...

7.5CVSS6.1AI score0.0038EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/08 2:55 p.m.35 views

CVE-2026-49147 App::Ack versions through 3.10.0 for Perl print unsanitised terminal escape sequences from filenames in several output modes

App::Ack versions through 3.10.0 for Perl print unsanitised terminal escape sequences from filenames in several output modes. When ack prints a filename whose basename contains terminal control bytes such as ANSI escape sequences, those bytes reach the terminal unchanged. Version 3.10.0 added a...

0.00329EPSS
Exploits0References1
CVE
CVE
added 2026/07/08 2:55 p.m.20 views

CVE-2026-49147

App::Ack for Perl, up to version 3.10.0, is affected by a vulnerability where terminal control bytes in filenames can be emitted un-sanitised in several output modes. The root cause is that while a _safe_filename helper was added in 3.10.0 to sanitise filenames for -f, -g, the colored match headi...

7.5CVSS5.9AI score0.00329EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/08 2:55 p.m.5 views

EUVD-2026-42274

App::Ack versions before 3.10.0 for Perl allow memory exhaustion via an unbounded context value in a project .ackrc. ack searches up the directory hierarchy from the current directory for a project .ackrc and loads its options. The -B and -C context options accepted any positive integer, and ack...

7.5CVSS6.1AI score0.0038EPSS
Exploits0References2
CVE
CVE
added 2026/07/08 2:55 p.m.38 views

CVE-2026-49146

CVE-2026-49146 affects App::Ack for Perl prior to 3.10.0. A project .ackrc can set --before-context to an unbounded positive integer, causing ack to allocate a before-context buffer of that size and trigger memory exhaustion. Public descriptions specify the attack path: ack searches upward for a ...

7.5CVSS6.1AI score0.0038EPSS
Exploits0References3
OSV
OSV
added 2026/07/08 2:55 p.m.3 views

CVE-2026-49146 App::Ack versions before 3.10.0 for Perl allow memory exhaustion via an unbounded context value in a project .ackrc

App::Ack versions before 3.10.0 for Perl allow memory exhaustion via an unbounded context value in a project .ackrc. ack searches up the directory hierarchy from the current directory for a project .ackrc and loads its options. The -B and -C context options accepted any positive integer, and ack...

7.5CVSS6.1AI score0.0038EPSS
Exploits0References7
AlpineLinux
AlpineLinux
added 2026/07/08 2:55 p.m.9 views

CVE-2026-49145

App::Ack versions through 3.10.0 for Perl read arbitrary files via --files-from in a project .ackrc. ack searches up the directory hierarchy from the current directory for a project .ackrc and loads its options. The project-source option blocklist in App::Ack::ConfigLoader does not include...

7.5CVSS6AI score0.00329EPSS
Exploits0
OSV
OSV
added 2026/07/08 2:55 p.m.3 views

CVE-2026-49145 App::Ack versions through 3.10.0 for Perl read arbitrary files via --files-from in a project .ackrc

App::Ack versions through 3.10.0 for Perl read arbitrary files via --files-from in a project .ackrc. ack searches up the directory hierarchy from the current directory for a project .ackrc and loads its options. The project-source option blocklist in App::Ack::ConfigLoader does not include...

7.5CVSS6.2AI score0.00329EPSS
Exploits0References6
OSV
OSV
added 2026/07/08 1:16 p.m.2 views

DEBIAN-CVE-2026-14454

Imager versions before 1.033 for Perl treat unsigned EXIF IFD entry counts as signed. Imager mishandled large EXIF IFD entry count values, treating them as negative numbers. This could lead to an attempt to allocate a block nearly the size of the address space, which fails and kills the process. ...

9.8CVSS6.1AI score0.00394EPSS
Exploits0References1
NVD
NVD
added 2026/07/08 1:16 p.m.9 views

CVE-2026-14454

Imager versions before 1.033 for Perl treat unsigned EXIF IFD entry counts as signed. Imager mishandled large EXIF IFD entry count values, treating them as negative numbers. This could lead to an attempt to allocate a block nearly the size of the address space, which fails and kills the process. ...

9.8CVSS0.00394EPSS
Exploits0References3
OSV
OSV
added 2026/07/08 1:16 p.m.3 views

UBUNTU-CVE-2026-14454

Imager versions before 1.033 for Perl treat unsigned EXIF IFD entry counts as signed. Imager mishandled large EXIF IFD entry count values, treating them as negative numbers. This could lead to an attempt to allocate a block nearly the size of the address space, which fails and kills the process. ...

9.8CVSS6.1AI score0.00394EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/07/08 12:30 p.m.6 views

CVE-2026-14454

Imager versions before 1.033 for Perl treat unsigned EXIF IFD entry counts as signed. Imager mishandled large EXIF IFD entry count values, treating them as negative numbers. This could lead to an attempt to allocate a block nearly the size of the address space, which fails and kills the process. ...

9.8CVSS6AI score0.00394EPSS
Exploits0
Rows per page
Query Builder